www.thenewstribune.com Open in urlscan Pro
184.24.0.132 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.secure06an-xfinity.duckdns.org/
Effective URL:
https://www.thenewstribune.com/
Submission: On December 21 via automatic, source certstream-suspicious (December 21st 2022, 2:21:22 am UTC) — Scanned from DE

Summary HTTP 367 Redirects Links 44 Behaviour Indicators

Summary

This website contacted 84 IPs in 10 countries across 57 domains to perform 367 HTTP transactions. The main IP is 184.24.0.132, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.thenewstribune.com. The Cisco Umbrella rank of the primary domain is 223876.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on October 16th 2022. Valid for: a year.

This is the only time www.thenewstribune.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	68.183.188.96 68.183.188.96	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	166.108.36.245 166.108.36.245	6118 (MCCLATCHY...) (MCCLATCHY-CORP)
48	184.24.0.132 184.24.0.132	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1 11	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	15.236.176.210 15.236.176.210	16509 (AMAZON-02) (AMAZON-02)
8	2600:9000:249... 2600:9000:2491:c800:16:f649:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
13	13.32.99.38 13.32.99.38	16509 (AMAZON-02) (AMAZON-02)
2	13.32.121.60 13.32.121.60	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	107.23.160.177 107.23.160.177	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:82a::2010	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1b55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.130.132 151.101.130.132	54113 (FASTLY) (FASTLY)
3	13.36.218.177 13.36.218.177	16509 (AMAZON-02) (AMAZON-02)
1 1	46.137.71.247 46.137.71.247	16509 (AMAZON-02) (AMAZON-02)
2	34.249.28.111 34.249.28.111	16509 (AMAZON-02) (AMAZON-02)
2 3	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
14 17	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	2a03:2880:f14... 2a03:2880:f145:82:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
8	151.101.66.27 151.101.66.27	54113 (FASTLY) (FASTLY)
1	18.66.100.58 18.66.100.58	16509 (AMAZON-02) (AMAZON-02)
1	34.120.253.250 34.120.253.250	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	13.32.121.21 13.32.121.21	16509 (AMAZON-02) (AMAZON-02)
1	184.24.21.142 184.24.21.142	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	107.178.250.234 107.178.250.234	15169 (GOOGLE) (GOOGLE)
1	88.221.169.59 88.221.169.59	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.217.65.78 52.217.65.78	16509 (AMAZON-02) (AMAZON-02)
8	166.108.36.240 166.108.36.240	6118 (MCCLATCHY...) (MCCLATCHY-CORP)
2	2606:4700::68... 2606:4700::6812:106b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.97.43 18.66.97.43	16509 (AMAZON-02) (AMAZON-02)
11	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3	13.32.28.197 13.32.28.197	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	54.155.18.159 54.155.18.159	16509 (AMAZON-02) (AMAZON-02)
6	34.98.72.95 34.98.72.95	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	34.246.233.4 34.246.233.4	16509 (AMAZON-02) (AMAZON-02)
3	34.224.131.223 34.224.131.223	14618 (AMAZON-AES) (AMAZON-AES)
1	13.226.2.111 13.226.2.111	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	35.227.254.22 35.227.254.22	15169 (GOOGLE) (GOOGLE)
1	34.102.180.93 34.102.180.93	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.149.202.102 34.149.202.102	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223e:da00:5:82fd:2500:21	16509 (AMAZON-02) (AMAZON-02)
1	108.138.4.150 108.138.4.150	16509 (AMAZON-02) (AMAZON-02)
2	13.32.99.122 13.32.99.122	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:249... 2600:9000:2490:1200:11:b309:9100:21	16509 (AMAZON-02) (AMAZON-02)
1	52.216.221.81 52.216.221.81	16509 (AMAZON-02) (AMAZON-02)
1	3.236.169.96 3.236.169.96	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	34.107.191.194 34.107.191.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
9	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	34.111.234.236 34.111.234.236	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1 3	2600:9000:215... 2600:9000:2156:1600:e:ec66:e40:93a1	16509 (AMAZON-02) (AMAZON-02)
4	44.209.218.223 44.209.218.223	14618 (AMAZON-AES) (AMAZON-AES)
1	46.51.201.242 46.51.201.242	16509 (AMAZON-02) (AMAZON-02)
2	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
2	18.66.112.4 18.66.112.4	16509 (AMAZON-02) (AMAZON-02)
2	178.249.97.23 178.249.97.23	11054 (LIVEPERSON) (LIVEPERSON)
3	2600:9000:223... 2600:9000:223f:e00:12:1bf:30c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2 28	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	2600:9000:212... 2600:9000:2127:cc00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.111.8.32 34.111.8.32	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.102.193.48 34.102.193.48	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	35.166.34.221 35.166.34.221	16509 (AMAZON-02) (AMAZON-02)
3	16.170.180.228 16.170.180.228	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
6	178.249.97.99 178.249.97.99	11054 (LIVEPERSON) (LIVEPERSON)
7	178.249.101.98 178.249.101.98	11054 (LIVEPERSON) (LIVEPERSON)
2	52.57.182.252 52.57.182.252	16509 (AMAZON-02) (AMAZON-02)
1	208.89.15.170 208.89.15.170	() ()
367	84

1 68.183.188.96 (Singapore) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

www.secure06an-xfinity.duckdns.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 166.108.36.245 (United States) 1 redirects

ASN6118 (MCCLATCHY-CORP, US)
PTR: vnet831.ejoco.com

thenewstribune.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 184.24.0.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-0-132.deploy.static.akamaitechnologies.com

www.thenewstribune.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.thenewstribune.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.fresnobee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.bellinghamherald.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.mcclatchy-wires.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.236.176.210 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

adobedc.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:2491:c800:16:f649:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

n817.thenewstribune.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 13.32.99.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-38.fra60.r.cloudfront.net

cf-images.us-east-1.prod.boltdns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-60.fra60.r.cloudfront.net

htlbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.23.160.177 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-160-177.compute-1.amazonaws.com

mcclatchy.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1b55 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.132 (United States)

ASN54113 (FASTLY, US)

api.lab.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

edge.adobedc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.137.71.247 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-46-137-71-247.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.249.28.111 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-28-111.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 151.101.130.49 (United States) 14 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lasteventf-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f145:82:face:b00c:0:25de (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.66.27 (United States)

ASN54113 (FASTLY, US)

edge.api.brightcove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.100.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-100-58.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.253.250 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 250.253.120.34.bc.googleusercontent.com

tag.wknd.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-21.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.24.21.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-21-142.deploy.static.akamaitechnologies.com

www.everestjs.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.250.234 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com

js.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.221.169.59 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-169-59.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.65.78 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 166.108.36.240 (United States)

ASN6118 (MCCLATCHY-CORP, US)
PTR: vnet846.ejoco.com

publicapi.misitemgr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:106b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-43.fra56.r.cloudfront.net

launchpad-wrapper.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.28.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-28-197.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.155.18.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-18-159.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.98.72.95 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 95.72.98.34.bc.googleusercontent.com

assets.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.246.233.4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-233-4.eu-west-1.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.224.131.223 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-131-223.compute-1.amazonaws.com

www.i.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.2.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-2-111.tlv50.r.cloudfront.net

launchpad.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.254.22 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 22.254.227.35.bc.googleusercontent.com

data.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.180.93 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 93.180.102.34.bc.googleusercontent.com

page.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.202.102 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 102.202.149.34.bc.googleusercontent.com

view.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:da00:5:82fd:2500:21 (United States)

ASN16509 (AMAZON-02, US)

dyv1bugovvq1g.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.4.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-150.fra56.r.cloudfront.net

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-122.fra60.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2490:1200:11:b309:9100:21 (United States)

ASN16509 (AMAZON-02, US)

d15kdpgjg3unno.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.221.81 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

ams-pageview-public.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.236.169.96 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-236-169-96.compute-1.amazonaws.com

sqs.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.191.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.191.107.34.bc.googleusercontent.com

ids.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.234.236 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 236.234.111.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2156:1600:e:ec66:e40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cdn.keywee.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 44.209.218.223 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-218-223.compute-1.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.51.201.242 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-51-201-242.eu-west-1.compute.amazonaws.com

secure-us.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)

edge.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.112.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-4.fra56.r.cloudfront.net

cdn.p-n.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.97.23 (United States)

ASN11054 (LIVEPERSON, US)

lptag.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223f:e00:12:1bf:30c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn-prod.securiti.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:cc00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.8.32 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 32.8.111.34.bc.googleusercontent.com

api.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.193.48 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 48.193.102.34.bc.googleusercontent.com

e.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.166.34.221 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-166-34-221.us-west-2.compute.amazonaws.com

app.securiti.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 16.170.180.228 (Stockholm, Sweden)

ASN16509 (AMAZON-02, US)
PTR: ec2-16-170-180-228.eu-north-1.compute.amazonaws.com

protected-by.clarium.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.249.97.99 (United States)

ASN11054 (LIVEPERSON, US)
PTR: lo-accdn.lpsnmedia.net

accdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 178.249.101.98 (United States)

ASN11054 (LIVEPERSON, US)
PTR: am-lpcdn.lpsnmedia.net

lpcdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.182.252 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-182-252.eu-central-1.compute.amazonaws.com

k.p-n.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.89.15.170 (None, )

ASN- ()

va.idp.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	thenewstribune.com 1 redirects thenewstribune.com — Cisco Umbrella Rank: 203440 www.thenewstribune.com — Cisco Umbrella Rank: 223876 media.thenewstribune.com — Cisco Umbrella Rank: 790527 n817.thenewstribune.com — Cisco Umbrella Rank: 617133	1 MB
41	googlesyndication.com 2 redirects edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 139	555 KB
22	doubleclick.net 2 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 208 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 192 pubads.g.doubleclick.net — Cisco Umbrella Rank: 404 googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 stats.g.doubleclick.net — Cisco Umbrella Rank: 77	249 KB
18	everesttech.net 15 redirects cm.everesttech.net — Cisco Umbrella Rank: 954 sync-tm.everesttech.net — Cisco Umbrella Rank: 534 lasteventf-tm.everesttech.net — Cisco Umbrella Rank: 6926	5 KB
14	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn1.gstatic.com	441 KB
14	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 72	2 KB
13	lpsnmedia.net accdn.lpsnmedia.net — Cisco Umbrella Rank: 3366 lpcdn.lpsnmedia.net — Cisco Umbrella Rank: 3723	411 KB
13	boltdns.net cf-images.us-east-1.prod.boltdns.net — Cisco Umbrella Rank: 5197	2 MB
10	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37 imasdk.googleapis.com — Cisco Umbrella Rank: 405 storage.googleapis.com — Cisco Umbrella Rank: 415	1017 KB
8	misitemgr.com publicapi.misitemgr.com — Cisco Umbrella Rank: 57666	66 KB
8	brightcove.com edge.api.brightcove.com — Cisco Umbrella Rank: 5285	28 KB
7	bounceexchange.com assets.bounceexchange.com — Cisco Umbrella Rank: 1895 api.bounceexchange.com — Cisco Umbrella Rank: 2106	212 KB
6	securiti.ai cdn-prod.securiti.ai — Cisco Umbrella Rank: 19054 app.securiti.ai — Cisco Umbrella Rank: 26870	113 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 188	234 KB
5	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 971	3 KB
5	matheranalytics.com 1 redirects js.matheranalytics.com — Cisco Umbrella Rank: 10226 www.i.matheranalytics.com — Cisco Umbrella Rank: 9916	44 KB
4	p-n.io cdn.p-n.io — Cisco Umbrella Rank: 4825 k.p-n.io — Cisco Umbrella Rank: 3041	52 KB
4	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 3226	7 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 296 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 503	49 KB
4	privacymanager.io launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 7316 launchpad.privacymanager.io — Cisco Umbrella Rank: 6447 geo.privacymanager.io — Cisco Umbrella Rank: 1638	11 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	601 B
3	clarium.io protected-by.clarium.io — Cisco Umbrella Rank: 1366	730 B
3	liveperson.net lptag.liveperson.net — Cisco Umbrella Rank: 3426 va.idp.liveperson.net	113 KB
3	keywee.co 1 redirects cdn.keywee.co — Cisco Umbrella Rank: 11774	9 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 8549 www.google.de — Cisco Umbrella Rank: 6041	1 KB
3	cdnbasket.net data.cdnbasket.net — Cisco Umbrella Rank: 4034 page.cdnbasket.net — Cisco Umbrella Rank: 4035 view.cdnbasket.net — Cisco Umbrella Rank: 4036	1014 B
3	amazonaws.com s3.amazonaws.com ams-pageview-public.s3.amazonaws.com — Cisco Umbrella Rank: 16493 sqs.us-east-1.amazonaws.com — Cisco Umbrella Rank: 5405	10 KB
3	adobedc.net edge.adobedc.net — Cisco Umbrella Rank: 7327	2 KB
3	demdex.net adobedc.demdex.net — Cisco Umbrella Rank: 9680 dpm.demdex.net — Cisco Umbrella Rank: 204	4 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	20 KB
2	quantserve.com edge.quantserve.com — Cisco Umbrella Rank: 15662 pixel.quantserve.com — Cisco Umbrella Rank: 666	10 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 51	95 KB
2	ml314.com ml314.com — Cisco Umbrella Rank: 1680	11 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 149	112 KB
2	cdnwidget.com ids.cdnwidget.com — Cisco Umbrella Rank: 3149 e.cdnwidget.com — Cisco Umbrella Rank: 8860	305 B
2	cloudfront.net dyv1bugovvq1g.cloudfront.net d15kdpgjg3unno.cloudfront.net	23 KB
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 1383	94 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 154	2 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 2773 p1.parsely.com — Cisco Umbrella Rank: 2076	24 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 513	2 KB
2	amplitude.com api.lab.amplitude.com — Cisco Umbrella Rank: 6457	153 B
2	blueconic.net mcclatchy.blueconic.net — Cisco Umbrella Rank: 49447	2 KB
2	htlbid.com htlbid.com — Cisco Umbrella Rank: 14049	121 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 868	1 KB
1	imrworldwide.com secure-us.imrworldwide.com — Cisco Umbrella Rank: 1754	597 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 267	17 KB
1	ntv.io s.ntv.io — Cisco Umbrella Rank: 3120	149 KB
1	everestjs.net www.everestjs.net — Cisco Umbrella Rank: 6223	3 KB
1	wknd.ai tag.wknd.ai — Cisco Umbrella Rank: 4730	39 KB
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 852	450 B
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 411	273 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 309	239 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 672	235 B
1	mcclatchy-wires.com www.mcclatchy-wires.com — Cisco Umbrella Rank: 109395	27 KB
1	bellinghamherald.com www.bellinghamherald.com — Cisco Umbrella Rank: 311534	44 KB
1	fresnobee.com www.fresnobee.com — Cisco Umbrella Rank: 192478	67 KB
1	duckdns.org 1 redirects www.secure06an-xfinity.duckdns.org	471 B
367	57

	Domain	Requested by
41	www.thenewstribune.com	www.thenewstribune.com
28	tpc.googlesyndication.com	2 redirects securepubads.g.doubleclick.net www.thenewstribune.com edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com tpc.googlesyndication.com
16	sync-tm.everesttech.net	14 redirects www.thenewstribune.com
13	cf-images.us-east-1.prod.boltdns.net	www.thenewstribune.com
11	securepubads.g.doubleclick.net	htlbid.com securepubads.g.doubleclick.net www.thenewstribune.com www.googletagservices.com edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com
11	www.google.com	1 redirects www.thenewstribune.com www.gstatic.com edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com tpc.googlesyndication.com
9	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.thenewstribune.com www.googletagservices.com
8	publicapi.misitemgr.com	www.thenewstribune.com
8	edge.api.brightcove.com	www.thenewstribune.com
8	n817.thenewstribune.com	www.thenewstribune.com n817.thenewstribune.com
7	lpcdn.lpsnmedia.net	lptag.liveperson.net
7	fonts.gstatic.com	fonts.googleapis.com
6	accdn.lpsnmedia.net	lptag.liveperson.net lpcdn.lpsnmedia.net
6	assets.bounceexchange.com	tag.wknd.ai assets.bounceexchange.com
5	www.googletagservices.com	www.thenewstribune.com edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com
5	jadserve.postrelease.com	s.ntv.io www.thenewstribune.com
5	imasdk.googleapis.com	www.thenewstribune.com imasdk.googleapis.com
4	tags.srv.stackadapt.com	www.thenewstribune.com tags.srv.stackadapt.com
4	edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net cdn.confiant-integrations.net
4	pubads.g.doubleclick.net	imasdk.googleapis.com
4	www.facebook.com	www.thenewstribune.com
4	media.thenewstribune.com	www.thenewstribune.com
4	fonts.googleapis.com	www.thenewstribune.com edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com tpc.googlesyndication.com
3	protected-by.clarium.io	edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com
3	app.securiti.ai	cdn-prod.securiti.ai
3	googleads.g.doubleclick.net	www.googletagmanager.com edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com
3	cdn-prod.securiti.ai	www.thenewstribune.com cdn-prod.securiti.ai
3	cdn.keywee.co	1 redirects cdn.keywee.co
3	www.i.matheranalytics.com	www.thenewstribune.com
3	adservice.google.com	imasdk.googleapis.com securepubads.g.doubleclick.net
3	c.amazon-adsystem.com	htlbid.com c.amazon-adsystem.com
3	cm.g.doubleclick.net	2 redirects www.thenewstribune.com
3	edge.adobedc.net	www.thenewstribune.com
3	www.gstatic.com	www.google.com edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com
2	k.p-n.io	cdn.p-n.io
2	encrypted-tbn1.gstatic.com	edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com
2	encrypted-tbn3.gstatic.com	edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com
2	www.google.de
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	lptag.liveperson.net	www.thenewstribune.com
2	cdn.p-n.io	www.thenewstribune.com cdn.p-n.io
2	www.googletagmanager.com	www.thenewstribune.com
2	ml314.com	www.thenewstribune.com ml314.com
2	connect.facebook.net	www.thenewstribune.com connect.facebook.net
2	geo.privacymanager.io	launchpad.privacymanager.io
2	cdn.confiant-integrations.net	htlbid.com cdn.confiant-integrations.net
2	js.matheranalytics.com	1 redirects www.thenewstribune.com
2	sb.scorecardresearch.com	www.thenewstribune.com
2	dsum-sec.casalemedia.com	1 redirects www.thenewstribune.com
2	dpm.demdex.net	www.thenewstribune.com
2	api.lab.amplitude.com	www.thenewstribune.com
2	mcclatchy.blueconic.net	n817.thenewstribune.com
2	htlbid.com	www.thenewstribune.com
1	va.idp.liveperson.net	lptag.liveperson.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	pixel.quantserve.com
1	e.cdnwidget.com
1	api.bounceexchange.com	assets.bounceexchange.com
1	rules.quantcount.com	edge.quantserve.com
1	edge.quantserve.com	www.thenewstribune.com
1	secure-us.imrworldwide.com
1	ids.cdnwidget.com	assets.bounceexchange.com
1	adservice.google.de	securepubads.g.doubleclick.net
1	sqs.us-east-1.amazonaws.com	d15kdpgjg3unno.cloudfront.net
1	ams-pageview-public.s3.amazonaws.com	www.thenewstribune.com
1	d15kdpgjg3unno.cloudfront.net	htlbid.com
1	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com
1	dyv1bugovvq1g.cloudfront.net	htlbid.com
1	view.cdnbasket.net	assets.bounceexchange.com
1	page.cdnbasket.net	assets.bounceexchange.com
1	data.cdnbasket.net	assets.bounceexchange.com
1	launchpad.privacymanager.io	launchpad-wrapper.privacymanager.io
1	lasteventf-tm.everesttech.net	www.everestjs.net
1	p1.parsely.com	www.thenewstribune.com
1	s0.2mdn.net	imasdk.googleapis.com
1	launchpad-wrapper.privacymanager.io	htlbid.com
1	s3.amazonaws.com	www.thenewstribune.com
1	s.ntv.io	www.thenewstribune.com
1	www.everestjs.net	www.thenewstribune.com
1	tag.wknd.ai	www.thenewstribune.com
1	cdn.parsely.com	www.thenewstribune.com
1	image2.pubmatic.com	www.thenewstribune.com
1	us-u.openx.net	www.thenewstribune.com
1	pixel.rubiconproject.com	www.thenewstribune.com
1	cm.everesttech.net	1 redirects
1	geolocation.onetrust.com	www.thenewstribune.com
1	storage.googleapis.com	www.thenewstribune.com
1	www.mcclatchy-wires.com	www.thenewstribune.com
1	www.bellinghamherald.com	www.thenewstribune.com
1	www.fresnobee.com	www.thenewstribune.com
1	adobedc.demdex.net	www.thenewstribune.com
1	thenewstribune.com	1 redirects
1	www.secure06an-xfinity.duckdns.org	1 redirects
367	93

This site contains links to these domains. Also see Links.

Domain
cookiesandyou.com
account.thenewstribune.com
subscribe.thenewstribune.com
liveedition.thenewstribune.com
www.legacy.com
myaccount.thenewstribune.com
thenewstribune.newspapers.com
go.mcclatchy.com
t.news.thenewstribune.com
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
games.thenewstribune.com
placement.memoriams.com
www.accesousa.com
classifieds.mcclatchy.com
jobs.thenewstribune.com
thenewstribune.com
www.mcclatchy.com
business.mcclatchy.com
placeclassifieds.mcclatchy.com
hiring.mcclatchy.com
www.winwithmcclatchy.com
privacy-central.securiti.ai

Subject Issuer	Validity	Valid
www.mcclatchydc.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-16` - `2023-10-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
adobedc.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-20` - `2023-11-20`	a year	crt.sh
n962.modbee.com Amazon RSA 2048 M02	`2022-11-25` - `2023-12-25`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.prod.boltdns.net Amazon	`2022-10-19` - `2023-11-18`	a year	crt.sh
htlbid.com Amazon	`2022-10-21` - `2023-11-19`	a year	crt.sh
*.blueconic.net Amazon	`2022-09-22` - `2023-10-21`	a year	crt.sh
storage.googleapis.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
*.lab.amplitude.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-05-24` - `2023-06-25`	a year	crt.sh
edge.adobedc.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-19` - `2023-11-19`	a year	crt.sh
brightcove.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-06-08` - `2023-07-10`	a year	crt.sh
*.parsely.com Amazon	`2022-06-05` - `2023-07-04`	a year	crt.sh
tag.wknd.ai R3	`2022-11-25` - `2023-02-23`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
www.everestjs.net DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.ntv.io DigiCert TLS RSA SHA256 2020 CA1	`2022-10-24` - `2023-10-26`	a year	crt.sh
s3.amazonaws.com Amazon	`2022-04-01` - `2023-03-30`	a year	crt.sh
*.misitemgr.com Entrust Certification Authority - L1K	`2022-08-16` - `2023-09-07`	a year	crt.sh
*.confiant-integrations.net E1	`2022-11-24` - `2023-02-22`	3 months	crt.sh
*.privacymanager.io Amazon	`2022-08-26` - `2023-09-24`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-11-07` - `2023-12-09`	a year	crt.sh
assets.bounceexchange.com GTS CA 1D4	`2022-11-29` - `2023-02-27`	3 months	crt.sh
*.postrelease.com Amazon	`2022-02-17` - `2023-03-18`	a year	crt.sh
www.i.matheranalytics.com Amazon	`2022-12-14` - `2024-01-13`	a year	crt.sh
data.cdnbasket.net GTS CA 1D4	`2022-11-25` - `2023-02-23`	3 months	crt.sh
page.cdnbasket.net GTS CA 1D4	`2022-11-25` - `2023-02-23`	3 months	crt.sh
view.cdnbasket.net GTS CA 1D4	`2022-11-25` - `2023-02-23`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
*.s3.amazonaws.com Amazon	`2022-09-21` - `2023-08-26`	a year	crt.sh
queue.amazonaws.com Amazon	`2022-08-19` - `2023-08-14`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
ids.cdnwidget.com R3	`2022-12-03` - `2023-03-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-29` - `2022-12-28`	3 months	crt.sh
ml314.com GTS CA 1D4	`2022-12-14` - `2023-03-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.srv.stackadapt.com Amazon	`2022-10-09` - `2023-11-07`	a year	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-04` - `2023-02-03`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
pushlycdn.com Amazon	`2022-02-14` - `2023-03-15`	a year	crt.sh
*.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2022-04-26` - `2023-04-26`	a year	crt.sh
app.securiti.ai Amazon	`2022-05-18` - `2023-06-16`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
quantserve.com R3	`2022-11-11` - `2023-02-09`	3 months	crt.sh
*.wunderkind.co R3	`2022-12-11` - `2023-03-11`	3 months	crt.sh
e.cdnwidget.com R3	`2022-11-10` - `2023-02-08`	3 months	crt.sh
*.anyword.com Amazon	`2022-07-05` - `2023-08-03`	a year	crt.sh
protected-by.clarium.io Amazon RSA 2048 M01	`2022-12-16` - `2024-01-14`	a year	crt.sh
www.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.lpsnmedia.net Sectigo RSA Organization Validation Secure Server CA	`2022-02-07` - `2023-02-07`	a year	crt.sh
*.p-n.io Amazon	`2022-01-10` - `2023-02-06`	a year	crt.sh
*.idp.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2022-06-09` - `2023-06-09`	a year	crt.sh

This page contains 33 frames:

Primary Page: https://www.thenewstribune.com/
Frame ID: 5384A79299A0A35992DFB7DA44548853
Requests: 216 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcCJGUUAAAAADAmkD2iQN_k8a6FCpgo2VBei6su&co=aHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&badge=inline&cb=bfaecaezytzw
Frame ID: BFB608683ADBE67292D053470DCFCA93
Requests: 1 HTTP requests in this frame

Frame: blob://https://www.thenewstribune.com/784f1ed3-b143-48f9-8a7e-70ce68e6f8f8
Frame ID: DF91F85D8D19E8822D3B126581580C86
Requests: 1 HTTP requests in this frame

Frame: blob://https://www.thenewstribune.com/fffe4227-de28-48d0-86e5-217c6c0dfb9f
Frame ID: 18FE100AACDCB83D8553231513513DA7
Requests: 3 HTTP requests in this frame

Frame: blob://https://www.thenewstribune.com/43a1a090-09ac-4d0f-ab15-9cf622597da6
Frame ID: 7E9570B9A2BB389EE1A58F7405489B5B
Requests: 3 HTTP requests in this frame

Frame: blob://https://www.thenewstribune.com/f3252290-1212-4d84-ad0e-af9f984ce822
Frame ID: 2D0C756BAD0B21A180520726062EFB68
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Frame ID: B533A77B62D96541AD080A7AD7E3C33C
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Frame ID: 3651BB4BB8F035440CE5F2BCB18FB81F
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Frame ID: 867254FA5D9F43A2CEBE7536DF7EAFA1
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Frame ID: FD2D58C6617579AF72F1871AE86550DF
Requests: 2 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Frame ID: A1E78B9A83AC4B7631B12FFE362D18A0
Requests: 1 HTTP requests in this frame

Frame: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3F077216C3BB35FC9DEAB897CF1D27F1
Requests: 1 HTTP requests in this frame

Frame: blob://https://www.thenewstribune.com/be9dca71-6923-4a0b-a95f-3d4cd8cfeafe
Frame ID: 1FABA7968410856A8D8351A79338A835
Requests: 6 HTTP requests in this frame

Frame: blob://https://www.thenewstribune.com/b8d4592f-5acc-425e-9880-e273018c532b
Frame ID: 32DA408840F7AF07E07252AB7C45BFDD
Requests: 3 HTTP requests in this frame

Frame: blob://https://www.thenewstribune.com/4d997c6c-c310-4044-9461-e371dfe96d3d
Frame ID: 31D808130793F0CB4F61DC9EF10082DA
Requests: 5 HTTP requests in this frame

Frame: blob://https://www.thenewstribune.com/2ede8e74-72e6-41fa-a8fa-50d00dbe89e8
Frame ID: 089B2C125B595A80A95C7F154F265D27
Requests: 3 HTTP requests in this frame

Frame: blob://https://www.thenewstribune.com/2d2b12ec-8757-4a6d-83e7-fa0ec5d987a2
Frame ID: 7C32218687F2BA16FA065F94C608AC37
Requests: 5 HTTP requests in this frame

Frame: blob://https://www.thenewstribune.com/2f5f99b4-6683-4317-8b03-d8dcde256426
Frame ID: 12B2E6FD72B92D84CF3E41B03361A551
Requests: 2 HTTP requests in this frame

Frame: blob://https://www.thenewstribune.com/f0831d91-1510-4bea-9bf9-01b239fde504
Frame ID: 1724101177841F4C3063FA7E805DA1D0
Requests: 4 HTTP requests in this frame

Frame: blob://https://www.thenewstribune.com/a997a5d6-4364-4c20-9012-88d853ac49e9
Frame ID: F1D5FE052FF739C94026DB6044FBE9F3
Requests: 7 HTTP requests in this frame

Frame: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AE5C2D55F79C3CBFA11BC183E1533071
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstdwxjVaWKL89gBG2ufsxASi-zdRwJerW8FGFRGCJyGQmj4SgWBQM-2NtOaoTRkCTh0jioArvAYa0qu82sr4rPpcXGAzRLB4IK_aDzlACPzirbDkuf0qu7VQMmfy93Xdcd26wJ9zxAb7E06DUS26PhIKo7ieh0mNJA1E7b-UxhBKdQT5sCxNgPUtVuNb9pCj9O6l79nAZsirNzMfIrbjr4rXbKB8BcIslBvKwuLrOHeLCWQFMxNTa_RLfkXJj-ELU0HlsMUFlqJrxXbADYiHKEAgqhYg0sA9Clhp0gdVOAkqayGRuHBjH3sa7yxwHjN2nRjI4K8JESnHSY_lzxzsQt6lmIbXD5jenjw8Lk3t0HXI8fLdbQmt9Ju5w&sai=AMfl-YTh64t5clsmvJWpVmV2v41PD8EUWf-D598diU2rpy6r6Q3GN-FPSVYDUr0HQJUqo9hCLSkayivjbzqsEQ5wjZgsK00gPnpiin0MdEfyEb5rd8zRHAMW8gZXTNgsH_Yx&sig=Cg0ArKJSzP_KYbTP6AMsEAE&uach_m=[UACH]&adurl=
Frame ID: 9D6296929428364A0A5C1B8940A05E7F
Requests: 7 HTTP requests in this frame

Frame: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6345684BC3A834A8CA7BF0322CD797BD
Requests: 18 HTTP requests in this frame

Frame: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A32A56EB5659C6AD7BAD8A9140329D7B
Requests: 18 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssFAWi0PcwRf7PF69JbuCwUt7DKPdbCFVG76gepuTTz8_IVy0p3Z2kGoGtME4x87jJ8cRRzcFBEuJD05I3kAM50R1gPbVnM0CeNv2ZEyaidjWF1aiyYA9J0txuuCBdzIrINvgpVYrqt2-hz7GnW0hQ186qp7_e2bLkXhryU6QWvozNEcca6hdSpr5FWHFUjZhpYo84w_SlJWIcKTzOIhDDcJ-TWz5sb1YaBpSmlFfwdo9LAONweBQY2JZwSt60yNoi_DZgOO9MiVWqya2QNnu02C8md9jjLV8FLauYJp5enh-PScJC5wvXIzUkZxsXZQd8sGaplwew0qPMIPXN_QY4xmn6OIOSLOsn1xOsx1nSk_6wL6lJwGXy0AA&sai=AMfl-YRyKjakQD6NXbn-vtUCGc4_OKlC6FaADWStEuadCJ0qp3eDVWnCJt0z54QzMNJB70_lg8aJ1zTH1sDDvGlTbd8zyn8lQvNYcMA3Zh3--c1xhl38eEqWd0tINVcFA_bp&sig=Cg0ArKJSzG3ER_geZyCYEAE&uach_m=[UACH]&adurl=
Frame ID: 952D267C1D36E29EADF4C8C0BE7F2F3A
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4204414533974691611/index.html
Frame ID: 5D165DEFF21310B75AEA9BB939D3BCD3
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C391502097D5C94D6D6C518D52E7C8C7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EDAB08C962D43E9D2CEE157F25130229
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 26B6E0EA4A48BBBA1F07D89D2D6E462A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Frame ID: F1AFC3EE6F2BD1AD3956184B33D9C747
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Frame ID: D0B43604A6D92B56C390B55ECBADC8B4
Requests: 1 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/storage.secure.min.html?loc=https%3A%2F%2Fwww.thenewstribune.com&site=2196236&env=prod&isCrossDomain=true
Frame ID: B4F946F9C6A90A51C72D349FC06AF732
Requests: 5 HTTP requests in this frame

Frame: https://va.idp.liveperson.net/postmessage/postmessage.min.html?bust=1671589281802&loc=https%3A%2F%2Fwww.thenewstribune.com
Frame ID: 90F576334773B9912C5CED61F47D4DDD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tacoma WA Breaking News, Crime & More | Tacoma News TribuneClose navigation panelVideo mediaVideo mediaVideo mediaVideo media

Page URL History Show full URLs

https://www.secure06an-xfinity.duckdns.org/ HTTP 307
https://thenewstribune.com/ HTTP 301
https://www.thenewstribune.com/ Page URL

Detected technologies

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

basket.js (JavaScript Libraries) Expand

Overall confidence: 10%
Detected patterns

basket.*\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

367
Requests

79 %
HTTPS

37 %
IPv6

57
Domains

93
Subdomains

84
IPs

10
Countries

8539 kB
Transfer

19151 kB
Size

32
Cookies

44 Outgoing links

These are links going to different origins than the main page.

URL: https://cookiesandyou.com/
Title: Learn more

Search URL Search Domain Scan URL

URL: https://account.thenewstribune.com/auth0
Title: LOG IN

Search URL Search Domain Scan URL

URL: https://subscribe.thenewstribune.com/beinformed
Title: SUBSCRIBE

Search URL Search Domain Scan URL

URL: https://liveedition.thenewstribune.com/
Title: Tacoma Now

Search URL Search Domain Scan URL

URL: https://www.legacy.com/us/obituaries/tribnet/browse
Title: Obituaries

Search URL Search Domain Scan URL

URL: https://myaccount.thenewstribune.com/tac_nt/home#navlink=subnav
Title: Account Management

Search URL Search Domain Scan URL

URL: https://thenewstribune.newspapers.com/#navlink=subnav
Title: Archives

Search URL Search Domain Scan URL

URL: https://go.mcclatchy.com/media-capabilities-tacoma/p/1#navlink=subnav
Title: Media Kit

Search URL Search Domain Scan URL

URL: http://t.news.thenewstribune.com/webApp/mccSignupPage?siteName=thenewstribune#navlink=subnav
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://www.facebook.com/tacomanewstribune#navlink=subnav
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/thenewstribune#navlink=subnav
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/thenewstribune/#navlink=subnav
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/TacomaNewsTribune#navlink=subnav
Title: YouTube

Search URL Search Domain Scan URL

URL: https://liveedition.thenewstribune.com/#navlink=subnav
Title: Tacoma Now

Search URL Search Domain Scan URL

URL: https://games.thenewstribune.com/#navlink=subnav
Title: Puzzles & Games

Search URL Search Domain Scan URL

URL: https://www.legacy.com/obituaries/tribnet/#navlink=navbar
Title: View Obituaries

Search URL Search Domain Scan URL

URL: https://placement.memoriams.com/TheNewsTribune/Obituary
Title: Place an Obituary

Search URL Search Domain Scan URL

URL: https://www.accesousa.com/
Title: Acceso USA

Search URL Search Domain Scan URL

URL: https://classifieds.mcclatchy.com/marketplace/tacoma/
Title: Public Notices

Search URL Search Domain Scan URL

URL: https://classifieds.mcclatchy.com/marketplace/tacoma#navlink=subnav
Title: Classifieds

Search URL Search Domain Scan URL

URL: https://jobs.thenewstribune.com/#navlink=navbar
Title: Jobs

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.thenewstribune.com%2Fnews%2Farticle270216052.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.thenewstribune.com%2Fnews%2Farticle270216052.html&text=Watch%3A%20Eagle%20carries%20goose%20in%20flight%20near%20Wanapum%20Dam

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.thenewstribune.com%2Fsports%2Fnfl%2Fseattle-seahawks%2Farticle270257412.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.thenewstribune.com%2Fsports%2Fnfl%2Fseattle-seahawks%2Farticle270257412.html&text=Pete%20Carroll%3A%20Doctors%20told%20Seahawks%20Tyler%20Lockett%27s%20hand%20surgery%20was%20%27perfect%2C%27%20quick%20return%20is%20possible

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.thenewstribune.com%2Fsports%2Fnfl%2Fseattle-seahawks%2Farticle270256592.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.thenewstribune.com%2Fsports%2Fnfl%2Fseattle-seahawks%2Farticle270256592.html&text=DK%20Metcalf%20on%20rare%20game%20without%20Tyler%20Lockett%20in%20the%20Seahawks%27%20offense%2C%20Geno%20Smith%27s%20consistently%20catchable%20passes

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.thenewstribune.com%2Fnews%2Flocal%2Farticle269951772.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.thenewstribune.com%2Fnews%2Flocal%2Farticle269951772.html&text=Learn%20about%20the%20Blue%20Zones%20Project%20that%20is%20coming%20to%20Parkland%20and%20Spanaway%20to%20better%20community%20health

Search URL Search Domain Scan URL

URL: https://thenewstribune.com/mobile
Title: Tacoma News Tribune App

Search URL Search Domain Scan URL

URL: http://t.news.thenewstribune.com/webApp/mccSignupPage?siteName=thenewstribune
Title: View Newsletters

Search URL Search Domain Scan URL

URL: https://www.facebook.com/tacomanewstribune

Search URL Search Domain Scan URL

URL: https://twitter.com/thenewstribune

Search URL Search Domain Scan URL

URL: http://www.youtube.com/user/TacomaNewsTribune

Search URL Search Domain Scan URL

URL: https://myaccount.thenewstribune.com/tac_nt/home
Title: Vacation Hold

Search URL Search Domain Scan URL

URL: https://www.mcclatchy.com/our-impact/markets/the-news-tribune/#navlink=mi_footer
Title: About Us

Search URL Search Domain Scan URL

URL: http://t.news.thenewstribune.com/webApp/mccSignupPage?siteName=thenewstribune#navlink=mi_footer
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://go.mcclatchy.com/media-capabilities-tacoma/p/1#navlink=mi_footer
Title: McClatchy Advertising

Search URL Search Domain Scan URL

URL: https://business.mcclatchy.com/tacoma#navlink=mi_footer
Title: Place an Ad

Search URL Search Domain Scan URL

URL: https://placeclassifieds.mcclatchy.com/classifieds/tacoma/index.html#navlink=mi_footer
Title: Place a Classified Ad

Search URL Search Domain Scan URL

URL: https://placement.memoriams.com/TheNewsTribune/Obituary#navlink=mi_footer
Title: Place an Obituary

Search URL Search Domain Scan URL

URL: https://hiring.mcclatchy.com/recruitmentproducts#navlink=mi_footer
Title: Staffing Solutions

Search URL Search Domain Scan URL

URL: https://www.winwithmcclatchy.com/political-advocacy#navlink=mi_footer
Title: Political Advertising

Search URL Search Domain Scan URL

URL: https://privacy-central.securiti.ai/#/dsr-universal/0a979fab-900d-4113-aab0-e2bf786400ac
Title: Do Not Sell My Personal Information

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.secure06an-xfinity.duckdns.org/ HTTP 307
https://thenewstribune.com/ HTTP 301
https://www.thenewstribune.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 80

https://cm.everesttech.net/cm/dd?d_uuid=22915593495693395901934303105514401542 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y6JtmQAAAH_v_wNn

Request Chain 81

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MjI5MTU1OTM0OTU2OTMzOTU5MDE5MzQzMDMxMDU1MTQ0MDE1NDI= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MjI5MTU1OTM0OTU2OTMzOTU5MDE5MzQzMDMxMDU1MTQ0MDE1NDI=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEMn6KVy5cYguYc9yygdA_rw&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 82

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&_test=Y6JtmQAFhhdqigAo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTZKdG1RQUZoaGRxaWdBbw==&_test=Y6JtmQAFhhdqigAo

Request Chain 83

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90&_test=Y6JtmQAAAkFqmgAo HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y6JtmQAAAkFqmgAo&expires=90&_test=Y6JtmQAAAkFqmgAo

Request Chain 84

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y6JtmQAFAnJLBgAe HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6JtmQAFAnJLBgAe&_test=Y6JtmQAFAnJLBgAe HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6JtmQAFAnJLBgAe&_test=Y6JtmQAFAnJLBgAe&C=1

Request Chain 85

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D&_test=Y6JtmQAADtFMhwAe

Request Chain 86

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=Y6JtmQAAASfnVQAZ HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y6JtmQAAASfnVQAZ&_test=Y6JtmQAAASfnVQAZ

Request Chain 87

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D&_test=Y6JtmQAAASfnZAAZ HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y6JtmQAAASfnZAAZ&_test=Y6JtmQAAASfnZAAZ

Request Chain 88

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1&_test=Y6JtmQAAAEVmiwAp

Request Chain 89

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0&_test=Y6JtmQAFiANsYgAo HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y6JtmQAFiANsYgAo&t=2592000&o=0&_test=Y6JtmQAFiANsYgAo

Request Chain 110

https://js.matheranalytics.com/s/ma12095/74930801/all/ml.js?cb=1612 HTTP 301
https://js.matheranalytics.com/static/ltm/ma12095/all/10/ml.br.js

Request Chain 233

https://cdn.keywee.co/dist/analytics.min.js HTTP 301
https://cdn.keywee.co/dist/analytics-1.5.12.min.js

Request Chain 319

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKC30-H4FxCABBiABDIIiaPx8GELT9I HTTP 301
https://tpc.googlesyndication.com/simgad/6969611511364383186

Request Chain 322

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKC30-H4FxCABBiABDIIiaPx8GELT9I HTTP 301
https://tpc.googlesyndication.com/simgad/6969611511364383186

Request Chain 333

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

367 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.thenewstribune.com/
Redirect Chain

https://www.secure06an-xfinity.duckdns.org/
https://thenewstribune.com/
https://www.thenewstribune.com/

202 KB
27 KB

271ms
31ms

Document
text/html

184.24.0.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.0.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-0-132.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 52c9ab42f1114ff3114cd2982fdb84dadac85133bd2bb23874ed98537e8e5b2f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 26343
content-type: text/html;charset=utf-8
date: Wed, 21 Dec 2022 02:21:12 GMT
etag: W/"32728-kAh5J0rWOv2eTaTKiB7WZGwaWwU"
expires: Wed, 21 Dec 2022 02:21:12 GMT
last-modified: Wed, 21 Dec 2022 02:20:32 GMT
mi-api: WPS
mi-cache: HIT
mi-cache-age: 22
pragma: no-cache
server: MI
surrogate-control: varnish=ESI/2.1
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mTOE,2
x-mi-in-market: 0
x-proxy-forwarding-type: BlackList
x-varnish: 289185821, 617054665 608767219

Redirect headers

Connection: Keep-Alive
Content-Length: 239
Content-Type: text/html; charset=iso-8859-1
Date: Wed, 21 Dec 2022 02:21:12 GMT
Keep-Alive: timeout=5, max=100
Location: https://www.thenewstribune.com/
Server: Apache

GET
H2 200 thenewstribunecore.js Show response
www.thenewstribune.com/ooizl-ynbs/ 371 KB
108 KB 33ms
27ms Script
application/javascript 184.24.0.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/ooizl-ynbs/thenewstribunecore.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.0.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-0-132.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 6952c4a4aa1fc82d1402fd360f1f073aa47afb0cb35901617970950feca316a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:12 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 280
content-length: 110389
last-modified: Tue, 20 Dec 2022 13:45:13 GMT
server: MI
etag: W/"5cc83-5f042a5292c40"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 748880439, 793975550 799607775
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=190
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 vendor.bundle-e8bf89b42a8198ff411c.js Show response
www.thenewstribune.com/wps/build/webpack/ 99 KB
34 KB 54ms
49ms Script
application/javascript 184.24.0.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/wps/build/webpack/vendor.bundle-e8bf89b42a8198ff411c.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.0.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-0-132.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 798b67bb2ea3243fac61fc7df7e5585a5adc40887e278bdf62598ca5d7629903

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:12 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 71342
content-length: 34371
last-modified: Thu, 15 Dec 2022 03:54:22 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"18ca4-18513eb3db0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 106836156, 42805673 872517921
content-type: application/javascript;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=204974
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 mi-header.bundle-4f80a4c3226f5b19c12d.js Show response
www.thenewstribune.com/wps/build/webpack/ 9 KB
3 KB 55ms
51ms Script
application/javascript 184.24.0.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/wps/build/webpack/mi-header.bundle-4f80a4c3226f5b19c12d.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.0.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-0-132.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: d56179d996f7bb8ce94673c80d3ab5169ee72f353d964e07f29fac5a1178f336

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:12 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 194858
content-length: 3004
last-modified: Thu, 15 Dec 2022 03:54:22 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"22a1-18513eb3db0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 122429103, 322831085 14780157
content-type: application/javascript;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=358312
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 86ms
30ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a0107a6693b6ccde2883d4ad8f80a8a19a8278c5deb30f75f7dcd10292258e60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Dec 2022 02:21:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 00:45:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Dec 2022 02:21:12 GMT

GET
H2 200 mi-styles.adb59201cefec9c2d293.css
www.thenewstribune.com/wps/build/webpack/css/ 206 KB
45 KB 35ms
33ms Stylesheet
text/css 184.24.0.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/wps/build/webpack/css/mi-styles.adb59201cefec9c2d293.css
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.0.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-0-132.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 2dd936d2f0d48977829a08b5a98b1277e98ec40bc5d0fffa78023206f85f7855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:12 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 218134
content-length: 45183
last-modified: Thu, 15 Dec 2022 03:54:36 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"338ff-18513eb7460"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 106504686, 307006325 706384723
content-type: text/css;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=351708
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
965 B 84ms
31ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

dfe02a2d93a93c68f34213c0b1f9c16f59edc3a652167733cc9a06b3ed7fdecd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 552
x-xss-protection: 1; mode=block
expires: Wed, 21 Dec 2022 02:21:13 GMT

GET
H2 200 49b178ea Show response
www.thenewstribune.com/akam/13/ 26 KB
9 KB 41ms
39ms Script
application/javascript 184.24.0.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/akam/13/49b178ea
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.0.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-0-132.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0a3b5da8448fcbd9dc8e034663ee2649332c83a67f12b7c54d11e9880e9efce9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 02:21:13 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 15:12:42 GMT
etag: "438ba5fa089c512e4e824342070e05cdec82d09066ce6d64aad0b900445945e9"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 8753
expires: Wed, 21 Dec 2022 02:21:13 GMT

GET
H2 200 logo.svg
www.thenewstribune.com/wps/build/images/thenewstribune/ 10 KB
4 KB 32ms
30ms Image
image/svg+xml 184.24.0.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/wps/build/images/thenewstribune/logo.svg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.0.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-0-132.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: b9f65b633a49a499a034c954707d726a90d5571ec8fc571eb7c5e4e59e9b3108

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:13 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 111358
content-length: 4088
last-modified: Thu, 15 Dec 2022 03:54:23 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"2810-18513eb4198"
mi-cache: HIT
vary: Accept-Encoding
x-varnish: 98449202, 69635622 704057372
content-type: image/svg+xml;charset=ISO-8859-1
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=243045
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 favicon-96.png
www.thenewstribune.com/wps/build/images/thenewstribune/ 712 B
1 KB 40ms
38ms Image
image/png 184.24.0.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/wps/build/images/thenewstribune/favicon-96.png
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.0.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-0-132.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 949e2886f2710abf4b3f39bc231ce4462d477f62bc6e958ce17804d82e293466

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:13 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 269727
content-length: 712
last-modified: Thu, 15 Dec 2022 03:54:23 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"2c8-18513eb4198"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 105101507, 341647815 894643535
content-type: image/png;charset=ISO-8859-1
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=400866
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 tacoma-puyallup-logo-color-2021-08.svg
media.thenewstribune.com/static/images/logos/ 11 KB
11 KB 542ms
417ms Image
image/svg+xml 184.24.0.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.thenewstribune.com/static/images/logos/tacoma-puyallup-logo-color-2021-08.svg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.0.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-0-132.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 855b336540e9460f01d5d358d35d24748cbd20db695e0d41f6945cdbef07b7e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:13 GMT
last-modified: Thu, 02 Sep 2021 18:53:17 GMT
server: Apache
etag: "2ba5-5cb07b2251042"
vary: Origin
content-type: image/svg+xml
x-n: S
accept-ranges: bytes
content-length: 11173

GET
H2 200 tacoma-puyallup-favicon-96px-2021-08.svg
media.thenewstribune.com/static/images/logos/ 9 KB
9 KB 542ms
418ms Image
image/svg+xml 184.24.0.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.thenewstribune.com/static/images/logos/tacoma-puyallup-favicon-96px-2021-08.svg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.0.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-0-132.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 568c451356216bcad0be9a07f979d3a732ddfdad3d31496dfe3385bf321fe4e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:13 GMT
last-modified: Thu, 02 Sep 2021 18:53:17 GMT
server: Apache
etag: "2314-5cb07b2250769"
vary: Origin
content-type: image/svg+xml
x-n: S
accept-ranges: bytes
content-length: 8980

GET
H2 200 tacoma-gateway-logo-color-horizontal-2021-08.svg
media.thenewstribune.com/static/images/logos/ 8 KB
8 KB 541ms
417ms Image
image/svg+xml 184.24.0.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.thenewstribune.com/static/images/logos/tacoma-gateway-logo-color-horizontal-2021-08.svg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.0.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-0-132.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a4561da777935fa07b41fbb1e3ade995d20c92560e803303f6f7e0d8fec27ff6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:13 GMT
last-modified: Thu, 02 Sep 2021 18:53:17 GMT
server: Apache
etag: "1f97-5cb07b224fe46"
vary: Origin
content-type: image/svg+xml
x-n: S
accept-ranges: bytes
content-length: 8087

GET
H2 200 tacoma-gateway-favicon-96px-2021-08.svg
media.thenewstribune.com/static/images/logos/ 4 KB
4 KB 547ms
423ms Image
image/svg+xml 184.24.0.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.thenewstribune.com/static/images/logos/tacoma-gateway-favicon-96px-2021-08.svg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.0.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-0-132.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ceaccd3394b874684aeb2eb2642b9d244638121c9279cf45ca61b16b0d879b9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:13 GMT
last-modified: Thu, 02 Sep 2021 18:53:17 GMT
server: Apache
etag: "e57-5cb07b224f4a5"
vary: Origin
content-type: image/svg+xml
accept-ranges: bytes
content-length: 3671

GET
H2 200 mastheadPage.bundle-b119e72f72060856969c.js Show response
www.thenewstribune.com/wps/build/webpack/ 131 KB
44 KB 26ms
25ms Script
application/javascript 184.24.0.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/wps/build/webpack/mastheadPage.bundle-b119e72f72060856969c.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.0.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-0-132.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 3c925c807cc1b490519a3d005045d08329d8cf67682fe53c0b4aa2018ef1f713

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:13 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 1477
content-length: 44137
last-modified: Mon, 05 Dec 2022 20:35:54 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"20b10-184e4009410"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 3246972, 212731534 202186036
content-type: application/javascript;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=116866
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 premium-topper.js Show response
www.thenewstribune.com/static/hi/prodx/premium-topper/ 9 KB
3 KB 28ms
27ms Script
application/javascript 184.24.0.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/static/hi/prodx/premium-topper/premium-topper.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.0.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-0-132.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: bd24c662d59b09dc2750610bca4aa94d397a00dd217f9590ad8fc6c0ac93a389

Request headers

Referer: https://www.thenewstribune.com/
Origin: https://www.thenewstribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:13 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 255
content-length: 3059
last-modified: Thu, 23 Jun 2022 20:56:37 GMT
server: MI
etag: W/"2419-5e223b0882b40"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 722384574, 741310157 742511235
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=18
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 mi-footer.bundle-9e59a31b822d120051b7.js Show response
www.thenewstribune.com/wps/build/webpack/ 8 KB
3 KB 40ms
39ms Script
application/javascript 184.24.0.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/wps/build/webpack/mi-footer.bundle-9e59a31b822d120051b7.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.0.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-0-132.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 764df958623e81ae49b597536c4f788d01b6d7d5b6fa5933868a4fd691e379df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:13 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 157767
content-length: 2925
last-modified: Thu, 15 Dec 2022 03:54:22 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"2137-18513eb3db0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 710515624, 236728965 812856888
content-type: application/javascript;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=287109
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 videojs.bundle-26bbe163dc0ffee5eac7.js Show response
www.thenewstribune.com/wps/build/webpack/ 575 KB
152 KB 41ms
39ms Script
application/javascript 184.24.0.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/wps/build/webpack/videojs.bundle-26bbe163dc0ffee5eac7.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.0.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-0-132.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 48f08678e02e62a5a40fc22ecb0d4e4cf56a7128c65d8c61c3da35eeed607623

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:13 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 1477
content-length: 154945
last-modified: Mon, 05 Dec 2022 20:36:41 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"8fd16-184e4014ba8"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 1183253, 1057250167 1064124806
content-type: application/javascript;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=518647
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 videoStory.bundle-e7e9c63f9edd65104079.js Show response
www.thenewstribune.com/wps/build/webpack/ 268 KB
86 KB 46ms
45ms Script
application/javascript 184.24.0.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/wps/build/webpack/videoStory.bundle-e7e9c63f9edd65104079.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.0.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-0-132.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 3d4035e709c3856b025a4783eaab5d50a5fd43d9f08bddbf99dc97f133d3f169

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:13 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 262485
content-length: 87657
last-modified: Thu, 15 Dec 2022 03:55:07 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"42e11-18513ebed78"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 781338799, 396367002 963184422
content-type: application/javascript;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=518526
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 footer.bundle-1f06f5f8ac3bfe589066.js Show response
www.thenewstribune.com/wps/build/webpack/ 10 KB
3 KB 28ms
25ms Script
application/javascript 184.24.0.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/wps/build/webpack/footer.bundle-1f06f5f8ac3bfe589066.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.0.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-0-132.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 962633a9b2b7df607d091396cbe096cef615f8bd36ea627151254a5743c4e0c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:13 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 63734
content-length: 2570
last-modified: Thu, 15 Dec 2022 03:54:22 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"284c-18513eb3db0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 96938296, 76981996 950473127
content-type: application/javascript;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=194932
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
BLOB 200
OK 8496ff74-7030-460b-933e-97163fb17dc1 Show response
https://www.thenewstribune.com/ 268 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/8496ff74-7030-460b-933e-97163fb17dc1
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ooizl-ynbs/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a3bea88da4953ef0130c1b8042c9c248e4e5601533d91856ff1d8d49e2d474c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 268
Content-Type: text/javascript

GET
BLOB 200
OK 496bd927-fa7d-43a7-94ae-330431749489 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/496bd927-fa7d-43a7-94ae-330431749489
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ooizl-ynbs/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b8a4381e1e8ea803ff4e66f0315f9ea5bfdedecf23f57e609d488c917cee47a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

POST
H2 200 acquire Show response
adobedc.demdex.net/ee/v1/identity/ 3 KB
2 KB 502ms
179ms Fetch
application/json 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://adobedc.demdex.net/ee/v1/identity/acquire?configId=462177a8-1012-4e47-aee6-a4f6f3154a6b&requestId=304a1d88-5b32-42d4-8494-be64ff1fb081

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ooizl-ynbs/thenewstribunecore.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

c29450aa7faa8c3b95856e063381b57cdb15e600bd9330a30ef455231e6dcb75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thenewstribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Wed, 21 Dec 2022 02:21:13 GMT
content-encoding: deflate
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-rate-limit-remaining: 599
x-adobe-edge: IRL1;6
x-xss-protection: 1; mode=block
x-request-id: 304a1d88-5b32-42d4-8494-be64ff1fb081
server: jag
vary: Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
x-konductor: 22.11.2:836cd9b5

GET
H2 200 netdale.b8986ad98dd1251db62e.js Show response
www.thenewstribune.com/ooizl-ynbs/ 82 KB
23 KB 46ms
45ms Script
application/javascript 184.24.0.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/ooizl-ynbs/netdale.b8986ad98dd1251db62e.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/8496ff74-7030-460b-933e-97163fb17dc1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.0.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-0-132.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 1bb9a4e479c09da4d37e5e5bf46aa215e1ae632d47df8283735464ad43a5b921

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:13 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 177
content-length: 22765
last-modified: Tue, 20 Dec 2022 13:45:07 GMT
server: MI
etag: W/"14765-5f042a4cd9ec0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 809599031 802391299
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=560025
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 script.js Show response
n817.thenewstribune.com/ 132 KB
40 KB 300ms
26ms Script
text/javascript 2600:9000:2491:c800:16:f649:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://n817.thenewstribune.com/script.js

Requested by

Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/496bd927-fa7d-43a7-94ae-330431749489

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:c800:16:f649:1500:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

- /

Resource Hash

943c86949eee24ae98134e6f35c38c124aaa52b2621bda54dcbd4fae292ffe52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:18:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P7
age: 186
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 40679
x-xss-protection: 1; mode=block
last-modified: Wed, 21 Dec 2022 02:13:42 GMT
server: -
etag: b8351e37c5c3fdc5268f5c7c5d97129c
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=600
x-robots-tag: noindex, nofollow
x-amz-cf-id: CP4H8twiZ5KYIogKyYpT-r1iGGxfZ7BE-ZWA11oitxhX0bZMjGDJZA==
expires: Wed, 21 Dec 2022 02:28:07 GMT

GET
H2 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v27/ 12 KB
13 KB 74ms
21ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.thenewstribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 20:52:35 GMT
x-content-type-options: nosniff
age: 106118
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12684
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:28:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Dec 2023 20:52:35 GMT

GET
H2 200 ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2
fonts.gstatic.com/s/notoserif/v21/ 23 KB
24 KB 77ms
25ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v21/ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25475d82cc976fb2c71b15b3e416c22bf636dd247bbb268d312e7c076ec5b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.thenewstribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 17:29:16 GMT
x-content-type-options: nosniff
age: 377517
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23948
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:47:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Dec 2023 17:29:16 GMT

GET
H2 200 wxicons-blk-38.svg
www.thenewstribune.com/wps/source/images/widgets/weather/wxicons-blk/ 2 KB
1 KB 25ms
25ms Image
image/svg+xml 184.24.0.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/wps/source/images/widgets/weather/wxicons-blk/wxicons-blk-38.svg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.0.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-0-132.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 9cc747c7ddf91c1b85a1128611dee99625705a16c55d4c60e4061aa50b6f0194

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:13 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 219458
content-length: 1086
last-modified: Thu, 15 Dec 2022 03:50:47 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"9d3-18513e7f5d8"
mi-cache: HIT
vary: Accept-Encoding
x-varnish: 767185970, 419371195 997165668
content-type: image/svg+xml;charset=ISO-8859-1
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=427271
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v27/ 13 KB
13 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.thenewstribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 22:04:53 GMT
x-content-type-options: nosniff
age: 447380
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12860
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:27:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Dec 2023 22:04:53 GMT

GET
H2 200 enhancements.js Show response
www.thenewstribune.com/static/hi/themes/ 8 KB
3 KB 371ms
371ms Script
application/javascript 184.24.0.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/static/hi/themes/enhancements.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.0.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-0-132.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 233565e64aa57aca5c78d31c778b9d8ade9442a033aa3d04fb7497c1551c0892

Request headers

Referer: https://www.thenewstribune.com/static/hi/prodx/premium-topper/premium-topper.js
Origin: https://www.thenewstribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:13 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 220
content-length: 2880
last-modified: Thu, 10 Nov 2022 16:01:14 GMT
server: MI
etag: W/"20c0-5ed1fe1f12680"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 711331267, 722253358 726149359
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=273
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 exclusive-card.js Show response
www.thenewstribune.com/static/hi/prodx/premium-topper/ 2 KB
1 KB 378ms
377ms Script
application/javascript 184.24.0.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/static/hi/prodx/premium-topper/exclusive-card.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.0.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-0-132.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 18e07d2e805871c64b625eb03c950fc77cbbdb707a26493fce307d39f4571524

Request headers

Referer: https://www.thenewstribune.com/static/hi/prodx/premium-topper/premium-topper.js
Origin: https://www.thenewstribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:13 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 241
content-length: 752
last-modified: Fri, 06 May 2022 19:44:44 GMT
server: MI
etag: W/"688-5de5d17130300"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 570303018, 646285818 616719757
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=281
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2
fonts.gstatic.com/s/notoserif/v21/ 27 KB
27 KB 32ms
31ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v21/ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0a9ce1553fa74dad4d8cf55b7df7d012a3acdec01cd39d682fce0e5b52e99f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.thenewstribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 22:21:08 GMT
x-content-type-options: nosniff
age: 100805
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27456
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:10:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Dec 2023 22:21:08 GMT

GET
H2 200 221220%20pc%20indita%20maria_0399.jpg
www.thenewstribune.com/latest-news/r961p0/picture270262087/alternates/LANDSCAPE_768/ 34 KB
35 KB 25ms
24ms Image
image/jpeg 184.24.0.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/latest-news/r961p0/picture270262087/alternates/LANDSCAPE_768/221220%20pc%20indita%20maria_0399.jpg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.0.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-0-132.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: eccc6af2db59bf74846d50df7b7c61dcfe9f3ddc527a8d7717fd9aed5e8dbcd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:13 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 3777
content-length: 34879
last-modified: Wed, 21 Dec 2022 00:28:25 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "5693fdf3886999299ea4bb796df71d69"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 1005195001, 907157816 930447776
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=603800
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 221027%20cb%20Lakes%20vs.%20Mount%20Tahoma_22.JPG
www.thenewstribune.com/latest-news/yqgf1z/picture267973252/alternates/LANDSCAPE_768/ 66 KB
67 KB 33ms
32ms Image
image/jpeg 184.24.0.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/latest-news/yqgf1z/picture267973252/alternates/LANDSCAPE_768/221027%20cb%20Lakes%20vs.%20Mount%20Tahoma_22.JPG
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.0.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-0-132.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 9b343f5b282fdc27b539204023977f6577848992348b1e7df65b437a4ccb6999

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:13 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 424
content-length: 68063
last-modified: Mon, 07 Nov 2022 19:47:02 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "ec03d67662ab7a4730567784ac0e354b"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 723224006, 318440162 258778020
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=527516
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 SANTAMAREK.JPG
www.fresnobee.com/latest-news/i7ykpb/picture256822687/alternates/LANDSCAPE_768/ 66 KB
67 KB 172ms
26ms Image
image/jpeg 184.24.0.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fresnobee.com/latest-news/i7ykpb/picture256822687/alternates/LANDSCAPE_768/SANTAMAREK.JPG
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.0.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-0-132.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: f8eb721a2779fdba01e356f6447fa47531d38f642142826a7605da4c89cd04c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:13 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 19201
content-length: 67690
last-modified: Thu, 23 Dec 2021 20:02:17 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "f664f5a4c86615e5a31d0f98ec943b2d"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 812516532, 963155562 878053414
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=592785
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 coast%20guard%20sunset.jpg
www.bellinghamherald.com/latest-news/lh0np1/picture243087501/alternates/LANDSCAPE_768/ 43 KB
44 KB 167ms
28ms Image
image/jpeg 184.24.0.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bellinghamherald.com/latest-news/lh0np1/picture243087501/alternates/LANDSCAPE_768/coast%20guard%20sunset.jpg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.0.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-0-132.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 110d03583f0dee97872098b516fa66568f378b5d337bcc91b79c42b9d4a5f693

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:13 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 2085
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 44148
last-modified: Fri, 29 May 2020 15:39:57 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "668b7ec564ad399e8148440618791c4e"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 794791548 796068234
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=572486
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 E96j_v6WYAA41hf.jpg
www.thenewstribune.com/latest-news/ilcn7l/picture253823623/alternates/LANDSCAPE_768/ 54 KB
54 KB 35ms
34ms Image
image/jpeg 184.24.0.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/latest-news/ilcn7l/picture253823623/alternates/LANDSCAPE_768/E96j_v6WYAA41hf.jpg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.0.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-0-132.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 50a57cb4985deedf7bb498bce30400abe703ffdc6beb0d158475d5c6a6c6a10f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:13 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 5081
content-length: 55015
last-modified: Sat, 04 Sep 2021 16:34:51 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "325ec514abdb57191ffadb7dbd72def6"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 745079934, 818610247 791350919
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=561762
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 01DuPontSnowJogger%202.jpg
www.thenewstribune.com/latest-news/1lnnn8/picture269488197/alternates/LANDSCAPE_768/ 119 KB
120 KB 29ms
28ms Image
image/jpeg 184.24.0.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/latest-news/1lnnn8/picture269488197/alternates/LANDSCAPE_768/01DuPontSnowJogger%202.jpg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.0.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-0-132.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 5ea9230176a3122f6b192ed19401210ddac7a452404de7a63491608721c72af9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:13 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 5288
content-length: 121880
last-modified: Thu, 01 Dec 2022 21:21:13 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "2f28e684544c21fa911b7fb33fc249db"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 196271708, 273654937 249059551
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=493698
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998024001/7bdd09f9-a493-442f-9b74-e56f77d0abb4/08c44bb4-1938-4708-8e56-6821ab1afe67/1280x720/match/ 90 KB
90 KB 134ms
24ms Image
image/jpeg 13.32.99.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998024001/7bdd09f9-a493-442f-9b74-e56f77d0abb4/08c44bb4-1938-4708-8e56-6821ab1afe67/1280x720/match/image.jpg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-38.fra60.r.cloudfront.net
Software: / BC
Resource Hash: fdf59bdbecdce192c2cc203d4746a7e71013f50e41c3895a4347dca36af26b57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 13:10:35 GMT
Via: 1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Amz-Cf-Pop: FRA60-P3
X-Powered-From: gantry
X-Powered-By: BC
Age: 133838
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
X-Amz-Cf-Id: IsrZej2ofQjTF5Ul28y83tJ1hU8pTEODXMnuvXEwyuP0T-hd6fdtZw==
Expires: Tue, 19 Dec 2023 13:10:35 GMT

GET
H2 200 htlbid.css
htlbid.com/v3/thenewstribune.com/ 3 KB
638 B 593ms
501ms Stylesheet
text/css 13.32.121.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/thenewstribune.com/htlbid.css
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ooizl-ynbs/netdale.b8986ad98dd1251db62e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-60.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2c2d839942cb9548ad7447ed4fe2bd45e0c84b4eef108fd5c6ec085b0e2405da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:14 GMT
content-encoding: br
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
last-modified: Fri, 25 Nov 2022 21:01:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
etag: W/"a49d79868f355680f4cf86ab4c2ff095"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
cache-control: max-age=600
x-amz-cf-id: pQCZ7-jQRkczyu7CPUEC3S55hQMgrDzJ77X_oLMUdSKjMAyEnObt6Q==

GET
H2 200 htlbid.js Show response
htlbid.com/v3/thenewstribune.com/ 468 KB
120 KB 522ms
430ms Script
application/javascript 13.32.121.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/thenewstribune.com/htlbid.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ooizl-ynbs/netdale.b8986ad98dd1251db62e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-60.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1c20d8ce6603049b9aa5ced95b275b75208d205306e8095909fbfd65e945a149

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:14 GMT
content-encoding: br
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
last-modified: Fri, 25 Nov 2022 21:01:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
etag: W/"d15e31d3d0ae6dee43f795088c3a5f46"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=600
x-amz-cf-id: KhOyCrSF72D6htUMytA5MxdrQr4BQ_IssgcWyqzntllNawChEFG3MQ==

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998020001/a5bc9226-9577-4a0b-9d3e-2393097d7f29/a02b2ec2-7085-4058-bf53-459405ceaf05/1280x720/match/ 283 KB
283 KB 104ms
21ms Image
image/jpeg 13.32.99.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998020001/a5bc9226-9577-4a0b-9d3e-2393097d7f29/a02b2ec2-7085-4058-bf53-459405ceaf05/1280x720/match/image.jpg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-38.fra60.r.cloudfront.net
Software: / BC
Resource Hash: f8c4c984b473b0af9395926bec3bc5124d43c9d29e9be278f3d2688a723c375d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 21:58:23 GMT
Via: 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Amz-Cf-Pop: FRA60-P3
X-Powered-From: gantry
X-Powered-By: BC
Age: 15770
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
X-Amz-Cf-Id: cOC8_wrLlEBch-1t21qFoNYL4VQmUrp5LgPl0bWOF-UR0Rst2awq0Q==
Expires: Wed, 20 Dec 2023 21:58:23 GMT

GET
H2 200 fontawesome-webfont.woff2
www.thenewstribune.com/wps/source/sass/main/fonts/font-awesome/fonts/ 55 KB
56 KB 25ms
25ms Font
font/woff2 184.24.0.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/wps/source/sass/main/fonts/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/wps/build/webpack/css/mi-styles.adb59201cefec9c2d293.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.0.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-0-132.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 41dd3e48dbef1ddbc59957d4e99ef7662c1702dd8b55d0900b02150f87af354a

Request headers

Referer: https://www.thenewstribune.com/wps/build/webpack/css/mi-styles.adb59201cefec9c2d293.css
Origin: https://www.thenewstribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:13 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 2062
content-length: 56780
last-modified: Thu, 15 Dec 2022 20:43:58 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"ddcc-18517878eb0"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 905198357, 743639829 733853795
content-type: font/woff2;charset=ISO-8859-1
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=93
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998024001/0521bdfb-55d5-47dd-a3a5-6190dac8ae2e/3b1d27d3-6fe0-4573-bc2e-48bcbf2e17a5/1280x720/match/ 345 KB
345 KB 70ms
26ms Image
image/jpeg 13.32.99.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998024001/0521bdfb-55d5-47dd-a3a5-6190dac8ae2e/3b1d27d3-6fe0-4573-bc2e-48bcbf2e17a5/1280x720/match/image.jpg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-38.fra60.r.cloudfront.net
Software: / BC
Resource Hash: ab80009b4b89bde5dad1b4ddfeceb50398e60997afc7bd6d5d29267b8dd21544

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 23:00:49 GMT
Via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Amz-Cf-Pop: FRA60-P3
X-Powered-From: gantry
X-Powered-By: BC
Age: 12024
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
X-Amz-Cf-Id: JEePvIedz1ANgO8NZsmh_m4c-oR66EPnrPxzzPOngXvOwgPNcIJFTA==
Expires: Wed, 20 Dec 2023 23:00:49 GMT

GET
H2 200 14b225af-ea00-48ee-8af3-6ced04c0315b
www.mcclatchy-wires.com/incoming/ht7gws/picture270224547/alternates/LANDSCAPE_768/ 27 KB
27 KB 218ms
26ms Image
image/jpeg 184.24.0.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mcclatchy-wires.com/incoming/ht7gws/picture270224547/alternates/LANDSCAPE_768/14b225af-ea00-48ee-8af3-6ced04c0315b
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.0.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-0-132.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 484180efc7548d96869e8a2d5e12feb8249fd4494ec70cbec7de6afc3cd0b3d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:13 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 53
content-length: 27156
last-modified: Tue, 20 Dec 2022 06:15:29 GMT
x-proxy-forwarding-type: WhiteList
server: MI
etag: "acdeefd56a6816bfd50c928de6f389e1"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 733448401, 765011144 778899851
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=532735
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 Click
www.thenewstribune.com/news/politics-government/41hh7n/picture107000812/alternates/LANDSCAPE_768/ 56 KB
57 KB 25ms
25ms Image
image/jpeg 184.24.0.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/news/politics-government/41hh7n/picture107000812/alternates/LANDSCAPE_768/Click
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.0.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-0-132.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ad8704323a343240bd16d1407038640e7e4db94a0399ae26fb969971dd05e6f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:13 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 7754
content-length: 57358
last-modified: Sun, 09 Oct 2016 02:16:04 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "12de865060a44568cef5594849b4ceed"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 1001730653, 251299364 240903383
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=305293
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/jit/5615998024001/4ba1e325-4267-4e52-8aba-ecbfce2de9c8/main/1280x720/5s178ms/match/ 38 KB
38 KB 67ms
22ms Image
image/jpeg 13.32.99.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/jit/5615998024001/4ba1e325-4267-4e52-8aba-ecbfce2de9c8/main/1280x720/5s178ms/match/image.jpg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-38.fra60.r.cloudfront.net
Software: / BC
Resource Hash: 6030447fd8de7eaab09a30abb6d458b1af476fb92bd51debafd38633136f8bbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 20:28:09 GMT
Via: 1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Amz-Cf-Pop: FRA60-P3
X-Powered-From: gantry
X-Powered-By: BC
Age: 107583
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
X-Amz-Cf-Id: AuzZEbHy21YN7k0gKMJChwarPHOEmg8rbLTq2LmyUk_Q43G9JxAC9A==
Expires: Tue, 19 Dec 2023 20:28:09 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 372 KB
125 KB 278ms
225ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/wps/build/webpack/videoStory.bundle-e7e9c63f9edd65104079.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b0e18d026f801cfbb4fdf886e99a811a4befbeb289daf315a8d30c963242943

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126857
x-xss-protection: 0
expires: Wed, 21 Dec 2022 02:21:13 GMT

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 157 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ 407 KB
163 KB 72ms
22ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewstribune.com/
Origin: https://www.thenewstribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:38:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13350
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 166478
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 22:38:43 GMT

GET
H2 200 cs Show response
mcclatchy.blueconic.net/DG/DEFAULT/ 16 B
697 B 349ms
114ms Script
text/javascript 107.23.160.177
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://mcclatchy.blueconic.net/DG/DEFAULT/cs?&callback=bc_json239

Requested by

Host: n817.thenewstribune.com
URL: https://n817.thenewstribune.com/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.23.160.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-160-177.compute-1.amazonaws.com

Software

- /

Resource Hash

c7cdcc5b203caedbdc44a7eefab7dbabc65b31f242eb4f9ebfd0cb873c5e2f1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 02:21:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-permitted-cross-domain-policies: master-only
content-type: text/javascript; charset=utf-8
p3p: policyref="", CP="DSP"
cache-control: no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag: noindex, nofollow
content-length: 36
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame BFB6 0
0 44ms
43ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcCJGUUAAAAADAmkD2iQN_k8a6FCpgo2VBei6su&co=aHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&badge=inline&cb=bfaecaezytzw

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NYXAKZ23RcykJhYjPP5Jew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thenewstribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 23280
content-security-policy: script-src 'report-sample' 'nonce-NYXAKZ23RcykJhYjPP5Jew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 02:21:13 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
BLOB 200
OK b18d6450-9431-449c-a14b-c83ad87898cc Show response
https://www.thenewstribune.com/ 238 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/b18d6450-9431-449c-a14b-c83ad87898cc
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ooizl-ynbs/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e02e931e3b33dfd8c740ea8d855acdd7dfde5548cfb19d55cee884fca43b37df

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 238
Content-Type: [object object]

GET
H2 200 1bf0v_5heI8egwOnp-0bRzXFOpQF6hMx9FZBtcijKSOU.json Show response
storage.googleapis.com/mc-high-impact/prodx/premium-topper/docs/ 1 KB
2 KB 198ms
127ms Fetch
application/json 2a00:1450:4001:82a::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/mc-high-impact/prodx/premium-topper/docs/1bf0v_5heI8egwOnp-0bRzXFOpQF6hMx9FZBtcijKSOU.json
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/static/hi/prodx/premium-topper/premium-topper.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 60854df78736c718f1a853d0d06ad8156a07c478487ac064276b6381bf262563

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:13 GMT
age: 0
x-guploader-uploadid: ADPycdvSClWiK_7Sur8C_KSVrWPPLBb12tanjKIGIT_dOkZnAmdmseAbZ5HO_Mnq4MHvT9Ri207lgmbRfKb_iN1PV4z6FA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1215
last-modified: Tue, 20 Dec 2022 21:56:22 GMT
server: UploadServer
etag: "bfeed6f6e15c6db9c602b6eabc321a0b"
vary: Origin
x-goog-generation: 1671573382081764
x-goog-hash: crc32c=0hBhbg==, md5=v+7W9uFcbbnGArbqvDIaCw==
access-control-allow-origin: https://www.thenewstribune.com
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: max-age=300
x-goog-stored-content-length: 1215
accept-ranges: bytes
content-type: application/json
expires: Wed, 21 Dec 2022 02:26:13 GMT

GET
BLOB 200
OK 3f0a3484-14ba-4733-9045-b6a6d5ecc53d Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/3f0a3484-14ba-4733-9045-b6a6d5ecc53d
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ooizl-ynbs/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f3fcf242977812fac5c2ee6aeb7c76cabb08441350636e219f5ad2df74348cc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 68de2ca1-5e35-425a-b537-4d4663559eb6 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/68de2ca1-5e35-425a-b537-4d4663559eb6
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ooizl-ynbs/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3c78e4497069dc954a923782a5ea9735de4d4690360b79b899b2b84025b011a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK d454bd47-a9bd-42f3-a4ef-2b899713c961 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/d454bd47-a9bd-42f3-a4ef-2b899713c961
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ooizl-ynbs/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d79d8863c5872b67109d566cdf248f4373c42174919d6c274bea392ad6308a5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 251b9577-5a5c-4571-aef4-9cd93302d978 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/251b9577-5a5c-4571-aef4-9cd93302d978
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ooizl-ynbs/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 266be4aa37118811719ba09834022daa666e401434bd3866a851c29704b36d19

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 0472df50-dbd5-482c-8c18-7288662f9181 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/0472df50-dbd5-482c-8c18-7288662f9181
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ooizl-ynbs/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e768231b174c1dd7aa4f41f1a3036cabd6c487b7e62620807688c5b6d2446636

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 41163746-95e7-4d67-ac2f-01252fe43b15 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/41163746-95e7-4d67-ac2f-01252fe43b15
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ooizl-ynbs/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ab3c3c284b61f45b8a1fb3b068f038a60a7e157b5345baebc290e11ded074304

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H2 200 pdp.gif
www.thenewstribune.com/ooizl-ynbs/ 42 B
394 B 393ms
393ms Image
image/gif 184.24.0.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/ooizl-ynbs/pdp.gif?z=eyJ0aGVtZSI6ImN1c3RvbSJ9
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.0.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-0-132.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:13 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 56774
content-length: 42
last-modified: Mon, 19 Dec 2022 14:02:19 GMT
server: MI
etag: "2a-5f02ec47950c0"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 613986335, 613451789 425960985
content-type: image/gif
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=604788
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 video.4de3e95d19efd4abdd81.js Show response
www.thenewstribune.com/ooizl-ynbs/ 16 KB
6 KB 34ms
33ms Script
application/javascript 184.24.0.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/ooizl-ynbs/video.4de3e95d19efd4abdd81.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/3f0a3484-14ba-4733-9045-b6a6d5ecc53d
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.0.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-0-132.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 92fe827b33f7918ed22bd4b614e81b7a15b1b9b43df021648eb33861ddb28896

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:13 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 2693
content-length: 5283
last-modified: Tue, 20 Dec 2022 13:45:07 GMT
server: MI
etag: W/"3efe-5f042a4cd9ec0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 620007511, 456851648 446762632
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=562513
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 performance.719394e3d18c075289b9.js Show response
www.thenewstribune.com/ooizl-ynbs/ 8 KB
3 KB 34ms
34ms Script
application/javascript 184.24.0.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/ooizl-ynbs/performance.719394e3d18c075289b9.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/68de2ca1-5e35-425a-b537-4d4663559eb6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.0.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-0-132.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: f1bbda49198174d51c9d45ae321aa5006bc9a5b938f107785e1e9491a91ce6ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:13 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 163
content-length: 2640
last-modified: Tue, 20 Dec 2022 13:45:07 GMT
server: MI
etag: W/"1e9e-5f042a4cd9ec0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 627212294 619813051
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=560013
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 quarantine.e6467432fc53bfc7f138.js Show response
www.thenewstribune.com/ooizl-ynbs/ 27 KB
10 KB 34ms
34ms Script
application/javascript 184.24.0.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/ooizl-ynbs/quarantine.e6467432fc53bfc7f138.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/d454bd47-a9bd-42f3-a4ef-2b899713c961
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.0.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-0-132.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 32f10a9c73e179757b72ff2bc19727bc88901b68664d54881844b1e97cc0868e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:13 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 137
content-length: 9951
last-modified: Tue, 20 Dec 2022 13:45:07 GMT
server: MI
etag: W/"6af3-5f042a4cd9ec0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 746622126, 804063246 802588692
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=559998
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 geofeed Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 68 B
235 B 101ms
43ms Script
text/javascript 2606:4700::6812:1b55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/geofeed

Requested by

Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/251b9577-5a5c-4571-aef4-9cd93302d978

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1b55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ff8be4caae44452d25370811829bcf0de87a264bc6dab2b9c45ec89b57b7c8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
cf-ray: 77cd24a01dc69b2d-FRA
vary: Accept-Encoding
content-type: text/javascript

GET
H2 200 parsely.076781cb02a9a411b04f.js Show response
www.thenewstribune.com/ooizl-ynbs/ 1 KB
990 B 36ms
36ms Script
application/javascript 184.24.0.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/ooizl-ynbs/parsely.076781cb02a9a411b04f.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/0472df50-dbd5-482c-8c18-7288662f9181
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.0.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-0-132.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: c0d4d43beca81165da6ee70be7990118601aa20d1e1d27a55b6ce2b75f160fb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:13 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 193
content-length: 617
last-modified: Tue, 20 Dec 2022 13:45:07 GMT
server: MI
etag: W/"4b9-5f042a4cd9ec0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 736743047 741484859
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=560062
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 sponsored.dd1d8ea050e9b07adde1.js Show response
www.thenewstribune.com/ooizl-ynbs/ 1 KB
865 B 37ms
37ms Script
application/javascript 184.24.0.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/ooizl-ynbs/sponsored.dd1d8ea050e9b07adde1.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/41163746-95e7-4d67-ac2f-01252fe43b15
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.0.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-0-132.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: aeb75a195a5313f043a0926141eabb1b2bbd29bf730f42ee973916f7c105d627

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:13 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 193
content-length: 484
last-modified: Tue, 20 Dec 2022 13:45:07 GMT
server: MI
etag: W/"433-5f042a4cd9ec0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 798493422, 750453222 725015150
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=560005
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

OPTIONS
H2 200 vardata
api.lab.amplitude.com/sdk/ Frame 0
0 264ms
197ms Preflight 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-user
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.thenewstribune.com
access-control-max-age: 1800
date: Wed, 21 Dec 2022 02:21:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin
x-amzn-trace-id: Root=1-63a26d99-6ec552a7385253fc2da25572
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-hhn-etou8220079-HHN
x-timer: S1671589274.639774,VS0,VE176

GET
BLOB 200
OK 9a00454b-b0de-4e95-aeb3-db51d4e0d52f Show response
https://www.thenewstribune.com/ 234 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/9a00454b-b0de-4e95-aeb3-db51d4e0d52f
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ooizl-ynbs/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07f5f7f3abaf3c6111a64319185cd36e59ca5124d7e9df78b93f9d1b810d9feb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 234
Content-Type: [object object]

GET
BLOB 200
OK 81fdb862-6a8d-4ce1-b9f1-3d13cf0a8d88 Show response
https://www.thenewstribune.com/ 311 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/81fdb862-6a8d-4ce1-b9f1-3d13cf0a8d88
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ooizl-ynbs/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f02ec72066c988a60898d46ae83e2679cffa7f8443454998c2c3ab46de936992

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 311
Content-Type: [object object]

GET
BLOB 200
OK 4b7a0d23-2733-4e7a-81c0-203731292523 Show response
https://www.thenewstribune.com/ 362 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/4b7a0d23-2733-4e7a-81c0-203731292523
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ooizl-ynbs/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d89fcffc0f013b852144e04aa7a737bb546d07b34e548d8a4921ab04df726082

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 362
Content-Type: [object object]

GET
BLOB 200
OK 50f74b02-5ee7-4090-88e4-8087375d5f1a Show response
https://www.thenewstribune.com/ 323 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/50f74b02-5ee7-4090-88e4-8087375d5f1a
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ooizl-ynbs/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 949b0b9bf6768359f6f85d4b5c112de352e47a7f476f0f47c1574a1e26f3f8e7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 323
Content-Type: [object object]

GET
BLOB 200
OK 60a57e24-217d-4f21-b692-6346da6effc2 Show response
https://www.thenewstribune.com/ 313 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/60a57e24-217d-4f21-b692-6346da6effc2
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ooizl-ynbs/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 830cac2a8908afc16e114cd8393040e1cf11977a968af0c0dd052d592868ea16

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 313
Content-Type: [object object]

GET
BLOB 200
OK ea49ffe8-e799-47dc-bbf7-d6ebea1a396e Show response
https://www.thenewstribune.com/ 290 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/ea49ffe8-e799-47dc-bbf7-d6ebea1a396e
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ooizl-ynbs/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60c67b61c036e739d02f7ede3743012003c6bf06788c9fba601b65983c0a0ab3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 290
Content-Type: [object object]

GET
BLOB 200
OK 6f2b7ca8-c70b-40fa-b8d2-bb1ee9824584 Show response
https://www.thenewstribune.com/ 299 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/6f2b7ca8-c70b-40fa-b8d2-bb1ee9824584
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ooizl-ynbs/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a6a1024807e3504d93d0fc26e07281450105e97e36169a178243b9856dad356

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 299
Content-Type: [object object]

GET
BLOB 200
OK 8dacd346-81f0-4c07-a66b-ee404f6dd56d Show response
https://www.thenewstribune.com/ 359 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/8dacd346-81f0-4c07-a66b-ee404f6dd56d
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ooizl-ynbs/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 650587719d00d216eff81b7a8feade391863ace124e282d62018b1df5fd75f92

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 359
Content-Type: [object object]

GET
BLOB 200
OK 1be63eb8-e695-49a6-996b-8e0d1c35530a Show response
https://www.thenewstribune.com/ 313 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/1be63eb8-e695-49a6-996b-8e0d1c35530a
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ooizl-ynbs/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: becd124e0894570d928778df3677413aa7c44cb86e63e4592ccb117d3f2a5b21

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 313
Content-Type: [object object]

GET
BLOB 200
OK 2419f2e7-3f43-4225-83c9-3c53ae594066 Show response
https://www.thenewstribune.com/ 325 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/2419f2e7-3f43-4225-83c9-3c53ae594066
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ooizl-ynbs/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 359ca6d9de759ae6cc10299b0952d454830da1b9f1109146dc4626685b898258

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 325
Content-Type: [object object]

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 2 B
153 B 231ms
231ms Fetch
application/json 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ooizl-ynbs/thenewstribunecore.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thenewstribune.com/
accept-language: de-DE,de;q=0.9
Authorization: Api-Key client-G6ik2oCuLtpn6c9TpIT8ZRXe4JHPDDn9
X-Amp-Exp-User: eyJsaWJyYXJ5IjoiZXhwZXJpbWVudC1qcy1jbGllbnQvMS43LjEiLCJkZXZpY2VfaWQiOiI0NWFkOWZkNS0zNTQ4LTRlMmQtOGYzNy0yMDk4MTFmZWRjNjYiLCJ1c2VyX3Byb3BlcnRpZXMiOnsiYnVzaW5lc3NfdW5pdCI6IlROVCIsImNhbm9uaWNhbF91cmwiOiJodHRwczovL3d3dy50aGVuZXdzdHJpYnVuZS5jb20vIiwiY21zX2lkIjoiSG9tZXBhZ2U6NzEwMSIsImNvbnRlbnRfc2VydmljZSI6IlByb2R1Y3Q6IEVzY2VuaWMiLCJmdWxsX3VybCI6Imh0dHBzOi8vd3d3LnRoZW5ld3N0cmlidW5lLmNvbS8iLCJwYWdlX2xldmVsIjoiSG9tZSIsInBhZ2VfbmFtZSI6IkhvbWU6SG9tZXBhZ2UiLCJwYWdlX3BhdGgiOiIvIiwicHVibGljYXRpb25fbmFtZSI6IlRoZSBOZXdzIFRyaWJ1bmUiLCJyZWZlcnJpbmdfaG9zdCI6Im5vX3JlZmVycmVyIiwic2VjdGlvbiI6IkhvbWVwYWdlIiwic2VydmVyIjoid3d3LnRoZW5ld3N0cmlidW5lLmNvbSIsInRheG9ub215IjoiX0hvbWVQYWdlfHx8fCIsInVybCI6Imh0dHBzOi8vd3d3LnRoZW5ld3N0cmlidW5lLmNvbS8ifX0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: cache-hhn-etou8220079-HHN
date: Wed, 21 Dec 2022 02:21:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
age: 0
x-timer: S1671589274.837901,VS0,VE209
x-amzn-trace-id: Root=1-63a26d99-1b91073509dbc47975fd73fa
vary: Origin, Origin
x-cache: MISS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 2
x-cache-hits: 0

POST
H2 200 interact Show response
edge.adobedc.net/ee/v1/ 3 KB
2 KB 551ms
240ms Fetch
application/json 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://edge.adobedc.net/ee/v1/interact?configId=462177a8-1012-4e47-aee6-a4f6f3154a6b&requestId=4c502c7e-95fd-481e-991d-2ef62946485c

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ooizl-ynbs/thenewstribunecore.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

e94d05953e24fb7bb0feb46cd12039076bf8b019b7419115626873f79e5916c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thenewstribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Wed, 21 Dec 2022 02:21:13 GMT
content-encoding: deflate
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-rate-limit-remaining: 599
x-adobe-edge: IRL1;6
x-xss-protection: 1; mode=block
x-request-id: 4c502c7e-95fd-481e-991d-2ef62946485c
server: jag
vary: Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
x-konductor: 22.11.2:836cd9b5

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Y6JtmQAAAH_v_wNn
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=22915593495693395901934303105514401542
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y6JtmQAAAH_v_wNn

42 B
942 B

682ms
135ms

Image
image/gif

34.249.28.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y6JtmQAAAH_v_wNn

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/

Protocol

HTTP/1.1

Server

34.249.28.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-28-111.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v045-0327f6936.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 7OI2sPj/Qlk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y6JtmQAAAH_v_wNn
Date: Wed, 21 Dec 2022 02:21:13 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEMn6KVy5cYguYc9yygdA_rw&google_cver=1
dpm.demdex.net/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MjI5MTU1OTM0OTU2OTMzOTU5MDE5MzQzMDMxMDU1MTQ0MDE1NDI=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MjI5MTU1OTM0OTU2OTMzOTU5MDE5MzQzMDMxMDU1MTQ0MDE1NDI=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEMn6KVy5cYguYc9yygdA_rw&google_cver=1?gdpr=0&gdpr_consent=

42 B
942 B

759ms
141ms

Image
image/gif

34.249.28.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEMn6KVy5cYguYc9yygdA_rw&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/

Protocol

HTTP/1.1

Server

34.249.28.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-28-111.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v045-08c859e6d.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: lpbbvf7KSXA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 21 Dec 2022 02:21:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEMn6KVy5cYguYc9yygdA_rw&google_cver=1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://sync-tm.everesttech.net/ct/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64E...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTZKdG1RQUZoaGRxaWdBbw==&_test=Y6JtmQAFhhdqigAo

170 B
188 B

35ms
32ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTZKdG1RQUZoaGRxaWdBbw==&_test=Y6JtmQAFhhdqigAo

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 02:21:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-hhn-etou8220068-HHN
pragma: no-cache
date: Wed, 21 Dec 2022 02:21:13 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1671589274.753283,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTZKdG1RQUZoaGRxaWdBbw==&_test=Y6JtmQAFhhdqigAo
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90&_test=Y6JtmQAAAkFqmgAo
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y6JtmQAAAkFqmgAo&expires=90&_test=Y6JtmQAAAkFqmgAo

0
239 B

109ms
22ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y6JtmQAAAkFqmgAo&expires=90&_test=Y6JtmQAAAkFqmgAo
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by: cache-hhn-etou8220068-HHN
pragma: no-cache
date: Wed, 21 Dec 2022 02:21:13 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1671589274.757347,VS0,VE0
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y6JtmQAAAkFqmgAo&expires=90&_test=Y6JtmQAAAkFqmgAo
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y6JtmQAFAnJLBgAe
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6JtmQAFAnJLBgAe&_test=Y6JtmQAFAnJLBgAe
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6JtmQAFAnJLBgAe&_test=Y6JtmQAFAnJLBgAe&C=1

43 B
766 B

23ms
22ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6JtmQAFAnJLBgAe&_test=Y6JtmQAFAnJLBgAe&C=1
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Dec 2022 02:21:13 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 21 Dec 2022 02:21:13 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=88&external_user_id=Y6JtmQAFAnJLBgAe&_test=Y6JtmQAFAnJLBgAe&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H2

200

UH6TUt9n
sync-tm.everesttech.net/ct/upi/pid/
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D&_test=Y6JtmQAADtFMhwAe

85 B
148 B

21ms
20ms

Image
image/png

151.101.130.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D&_test=Y6JtmQAADtFMhwAe
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Server: 151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: cache-hhn-etou8220068-HHN
pragma: no-cache
date: Wed, 21 Dec 2022 02:21:13 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
age: 815
x-timer: S1671589274.889453,VS0,VE0
x-cache: HIT
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
content-length: 85
x-cache-hits: 1319

Redirect headers

x-served-by: cache-hhn-etou8220068-HHN
pragma: no-cache
date: Wed, 21 Dec 2022 02:21:13 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1671589274.643174,VS0,VE177
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://sync-tm.everesttech.net/ct/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D&_test=Y6JtmQAADtFMhwAe
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=Y6JtmQAAASfnVQAZ
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y6JtmQAAASfnVQAZ&_test=Y6JtmQAAASfnVQAZ

43 B
273 B

116ms
29ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y6JtmQAAASfnVQAZ&_test=Y6JtmQAAASfnVQAZ
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 02:21:13 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by: cache-hhn-etou8220068-HHN
pragma: no-cache
date: Wed, 21 Dec 2022 02:21:13 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1671589274.770284,VS0,VE0
x-cache: HIT
location: https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y6JtmQAAASfnVQAZ&_test=Y6JtmQAAASfnVQAZ
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BU...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y6JtmQAAASfnZAAZ&_test=Y6JtmQAAASfnZAAZ

1 B
450 B

100ms
28ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y6JtmQAAASfnZAAZ&_test=Y6JtmQAAASfnZAAZ
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 21 Dec 2022 02:21:13 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

x-served-by: cache-hhn-etou8220068-HHN
pragma: no-cache
date: Wed, 21 Dec 2022 02:21:13 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1671589274.779820,VS0,VE0
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y6JtmQAAASfnZAAZ&_test=Y6JtmQAAASfnZAAZ
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

h0r58thg
sync-tm.everesttech.net/ct/upi/pid/
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync-tm.everesttech.net/ct/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1&_test=Y6JtmQAAAEVmiwAp

85 B
179 B

24ms
20ms

Image
image/png

151.101.130.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1&_test=Y6JtmQAAAEVmiwAp
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Server: 151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: cache-hhn-etou8220068-HHN
pragma: no-cache
date: Wed, 21 Dec 2022 02:21:13 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
age: 815
x-timer: S1671589274.779821,VS0,VE0
x-cache: HIT
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
content-length: 85
x-cache-hits: 1318

Redirect headers

x-served-by: cache-hhn-etou8220068-HHN
pragma: no-cache
date: Wed, 21 Dec 2022 02:21:13 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1671589274.659964,VS0,VE93
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://sync-tm.everesttech.net/ct/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1&_test=Y6JtmQAAAEVmiwAp
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

b.php
www.facebook.com/fr/
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://sync-tm.everesttech.net/ct/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0&_test=Y6JtmQAFiANsYgAo
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y6JtmQAFiANsYgAo&t=2592000&o=0&_test=Y6JtmQAFiANsYgAo

43 B
553 B

108ms
50ms

Image
image/gif

2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y6JtmQAFiANsYgAo&t=2592000&o=0&_test=Y6JtmQAFiANsYgAo

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/

Protocol

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 18:21:14 PST
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
pragma: public
x-fb-debug: 0jc7VOEZk2qAXKW4siDLHovtbJs1TltRw5NGR1zHl4r6M60w0q4W1SxUOzwHjYgcE2u13vknBuIJ+0NddXgF2A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: image/gif
cache-control: public, max-age=0
expires: Tue, 20 Dec 2022 18:21:14 PST

Redirect headers

x-served-by: cache-hhn-etou8220068-HHN
pragma: no-cache
date: Wed, 21 Dec 2022 02:21:13 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1671589274.945669,VS0,VE0
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y6JtmQAFiANsYgAo&t=2592000&o=0&_test=Y6JtmQAFiANsYgAo
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
BLOB 200
OK 121c6c6b-cb8c-4ae1-8047-d7079f914a35 Show response
https://www.thenewstribune.com/ 370 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/121c6c6b-cb8c-4ae1-8047-d7079f914a35
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ooizl-ynbs/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 989452e4449bc3fbf39cf293bd39dc561a02f5e56eba451d16d11995937dc80a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 370
Content-Type: [object object]

GET
H2 200 pdp.gif
www.thenewstribune.com/ooizl-ynbs/ 42 B
384 B 364ms
364ms Image
image/gif 184.24.0.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/ooizl-ynbs/pdp.gif?k=eyJpZCI6Im1pX2FzX3RudF8yMjM5MzA3NjMxNDEyMDk4OTI5MTg3NTQyNDk4NTEzNjQzNzQyNV8xXzBfMTY3MTU4OTI3MzU1NiIsImRvbUludGVyYWN0aXZlIjozMDUyLCJyZXF1ZXN0U3RhcnQiOjI2MjF9
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.0.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-0-132.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:13 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 56774
content-length: 42
last-modified: Mon, 19 Dec 2022 14:02:19 GMT
server: MI
etag: "2a-5f02ec47950c0"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 751577717 613986336
content-type: image/gif
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=604800
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
BLOB 200
OK eae28ddd-14e1-44ff-938c-57de6a326434 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/eae28ddd-14e1-44ff-938c-57de6a326434
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ooizl-ynbs/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8c5bf6b2240ae5d5a9f66ca1db2bb6d97e1712e28362e0b1fea61583f533289e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 784f1ed3-b143-48f9-8a7e-70ce68e6f8f8 Show response
https://www.thenewstribune.com/ Frame DF91 327 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/784f1ed3-b143-48f9-8a7e-70ce68e6f8f8
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 242013aa9859153b059201f37aa2f3ee54042ebdcd50b6ed96aa4a9d2ae5e4d7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 327
Content-Type: text/javascript

GET
BLOB 200
OK fffe4227-de28-48d0-86e5-217c6c0dfb9f Show response
https://www.thenewstribune.com/ Frame 18FE 344 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/fffe4227-de28-48d0-86e5-217c6c0dfb9f
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2535815833746fe6683a50cac72e5025b099db7b21e6a5b3896e01973c91050

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 344
Content-Type: text/javascript

GET
BLOB 200
OK 43a1a090-09ac-4d0f-ab15-9cf622597da6 Show response
https://www.thenewstribune.com/ Frame 7E95 642 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/43a1a090-09ac-4d0f-ab15-9cf622597da6
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2e14cb9b8fdd6c0d0385c77700342ebabc3f7e225aacc024cbf060154836a4c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 642
Content-Type: text/javascript

GET
BLOB 200
OK f3252290-1212-4d84-ad0e-af9f984ce822 Show response
https://www.thenewstribune.com/ Frame 2D0C 433 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/f3252290-1212-4d84-ad0e-af9f984ce822
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a344d4c39d7f2c3be22d25f42778f132f3b154494dc03de8ca404f2d8ecc771c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 433
Content-Type: text/javascript

GET
BLOB 200
OK c497b8db-bc25-4d61-b490-cc3d7dd31077 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/c497b8db-bc25-4d61-b490-cc3d7dd31077
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ooizl-ynbs/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 861800a5f92c43690112a0dd11d031424bd6972effad3221efab1df2528dab95

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

OPTIONS
H2 200 6317514829112
edge.api.brightcove.com/playback/v1/accounts/5615998024001/videos/ Frame 0
0 83ms
20ms Preflight 151.101.66.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5615998024001/videos/6317514829112
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: accept
Access-Control-Request-Method: GET
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
access-control-allow-methods: HEAD,GET,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Wed, 21 Dec 2022 02:21:13 GMT
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-hhn-etou8220073-HHN
x-timer: S1671589274.726879,VS0,VE0

OPTIONS
H2 200 6317566375112
edge.api.brightcove.com/playback/v1/accounts/5615998024001/videos/ Frame 0
0 77ms
21ms Preflight 151.101.66.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5615998024001/videos/6317566375112
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: accept
Access-Control-Request-Method: GET
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
access-control-allow-methods: HEAD,GET,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Wed, 21 Dec 2022 02:21:13 GMT
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-hhn-etou8220073-HHN
x-timer: S1671589274.726879,VS0,VE0

OPTIONS
H2 200 6317562712112
edge.api.brightcove.com/playback/v1/accounts/5615998024001/videos/ Frame 0
0 73ms
22ms Preflight 151.101.66.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5615998024001/videos/6317562712112
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: accept
Access-Control-Request-Method: GET
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
access-control-allow-methods: HEAD,GET,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Wed, 21 Dec 2022 02:21:13 GMT
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-hhn-etou8220073-HHN
x-timer: S1671589274.727161,VS0,VE0

GET
H2 200 6317514829112 Show response
edge.api.brightcove.com/playback/v1/accounts/5615998024001/videos/ 6 KB
6 KB 25ms
23ms Fetch
application/json 151.101.66.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5615998024001/videos/6317514829112
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/wps/build/webpack/videoStory.bundle-e7e9c63f9edd65104079.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2c392b8be4a90abe27bb228727d79c85c572774a605d1d37e5f023e11ccf19db

Request headers

Accept: application/json;pk=BCpkADawqM1wLoCFSLwIiCm7OVRi8nKw-7SLYxrVkjX4Oo0AgPpStoMJloK1GctDgzAwtzFhN1b36rVSJsCHx0xAVj8zX3aURNz-UuXqhAyz46a7byeXUZh9aVDNXab1WeYYnGWTAkat2yMs
Referer: https://www.thenewstribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

bc-override-client-ip: 89.163.242.73
date: Wed, 21 Dec 2022 02:21:13 GMT
powered-from: us-east-1b
bcov-request-id: 2daa2525-7a29-414a-8e1f-b40ce7324ea7
via: 1.1 varnish
age: 2383
policy-key-accountid: 5615998024001
x-cache: HIT
powered-by: BC
content-length: 6089
x-served-by: cache-hhn-etou8220073-HHN
policy-key-raw: BCpkADawqM1wLoCFSLwIiCm7OVRi8nKw-7SLYxrVkjX4Oo0AgPpStoMJloK1GctDgzAwtzFhN1b36rVSJsCHx0xAVj8zX3aURNz-UuXqhAyz46a7byeXUZh9aVDNXab1WeYYnGWTAkat2yMs
x-timer: S1671589274.750751,VS0,VE1
access-control-allow-methods: HEAD,GET,OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
cache-control: max-age=0, no-cache, no-store
account-status: APPROVED
accept-ranges: bytes
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
x-cache-hits: 1

GET
H2 200 6317566375112 Show response
edge.api.brightcove.com/playback/v1/accounts/5615998024001/videos/ 7 KB
7 KB 24ms
23ms Fetch
application/json 151.101.66.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5615998024001/videos/6317566375112
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/wps/build/webpack/videoStory.bundle-e7e9c63f9edd65104079.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: bc21cd63148182df5b237359c9a6c017f90f5dc3d3427684fef1c8011c221071

Request headers

Accept: application/json;pk=BCpkADawqM1wLoCFSLwIiCm7OVRi8nKw-7SLYxrVkjX4Oo0AgPpStoMJloK1GctDgzAwtzFhN1b36rVSJsCHx0xAVj8zX3aURNz-UuXqhAyz46a7byeXUZh9aVDNXab1WeYYnGWTAkat2yMs
Referer: https://www.thenewstribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

bc-override-client-ip: 165.225.200.145
date: Wed, 21 Dec 2022 02:21:13 GMT
powered-from: us-east-1a
bcov-request-id: 8fa0580c-613f-4d97-a09b-4666bc14e441
via: 1.1 varnish
age: 4338
policy-key-accountid: 5615998024001
x-cache: HIT
powered-by: BC
content-length: 7398
x-served-by: cache-hhn-etou8220073-HHN
policy-key-raw: BCpkADawqM1wLoCFSLwIiCm7OVRi8nKw-7SLYxrVkjX4Oo0AgPpStoMJloK1GctDgzAwtzFhN1b36rVSJsCHx0xAVj8zX3aURNz-UuXqhAyz46a7byeXUZh9aVDNXab1WeYYnGWTAkat2yMs
x-timer: S1671589274.750962,VS0,VE1
access-control-allow-methods: HEAD,GET,OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
cache-control: max-age=0, no-cache, no-store
account-status: APPROVED
accept-ranges: bytes
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
x-cache-hits: 1

GET
H2 200 6317562712112 Show response
edge.api.brightcove.com/playback/v1/accounts/5615998024001/videos/ 6 KB
6 KB 23ms
22ms Fetch
application/json 151.101.66.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5615998024001/videos/6317562712112
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/wps/build/webpack/videoStory.bundle-e7e9c63f9edd65104079.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 36e04bcb421a2adcdd0265b94a9c26b7b8efb84a2ef1094e012408c72ee2731a

Request headers

Accept: application/json;pk=BCpkADawqM1wLoCFSLwIiCm7OVRi8nKw-7SLYxrVkjX4Oo0AgPpStoMJloK1GctDgzAwtzFhN1b36rVSJsCHx0xAVj8zX3aURNz-UuXqhAyz46a7byeXUZh9aVDNXab1WeYYnGWTAkat2yMs
Referer: https://www.thenewstribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

bc-override-client-ip: 43.157.109.195
date: Wed, 21 Dec 2022 02:21:13 GMT
powered-from: us-east-1b
bcov-request-id: e2fb4370-bf6a-4a83-bcde-577274392ccb
via: 1.1 varnish
age: 6514
policy-key-accountid: 5615998024001
x-cache: HIT
powered-by: BC
content-length: 6021
x-served-by: cache-hhn-etou8220073-HHN
policy-key-raw: BCpkADawqM1wLoCFSLwIiCm7OVRi8nKw-7SLYxrVkjX4Oo0AgPpStoMJloK1GctDgzAwtzFhN1b36rVSJsCHx0xAVj8zX3aURNz-UuXqhAyz46a7byeXUZh9aVDNXab1WeYYnGWTAkat2yMs
x-timer: S1671589274.750923,VS0,VE1
access-control-allow-methods: HEAD,GET,OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
cache-control: max-age=0, no-cache, no-store
account-status: APPROVED
accept-ranges: bytes
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
x-cache-hits: 1

GET
H2 200 6317147089112 Show response
edge.api.brightcove.com/playback/v1/accounts/5615998024001/videos/ 8 KB
8 KB 162ms
161ms Fetch
application/json 151.101.66.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5615998024001/videos/6317147089112
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/wps/build/webpack/videoStory.bundle-e7e9c63f9edd65104079.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e1482b4682d8c319e429299882caefb8e5a1ef1f920e5d6ba94f37e1c018c1e0

Request headers

Accept: application/json;pk=BCpkADawqM1wLoCFSLwIiCm7OVRi8nKw-7SLYxrVkjX4Oo0AgPpStoMJloK1GctDgzAwtzFhN1b36rVSJsCHx0xAVj8zX3aURNz-UuXqhAyz46a7byeXUZh9aVDNXab1WeYYnGWTAkat2yMs
Referer: https://www.thenewstribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

bc-override-client-ip: 217.114.215.131
date: Wed, 21 Dec 2022 02:21:13 GMT
powered-from: us-east-1a
bcov-request-id: 2e35147d-af81-401d-9c5f-c28bb91fb7c2
via: 1.1 varnish
age: 0
policy-key-accountid: 5615998024001
x-cache: MISS
powered-by: BC
content-length: 7723
x-served-by: cache-hhn-etou8220073-HHN
policy-key-raw: BCpkADawqM1wLoCFSLwIiCm7OVRi8nKw-7SLYxrVkjX4Oo0AgPpStoMJloK1GctDgzAwtzFhN1b36rVSJsCHx0xAVj8zX3aURNz-UuXqhAyz46a7byeXUZh9aVDNXab1WeYYnGWTAkat2yMs
x-timer: S1671589274.750929,VS0,VE141
access-control-allow-methods: HEAD,GET,OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
cache-control: max-age=0, no-cache, no-store
account-status: APPROVED
accept-ranges: bytes
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
x-cache-hits: 0

OPTIONS
H2 200 6317147089112
edge.api.brightcove.com/playback/v1/accounts/5615998024001/videos/ Frame 0
0 69ms
21ms Preflight 151.101.66.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5615998024001/videos/6317147089112
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: accept
Access-Control-Request-Method: GET
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
access-control-allow-methods: HEAD,GET,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Wed, 21 Dec 2022 02:21:13 GMT
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-hhn-etou8220073-HHN
x-timer: S1671589274.727008,VS0,VE0

GET
H2 200 p.js Show response
cdn.parsely.com/keys/thenewstribune.com/ 66 KB
23 KB 92ms
25ms Script
application/javascript 18.66.100.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/thenewstribune.com/p.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/eae28ddd-14e1-44ff-938c-57de6a326434
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.100.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-100-58.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: e2f603f1c3d380a4e66add278127064b269dcf63c203aea18eb166d3e54113bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: public
date: Wed, 21 Dec 2022 01:19:31 GMT
content-encoding: gzip
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
last-modified: Wed, 16 Feb 2022 18:59:58 GMT
server: nginx
x-amz-cf-pop: FRA56-P2
age: 3722
etag: W/"620d49ae-1070e"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: xBD0YPiHp1DLFjQv3-s2pVxQ4qHa2u_76f63PvAxaevQMzhI7QhLqA==
expires: Thu, 22 Dec 2022 01:19:11 GMT

GET
H2 200 i.js Show response
tag.wknd.ai/3749/ 90 KB
39 KB 134ms
25ms Script
text/plain 34.120.253.250
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.wknd.ai/3749/i.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/784f1ed3-b143-48f9-8a7e-70ce68e6f8f8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 250.253.120.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: 65506e8cec16ec70de94523c92f3a9e2103c276cc1f33080c5276aacd49a2232

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:04:06 GMT
content-encoding: gzip
via: 1.1 google
age: 1027
x-envoy-upstream-service-time: 3
x-region: us-central1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39810
server: istio-envoy
etag: 6d04c1f878e3af
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=60
timing-allow-origin: *
link: <https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://data.cdnbasket.net>; rel=dns-prefetch, <https://page.cdnbasket.net>; rel=dns-prefetch, <https://view.cdnbasket.net>; rel=dns-prefetch, <https://ids.cdnwidget.com>; rel=dns-prefetch, <https://u.cdnwidget.com>; rel=dns-prefetch, <https://pix.cdnwidget.com>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect, <https://pd.cdnwidget.com>; rel=preconnect

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame 18FE 4 KB
2 KB 88ms
22ms Script
application/javascript 13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/fffe4227-de28-48d0-86e5-217c6c0dfb9f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 05:20:02 GMT
content-encoding: gzip
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 75672
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: evG8QRwdVVsYBDEUR23Ong0y0wjB0gif-RwdmPFClSR7aFyWkdyszQ==

GET
H/1.1 200
OK last-event-tag-latest.min.js Show response
www.everestjs.net/static/le/ Frame 7E95 7 KB
3 KB 81ms
23ms Script
application/javascript 184.24.21.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.everestjs.net/static/le/last-event-tag-latest.min.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/43a1a090-09ac-4d0f-ab15-9cf622597da6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.21.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-21-142.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: abb45ae4b3a896ae99132c1786a9676218c119ea552d3fbb5ab6d40d9e05e43c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: null
Content-Encoding: gzip
Date: Wed, 21 Dec 2022 02:21:13 GMT
Last-Modified: Wed, 16 Jun 2021 15:18:41 GMT
Server: AmazonS3
x-amz-request-id: AZQK54AKFY0PJ8G7
ETag: "d5991c18a0042eb33f92c6b5b44ffe8d"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2663
x-amz-id-2: L0Rf6eF2QjJZMqCrTnaGL8Ek/B42QYYzgpVE7aAorf4gtAEGh6yZoNUoJvYOtIiUbvLlottVl+c=

GET
H3

200

ml.br.js Show response
js.matheranalytics.com/static/ltm/ma12095/all/10/ Frame 2D0C
Redirect Chain

https://js.matheranalytics.com/s/ma12095/74930801/all/ml.js?cb=1612
https://js.matheranalytics.com/static/ltm/ma12095/all/10/ml.br.js

147 KB
43 KB

72ms
24ms

Script
application/x-javascript

107.178.250.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.matheranalytics.com/static/ltm/ma12095/all/10/ml.br.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H3
Server: 107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.250.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: 292ca9e09a900cde3c17a06720d49db893fc24582958ff8ebad02b22b1a5cbcb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 20:24:35 GMT
content-encoding: br
via: 1.1 google
last-modified: Tue, 01 Nov 2022 21:50:54 GMT
server: nginx
age: 21399
etag: "df0f26567e618c28df8235fe9b93c4ef"
vary: Accept-Encoding
x-cache: HIT Sun, 18 Dec 2022 06:15:12 GMT
content-type: application/x-javascript
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43649

Redirect headers

date: Wed, 21 Dec 2022 02:21:13 GMT
via: 1.1 google
server: nginx
vary: Accept-Encoding
location: https://js.matheranalytics.com/static/ltm/ma12095/all/10/ml.br.js
cache-control: public, max-age=269200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by: 3-gc-europe-west6-8j340949

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 536 KB
149 KB 130ms
28ms Script
application/x-javascript 88.221.169.59
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/c497b8db-bc25-4d61-b490-cc3d7dd31077
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.169.59 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-59.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 14e707178a0b672b479215bb15ed37912fd2a3cbe020d9f4f71269fb89c245d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 21 Dec 2022 02:21:13 GMT
Content-Encoding: gzip
x-amz-request-id: 024KYDC99A6114MY
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: 7tE+2CMLDD5BNDBqi1qfF94IVqOEVgapt9i7xklf+fhUWOnQyKQ4BAQZIhCTAtoLRKRXvzg49nM=
Last-Modified: Fri, 16 Dec 2022 21:32:35 GMT
Server: AmazonS3
ETag: "4f9f244a6d1c98dafe98c9b8b18b1fbb"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 221212%20cb%20all-area%202022%20portraits_19.JPG
www.thenewstribune.com/latest-news/yssvfm/picture269911377/alternates/FREE_1140/ 95 KB
96 KB 26ms
25ms Image
image/jpeg 184.24.0.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/latest-news/yssvfm/picture269911377/alternates/FREE_1140/221212%20cb%20all-area%202022%20portraits_19.JPG
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.0.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-0-132.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 152131a6267a21f10489e687d5f7e48ac8eefc54db6a978d6cd0d8ea4e148650

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:13 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 231789
content-length: 97219
last-modified: Mon, 12 Dec 2022 22:07:05 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "6f65f1efb00a0db076d0a5931668cb3f"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 243565812, 534120893 742032277
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=135232
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 pipes%20(2)
www.thenewstribune.com/news/local/xmlxl6/picture124045269/alternates/FREE_1140/ 192 KB
193 KB 33ms
33ms Image
image/jpeg 184.24.0.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/news/local/xmlxl6/picture124045269/alternates/FREE_1140/pipes%20(2)
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.0.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-0-132.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 8b77f571208a0eb6891d6e3e3abb22802b57c0f1efc364215a955ab9d7cab282

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:13 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 257462
content-length: 196771
last-modified: Tue, 03 Jan 2017 15:58:54 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "b06f43dae9cbcbc020049c812fc338a5"
mi-cache: MISS
access-control-max-age: 86400
x-varnish: 802656640 189826180, 756778398
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=305076
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 GettyImages-1299898661.jpg
www.thenewstribune.com/latest-news/anw7s3/picture262738547/alternates/FREE_320/ 10 KB
11 KB 32ms
32ms Image
image/jpeg 184.24.0.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/latest-news/anw7s3/picture262738547/alternates/FREE_320/GettyImages-1299898661.jpg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.0.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-0-132.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 2c209cd92b9532c63ed800dc6e82cc54ee5c860603cfc3940c00084203fc81f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:13 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 34926
content-length: 10695
last-modified: Tue, 21 Jun 2022 21:01:11 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "51fae0116782e843ac80b624390dd45d"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 760776544 715955507
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=562495
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

POST
H2 200 238 Show response
n817.thenewstribune.com/DG/DEFAULT/rest/rpc/ 7 KB
3 KB 396ms
389ms XHR
application/json 2600:9000:2491:c800:16:f649:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://n817.thenewstribune.com/DG/DEFAULT/rest/rpc/238?referer=https%3A%2F%2Fwww.thenewstribune.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2022-12-21T02%3A21%3A13%2B00%3A00&ts=1671589273760

Requested by

Host: n817.thenewstribune.com
URL: https://n817.thenewstribune.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:c800:16:f649:1500:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

- /

Resource Hash

4eafe527720a57f38f56582f14808a90af591621f7c37b6aee22c6524f479531

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thenewstribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 21 Dec 2022 02:21:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 1576
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: 8yZV-RUVq1GSfl_zg0Djsv4oWY7GBxYHDWL9Iw7Dbmz1Dkg4apKBTw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998024001/7192fbc2-a9b1-4a6f-ae7c-6f7f515d53dc/40ac7aab-1009-484a-a54b-7f8993259d6b/1280x720/match/ 0
0

GET
H/1.1 200
OK play-button.png
s3.amazonaws.com/cdn.jukeboxu.com/brightcove/nextgen/buttons/ 9 KB
9 KB 355ms
132ms Image
image/png 52.217.65.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.jukeboxu.com/brightcove/nextgen/buttons/play-button.png
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.65.78 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 45f08f27c7337d189e8c31e635b5d0a0781b273131135cd77ee8b6f12366e7a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 21 Dec 2022 02:21:15 GMT
x-amz-version-id: null
Last-Modified: Wed, 22 Apr 2015 01:47:56 GMT
Server: AmazonS3
x-amz-request-id: TRD9CEWZK27DSZA7
ETag: "182516d4ba61695d505ca0bd246f63fb"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 8810
x-amz-id-2: 32DwJrGoNaYyT/wJS1c3A6n7frQEGBmKNbmLhuQimmu3ItGmJYmFCqnkAwTkCZjd90EdiDQtzAI=

GET image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998024001/8d55dfe8-630f-4b7d-8f32-301469879db5/5810e08b-6a65-49d5-927c-c7996520926a/1280x720/match/ 0
0

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998024001/8d55dfe8-630f-4b7d-8f32-301469879db5/5810e08b-6a65-49d5-927c-c7996520926a/1280x720/match/ 208 KB
209 KB 24ms
24ms Image
image/jpeg 13.32.99.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998024001/8d55dfe8-630f-4b7d-8f32-301469879db5/5810e08b-6a65-49d5-927c-c7996520926a/1280x720/match/image.jpg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-38.fra60.r.cloudfront.net
Software: / BC
Resource Hash: 30d47a6c910e4ef2a4434903a30f1f289c008551250fc6bd2c70651e0761705a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 23:45:34 GMT
Via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Amz-Cf-Pop: FRA60-P3
X-Powered-From: gantry
X-Powered-By: BC
Age: 9339
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
X-Amz-Cf-Id: RhtR8aUISy590SSKrMpFBeBvCaO2Sy5L80ip3lLsPHxV0Bb42Dd1OA==
Expires: Wed, 20 Dec 2023 23:45:34 GMT

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998024001/7192fbc2-a9b1-4a6f-ae7c-6f7f515d53dc/40ac7aab-1009-484a-a54b-7f8993259d6b/1280x720/match/ 228 KB
228 KB 21ms
21ms Image
image/jpeg 13.32.99.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998024001/7192fbc2-a9b1-4a6f-ae7c-6f7f515d53dc/40ac7aab-1009-484a-a54b-7f8993259d6b/1280x720/match/image.jpg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-38.fra60.r.cloudfront.net
Software: / BC
Resource Hash: 9de8287131e2598e3407c73ce9501c58797c1c8180e729b8420e6ea793654ad8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 23:17:02 GMT
Via: 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Amz-Cf-Pop: FRA60-P3
X-Powered-From: gantry
X-Powered-By: BC
Age: 11051
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
X-Amz-Cf-Id: QU2z07WdpoY2dJaDqRFF2VxWynoHhmfhAFRAG24BrbHijbQqRovj_g==
Expires: Wed, 20 Dec 2023 23:17:02 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998024001/7192fbc2-a9b1-4a6f-ae7c-6f7f515d53dc/40ac7aab-1009-484a-a54b-7f8993259d6b/1280x720/match/image.jpg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-38.fra60.r.cloudfront.net
Software: / BC
Resource Hash: 9de8287131e2598e3407c73ce9501c58797c1c8180e729b8420e6ea793654ad8

Request headers

Referer: https://www.thenewstribune.com/
Origin: https://www.thenewstribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 23:30:51 GMT
Via: 1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Amz-Cf-Pop: FRA60-P3
X-Powered-From: gantry
X-Powered-By: BC
Age: 10222
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
X-Amz-Cf-Id: Ru54mg2UzeHLdw0EcWVXU_HVeNyCoM4zlvBWuMAe63jZco1AlhSkxg==
Expires: Wed, 20 Dec 2023 23:30:51 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998024001/8d55dfe8-630f-4b7d-8f32-301469879db5/5810e08b-6a65-49d5-927c-c7996520926a/1280x720/match/image.jpg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-38.fra60.r.cloudfront.net
Software: / BC
Resource Hash: 30d47a6c910e4ef2a4434903a30f1f289c008551250fc6bd2c70651e0761705a

Request headers

Referer: https://www.thenewstribune.com/
Origin: https://www.thenewstribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 21 Dec 2022 00:09:04 GMT
Via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Amz-Cf-Pop: FRA60-P3
X-Powered-From: gantry
X-Powered-By: BC
Age: 7929
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
X-Amz-Cf-Id: byb6gFR84J6gExzJOUVw3Xlp708MOgjhdgFMmQlt--JKiWWjMvF-bg==
Expires: Thu, 21 Dec 2023 00:09:04 GMT

OPTIONS
H/1.1 200
OK 6317562712112
publicapi.misitemgr.com/webapi-public/v2/publications/thenewstribune/related/ Frame 0
0 1710ms
139ms Preflight 166.108.36.240
MCCLATCHY-CORP

General

Check archive.org

Show headers Download Go to

Full URL: https://publicapi.misitemgr.com/webapi-public/v2/publications/thenewstribune/related/6317562712112
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 166.108.36.240 , United States, ASN6118 (MCCLATCHY-CORP, US),
Reverse DNS: vnet846.ejoco.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-forwarded-host
Access-Control-Request-Method: GET
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Headers: X-Forwarded-Host
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://www.thenewstribune.com
Access-Control-Max-Age: 86400
Cache-Control: no-cache
Content-Length: 0
Date: Wed, 21 Dec 2022 02:21:15 GMT
Vary: X-Forwarded-Host

GET
H/1.1 200
OK 6317562712112 Show response
publicapi.misitemgr.com/webapi-public/v2/publications/thenewstribune/related/ 14 KB
15 KB 252ms
252ms Fetch
application/json 166.108.36.240
MCCLATCHY-CORP

General

Check archive.org

Show headers Download Go to

Full URL: https://publicapi.misitemgr.com/webapi-public/v2/publications/thenewstribune/related/6317562712112
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/wps/build/webpack/videoStory.bundle-e7e9c63f9edd65104079.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 166.108.36.240 , United States, ASN6118 (MCCLATCHY-CORP, US),
Reverse DNS: vnet846.ejoco.com
Software: /
Resource Hash: aef582d4ee037e108e56f1442cf924b774f53206e4837fb8ade115ccc1e444cc

Request headers

Referer: https://www.thenewstribune.com/
X-Forwarded-Host: www.thenewstribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 21 Dec 2022 02:21:15 GMT
Mi-Api: true
Vary: X-Forwarded-Host
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.thenewstribune.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true

GET image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998024001/0521bdfb-55d5-47dd-a3a5-6190dac8ae2e/3b1d27d3-6fe0-4573-bc2e-48bcbf2e17a5/1280x720/match/ 0
0

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998024001/0521bdfb-55d5-47dd-a3a5-6190dac8ae2e/3b1d27d3-6fe0-4573-bc2e-48bcbf2e17a5/1280x720/match/image.jpg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-38.fra60.r.cloudfront.net
Software: / BC
Resource Hash: ab80009b4b89bde5dad1b4ddfeceb50398e60997afc7bd6d5d29267b8dd21544

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 23:00:49 GMT
Via: 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Amz-Cf-Pop: FRA60-P3
X-Powered-From: gantry
X-Powered-By: BC
Age: 12024
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
X-Amz-Cf-Id: zd5waBrJ4cQnrN0qyuQC-P4A7XrWuMQZArR8F17FHKh9Pob3yQCapw==
Expires: Wed, 20 Dec 2023 23:00:49 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998024001/0521bdfb-55d5-47dd-a3a5-6190dac8ae2e/3b1d27d3-6fe0-4573-bc2e-48bcbf2e17a5/1280x720/match/image.jpg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/wps/build/webpack/videojs.bundle-26bbe163dc0ffee5eac7.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-38.fra60.r.cloudfront.net
Software: / BC
Resource Hash: ab80009b4b89bde5dad1b4ddfeceb50398e60997afc7bd6d5d29267b8dd21544

Request headers

Referer: https://www.thenewstribune.com/
Origin: https://www.thenewstribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 23:30:50 GMT
Via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Amz-Cf-Pop: FRA60-P3
X-Powered-From: gantry
X-Powered-By: BC
Age: 10223
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
X-Amz-Cf-Id: CfcJRMY5jdnHDpvPwuAKCe2srpQStFAnNiqIWwWsrfgZRZHLWR4-cg==
Expires: Wed, 20 Dec 2023 23:30:50 GMT

OPTIONS
H/1.1 200
OK 6317514829112
publicapi.misitemgr.com/webapi-public/v2/publications/thenewstribune/related/ Frame 0
0 1676ms
133ms Preflight 166.108.36.240
MCCLATCHY-CORP

General

Check archive.org

Show headers Download Go to

Full URL: https://publicapi.misitemgr.com/webapi-public/v2/publications/thenewstribune/related/6317514829112
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 166.108.36.240 , United States, ASN6118 (MCCLATCHY-CORP, US),
Reverse DNS: vnet846.ejoco.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-forwarded-host
Access-Control-Request-Method: GET
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Headers: X-Forwarded-Host
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://www.thenewstribune.com
Access-Control-Max-Age: 86400
Cache-Control: no-cache
Content-Length: 0
Date: Wed, 21 Dec 2022 02:21:15 GMT
Vary: X-Forwarded-Host

GET
H/1.1 200
OK 6317514829112 Show response
publicapi.misitemgr.com/webapi-public/v2/publications/thenewstribune/related/ 16 KB
16 KB 293ms
292ms Fetch
application/json 166.108.36.240
MCCLATCHY-CORP

General

Check archive.org

Show headers Download Go to

Full URL: https://publicapi.misitemgr.com/webapi-public/v2/publications/thenewstribune/related/6317514829112
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/wps/build/webpack/videoStory.bundle-e7e9c63f9edd65104079.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 166.108.36.240 , United States, ASN6118 (MCCLATCHY-CORP, US),
Reverse DNS: vnet846.ejoco.com
Software: /
Resource Hash: b38316b8854856c90a7249b74cd6c67c0c9980395d726089ccecedd64e0cbac5

Request headers

Referer: https://www.thenewstribune.com/
X-Forwarded-Host: www.thenewstribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 21 Dec 2022 02:21:15 GMT
Mi-Api: true
Vary: X-Forwarded-Host
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.thenewstribune.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true

GET
H2 200 config.js Show response
cdn.confiant-integrations.net/awMxVZLpNW6K6EG6WC5S8oR_a68/gpt_and_prebid/ 116 KB
27 KB 90ms
35ms Script
text/javascript 2606:4700::6812:106b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/awMxVZLpNW6K6EG6WC5S8oR_a68/gpt_and_prebid/config.js
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/thenewstribune.com/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:106b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39ad57ff1ca593f8f82e3d0c022fdfeecbce3c5e487d10e73b0c26fca3b94db6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 21 Dec 2022 02:09:18 GMT
server: cloudflare
x-amz-request-id: PJCMSCBEY1CDXRBS
age: 317
etag: W/"bc7cf91863231c98e2b6b602d1ddb7fe"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 77cd24a2ab409000-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: S5PDmlrtF8UfA2EwntnUGhiVDlu8c8HwHskn6Og0QU13UxmRl96Za3rEn7DaEPtzxBtqD4OY92k=

GET
H2 200 launchpad-liveramp.js Show response
launchpad-wrapper.privacymanager.io/11d88664-2cc9-41ec-b61a-fc789bcde449/ 4 KB
2 KB 84ms
21ms Script
text/javascript 18.66.97.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad-wrapper.privacymanager.io/11d88664-2cc9-41ec-b61a-fc789bcde449/launchpad-liveramp.js
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/thenewstribune.com/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-43.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e209665ef10fbcc77c20dd867a90137fb6b9bc60c329902c4965a54d2e0991e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 47QRCxTQt2e9qy4D96IcAsdRmh05c1m5
content-encoding: gzip
via: 1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
date: Wed, 21 Dec 2022 00:28:00 GMT
x-amz-cf-pop: FRA56-P2
age: 6795
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: attachment; filename="launchpad-liveramp.js"
last-modified: Tue, 15 Nov 2022 16:44:12 GMT
server: AmazonS3
etag: W/"73a56538e9ed017baf947221f1265765"
vary: Accept-Encoding
content-type: text/javascript
x-amz-cf-id: eBY46K7OBSoVhysDv249tgB1d2VzZif_1eGTbXUurG7nXc9fTUR-wg==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 96ms
36ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: htlbid.com
URL: https://htlbid.com/v3/thenewstribune.com/htlbid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4726734a48b33c83575aa629342e5a8c36cf253e8c282c6e067b8a0c60a542ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27666
x-xss-protection: 0
server: sffe
etag: "1427 / 640 of 1000 / last-modified: 1670587582"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 21 Dec 2022 02:21:14 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 178 KB
45 KB 91ms
32ms Script
application/javascript 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/thenewstribune.com/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 20b9cd2a5e2125ece15cc0d11ae35586a1e9eb4bc90226eb3df789adf191be61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:21:57 GMT
content-encoding: gzip
via: 1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront), 1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
last-modified: Thu, 15 Dec 2022 17:02:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-C2
age: 3558
x-amz-server-side-encryption: AES256
etag: W/"9678e76b6e6295571547f8fe5df68b88"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: dB3rQ_8cxDA1yl8TEqme7gn-ADET2WX-44NHrxAS-rsphrHwlmOM8g==

POST
H2 200 pixel_49b178ea Show response
www.thenewstribune.com/akam/13/ 0
784 B 27ms
26ms XHR
text/html 184.24.0.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/akam/13/pixel_49b178ea
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/akam/13/49b178ea
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.0.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-0-132.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thenewstribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 02:21:13 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=0, no-cache
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 0
expires: Wed, 21 Dec 2022 02:21:13 GMT

OPTIONS
H/1.1 200
OK 6317566375112
publicapi.misitemgr.com/webapi-public/v2/publications/thenewstribune/related/ Frame 0
0 1648ms
133ms Preflight 166.108.36.240
MCCLATCHY-CORP

General

Check archive.org

Show headers Download Go to

Full URL: https://publicapi.misitemgr.com/webapi-public/v2/publications/thenewstribune/related/6317566375112
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 166.108.36.240 , United States, ASN6118 (MCCLATCHY-CORP, US),
Reverse DNS: vnet846.ejoco.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-forwarded-host
Access-Control-Request-Method: GET
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Headers: X-Forwarded-Host
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://www.thenewstribune.com
Access-Control-Max-Age: 86400
Cache-Control: no-cache
Content-Length: 0
Date: Wed, 21 Dec 2022 02:21:15 GMT
Vary: X-Forwarded-Host

GET
H/1.1 200
OK 6317566375112 Show response
publicapi.misitemgr.com/webapi-public/v2/publications/thenewstribune/related/ 18 KB
18 KB 238ms
237ms Fetch
application/json 166.108.36.240
MCCLATCHY-CORP

General

Check archive.org

Show headers Download Go to

Full URL: https://publicapi.misitemgr.com/webapi-public/v2/publications/thenewstribune/related/6317566375112
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/wps/build/webpack/videoStory.bundle-e7e9c63f9edd65104079.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 166.108.36.240 , United States, ASN6118 (MCCLATCHY-CORP, US),
Reverse DNS: vnet846.ejoco.com
Software: /
Resource Hash: 6aa726e75228ac6cf59c93e23a1b5438925f0375514c11427ed31f97cefacee4

Request headers

Referer: https://www.thenewstribune.com/
X-Forwarded-Host: www.thenewstribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 21 Dec 2022 02:21:15 GMT
Mi-Api: true
Vary: X-Forwarded-Host
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.thenewstribune.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true

GET
BLOB 200
OK 0d85fe9d-8a55-4eea-ac87-d8d05b68d171
https://www.thenewstribune.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/0d85fe9d-8a55-4eea-ac87-d8d05b68d171
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d38236a3fa83635118b6b177bda2330ce7e5ce09a3e50d9f4a6933b2923c5af8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 5543
Content-Type: application/javascript

GET
BLOB 200
OK b0f977ed-596f-4745-90ef-e184520423a0
https://www.thenewstribune.com/ 79 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/b0f977ed-596f-4745-90ef-e184520423a0
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6942aa2d9cb977a25b9e503f731dd38210f0d0337b8b6783c5f9321924275261

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 80442
Content-Type: application/javascript

GET
BLOB 200
OK 04d8f4f3-02d2-4864-be18-827d9b068b9c
https://www.thenewstribune.com/ 79 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/04d8f4f3-02d2-4864-be18-827d9b068b9c
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6942aa2d9cb977a25b9e503f731dd38210f0d0337b8b6783c5f9321924275261

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 80442
Content-Type: application/javascript

GET
H3 200 bridge3.549.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame B533 693 KB
222 KB 66ms
21ms Document
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95b968e13d205a7842b355f9bd82f9f64f6f272ff0810734c49d2bb89d64a336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewstribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 218130
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 227324
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 13:45:43 GMT
expires: Mon, 18 Dec 2023 13:45:43 GMT
last-modified: Fri, 09 Dec 2022 15:29:50 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 89ms
30ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Dec 2022 02:21:14 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 82ms
31ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.thenewstribune.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
BLOB 200
OK 5db134cf-5de3-4afb-b750-e0bd276d825a
https://www.thenewstribune.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/5db134cf-5de3-4afb-b750-e0bd276d825a
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d38236a3fa83635118b6b177bda2330ce7e5ce09a3e50d9f4a6933b2923c5af8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 5543
Content-Type: application/javascript

GET
BLOB 200
OK 48dd5d21-e1ec-4ef9-b7d8-e4699d0d88bb
https://www.thenewstribune.com/ 79 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/48dd5d21-e1ec-4ef9-b7d8-e4699d0d88bb
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6942aa2d9cb977a25b9e503f731dd38210f0d0337b8b6783c5f9321924275261

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 80442
Content-Type: application/javascript

GET
BLOB 200
OK a218f431-6597-4204-8c54-1081bee7aafc
https://www.thenewstribune.com/ 79 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/a218f431-6597-4204-8c54-1081bee7aafc
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6942aa2d9cb977a25b9e503f731dd38210f0d0337b8b6783c5f9321924275261

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 80442
Content-Type: application/javascript

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
260 B 197ms
46ms Image
image/gif 54.155.18.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1671589273943&plid=50546203&idsite=thenewstribune.com&url=https%3A%2F%2Fwww.thenewstribune.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22subscriber%22%3Afalse%7D&sid=1&surl=https%3A%2F%2Fwww.thenewstribune.com%2F&sref=&sts=1671589273940&slts=0&title=Tacoma+WA+Breaking+News%2C+Crime+%26+More+%7C+Tacoma+News+Tribune&date=Wed+Dec+21+2022+02%3A21%3A13+GMT%2B0000+(GMT)&action=pageview&pvid=39271284&u=pid%3D7b3ed65ba140481b96ed15c800429705
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.155.18.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 21 Dec 2022 02:21:14 GMT
Cache-Control: no-cache
Last-Modified: Wednesday, 21-Dec-2022 02:21:14 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3 200 bridge3.549.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 3651 693 KB
222 KB 23ms
22ms Document
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95b968e13d205a7842b355f9bd82f9f64f6f272ff0810734c49d2bb89d64a336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewstribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 218130
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 227324
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 13:45:43 GMT
expires: Mon, 18 Dec 2023 13:45:43 GMT
last-modified: Fri, 09 Dec 2022 15:29:50 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
BLOB 200
OK 640afddf-e7bd-4020-b2f3-2faec5793f17
https://www.thenewstribune.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/640afddf-e7bd-4020-b2f3-2faec5793f17
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d38236a3fa83635118b6b177bda2330ce7e5ce09a3e50d9f4a6933b2923c5af8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 5543
Content-Type: application/javascript

GET
BLOB 200
OK 4fe3024b-af35-42ed-bec7-2e7b86835653
https://www.thenewstribune.com/ 79 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/4fe3024b-af35-42ed-bec7-2e7b86835653
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6942aa2d9cb977a25b9e503f731dd38210f0d0337b8b6783c5f9321924275261

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 80442
Content-Type: application/javascript

GET
BLOB 200
OK 78461819-f065-4309-a44e-35c3b3306e9b
https://www.thenewstribune.com/ 79 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/78461819-f065-4309-a44e-35c3b3306e9b
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6942aa2d9cb977a25b9e503f731dd38210f0d0337b8b6783c5f9321924275261

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 80442
Content-Type: application/javascript

GET
H3 200 bridge3.549.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 8672 693 KB
222 KB 36ms
35ms Document
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95b968e13d205a7842b355f9bd82f9f64f6f272ff0810734c49d2bb89d64a336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewstribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 218130
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 227324
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 13:45:43 GMT
expires: Mon, 18 Dec 2023 13:45:43 GMT
last-modified: Fri, 09 Dec 2022 15:29:50 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 b
sb.scorecardresearch.com/ Frame 18FE 0
191 B 22ms
22ms Image
text/plain 13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6035363&cs_it=b3&cv=3.8.0.210223&ns__t=1671589274001&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fwww.thenewstribune.com%2F&c8=Tacoma%20WA%20Breaking%20News%2C%20Crime%20%26%20More%20%7C%20Tacoma%20News%20Tribune&c9=https%3A%2F%2Fwww.thenewstribune.com%2F
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:14 GMT
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: aAgH-TnME87dCDE77PV__EtZPhKeg4TWMG_EZVyxLB8gv42mkxdrXw==
x-cache: Miss from cloudfront

GET
H2 200 / Show response
lasteventf-tm.everesttech.net/ Frame 7E95 0
138 B 68ms
20ms XHR
text/plain 151.101.130.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://lasteventf-tm.everesttech.net/?_les_imsOrgId=3B6E35F15A82BBB00A495D91@AdobeOrg&_les_sdid=7207FBD094612006-8158B17CA290A6E3&_les_last_search_click=&_les_rsid=mccltallmcclatchy&_les_mid=22393076314120989291875424985136437425&_les_url=https%3A%2F%2Fwww.thenewstribune.com%2F
Requested by: Host: www.everestjs.net
URL: https://www.everestjs.net/static/le/last-event-tag-latest.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 21 Dec 2022 02:21:14 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1671589274.062896,VS0,VE0
x-cache: MISS
content-type: text/plain
access-control-allow-origin: https://www.thenewstribune.com
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-hhn-etou8220068-HHN

GET
H2 200 main_e2d6c32b895aee0a3860d165f6afbb7b.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 379 KB
74 KB 176ms
22ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main_e2d6c32b895aee0a3860d165f6afbb7b.br.js
Requested by: Host: tag.wknd.ai
URL: https://tag.wknd.ai/3749/i.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ae4ebf47a893af26c9f146af0f337b50b181a99d0aaf217caa42b287e75d42b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 20:12:32 GMT
content-encoding: br
age: 281322
x-guploader-uploadid: ADPycdukiSrgwOJPnGxY8r3AXmrYzNbYuh3GKRUgdxI3AW0-LPw5NAhnLSq3t6XxqamvlDknG3hIkoDGH5M9hpJwof0aVA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75123
last-modified: Wed, 14 Dec 2022 17:19:50 GMT
server: UploadServer
etag: "ae0c630651f2edbbfaf49175a5cc0715"
x-goog-generation: 1671038390377872
x-goog-hash: crc32c=tKYxog==, md5=rgxjBlHy7bv69JF1pcwHFQ==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 75123
accept-ranges: bytes
content-type: text/javascript
expires: Sun, 17 Dec 2023 20:12:32 GMT

GET
H2 200 cjs_min_62f4846d97d6cffa05fd709123de3ea8.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 46 KB
15 KB 196ms
46ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_62f4846d97d6cffa05fd709123de3ea8.js
Requested by: Host: tag.wknd.ai
URL: https://tag.wknd.ai/3749/i.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9366be9dc7f0c13655e2a45ce1df32f55b937efc0878b30954969c88151f1482

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 21:25:03 GMT
content-encoding: gzip
age: 1054571
x-guploader-uploadid: ADPycdspR83unVlNrLq6bv0OnRnCEJ2aUuMhoNtjq_rQu0icjTD7sOJt0HgHQ44GWytVaY6Jxv6fCeHJ84X4qR54Mbo0Ew
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15082
last-modified: Thu, 08 Dec 2022 21:24:53 GMT
server: UploadServer
etag: "02aa3508d07729296f81673e76733b97"
x-goog-generation: 1670534693607850
x-goog-hash: crc32c=NV2AHw==, md5=Aqo1CNB3KSlvgWc+dnM7lw==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000,no-transform
x-goog-stored-content-length: 15082
accept-ranges: bytes
content-type: text/javascript; charset=utf-8
expires: Fri, 08 Dec 2023 21:25:03 GMT

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/jit/5615998024001/0c5752c1-718e-4582-8747-be95cfda60bf/main/1280x720/1m32s725ms/match/ 77 KB
78 KB 21ms
21ms Image
image/jpeg 13.32.99.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/jit/5615998024001/0c5752c1-718e-4582-8747-be95cfda60bf/main/1280x720/1m32s725ms/match/image.jpg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-38.fra60.r.cloudfront.net
Software: / BC
Resource Hash: c3250dddede58f7f19d690ea9b8dc8285a4ee533d29cfaa5bfe5bcb833f61501

Request headers

Referer: https://www.thenewstribune.com/
Origin: https://www.thenewstribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 15 Dec 2022 18:55:38 GMT
Via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Amz-Cf-Pop: FRA60-P3
X-Powered-From: gantry
X-Powered-By: BC
Age: 458736
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
X-Amz-Cf-Id: Lc5uNRYgxdARkYO1oCdjB63VmKtehNhNbXf0o2uDz8KFaIFDkvObjg==
Expires: Fri, 15 Dec 2023 18:55:38 GMT

GET
H2 200 t Show response
jadserve.postrelease.com/ 1 KB
1 KB 168ms
56ms Script
text/javascript 34.246.233.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.thenewstribune.com%2F&ntv_mvi
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.233.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-233-4.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 335bbe8921bc8b8c1216d534a510b15dad02045931d80b982d5948cc78b6e6d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 02:21:14 GMT
content-encoding: gzip
server: nginx/1.12.1
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 719
expires: Mon, 1 Jan 1990 12:00:00 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/jit/5615998024001/0c5752c1-718e-4582-8747-be95cfda60bf/main/1280x720/1m32s725ms/match/image.jpg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-38.fra60.r.cloudfront.net
Software: / BC
Resource Hash: c3250dddede58f7f19d690ea9b8dc8285a4ee533d29cfaa5bfe5bcb833f61501

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 15 Dec 2022 13:01:24 GMT
Via: 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Amz-Cf-Pop: FRA60-P3
X-Powered-From: gantry
X-Powered-By: BC
Age: 479990
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
X-Amz-Cf-Id: JHs8zTOpyo3BYzLBNeYNVR9zjcPIszHw0UFkLLfWq-jz2LB9vH8nxw==
Expires: Fri, 15 Dec 2023 13:01:24 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/jit/5615998024001/0c5752c1-718e-4582-8747-be95cfda60bf/main/1280x720/1m32s725ms/match/image.jpg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-38.fra60.r.cloudfront.net
Software: / BC
Resource Hash: c3250dddede58f7f19d690ea9b8dc8285a4ee533d29cfaa5bfe5bcb833f61501

Request headers

Referer: https://www.thenewstribune.com/
Origin: https://www.thenewstribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 15 Dec 2022 18:55:38 GMT
Via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Amz-Cf-Pop: FRA60-P3
X-Powered-From: gantry
X-Powered-By: BC
Age: 458736
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
X-Amz-Cf-Id: HPgbuf0ukwzkZLDxy0_xFRUgJAUJoYTg_gP0BoLxUZt5aOfncQgcUg==
Expires: Fri, 15 Dec 2023 18:55:38 GMT

OPTIONS
H/1.1 200
OK 6317147089112
publicapi.misitemgr.com/webapi-public/v2/publications/thenewstribune/related/ Frame 0
0 1377ms
135ms Preflight 166.108.36.240
MCCLATCHY-CORP

General

Check archive.org

Show headers Download Go to

Full URL: https://publicapi.misitemgr.com/webapi-public/v2/publications/thenewstribune/related/6317147089112
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 166.108.36.240 , United States, ASN6118 (MCCLATCHY-CORP, US),
Reverse DNS: vnet846.ejoco.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-forwarded-host
Access-Control-Request-Method: GET
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Headers: X-Forwarded-Host
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://www.thenewstribune.com
Access-Control-Max-Age: 86400
Cache-Control: no-cache
Content-Length: 0
Date: Wed, 21 Dec 2022 02:21:15 GMT
Vary: X-Forwarded-Host

GET
H/1.1 200
OK 6317147089112 Show response
publicapi.misitemgr.com/webapi-public/v2/publications/thenewstribune/related/ 17 KB
17 KB 267ms
267ms Fetch
application/json 166.108.36.240
MCCLATCHY-CORP

General

Check archive.org

Show headers Download Go to

Full URL: https://publicapi.misitemgr.com/webapi-public/v2/publications/thenewstribune/related/6317147089112
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/wps/build/webpack/videoStory.bundle-e7e9c63f9edd65104079.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 166.108.36.240 , United States, ASN6118 (MCCLATCHY-CORP, US),
Reverse DNS: vnet846.ejoco.com
Software: /
Resource Hash: d87a8b154b35ddff22ef7aba504fea8d1d60e95066656cc98ecdf539c1a49756

Request headers

Referer: https://www.thenewstribune.com/
X-Forwarded-Host: www.thenewstribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 21 Dec 2022 02:21:15 GMT
Mi-Api: true
Vary: X-Forwarded-Host
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.thenewstribune.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true

GET
H2 200 2b39eb9cc9f1a0e6fa66a4881911e136 Show response
n817.thenewstribune.com/plugin/plugin/ 30 KB
8 KB 23ms
23ms Script
text/javascript 2600:9000:2491:c800:16:f649:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://n817.thenewstribune.com/plugin/plugin/2b39eb9cc9f1a0e6fa66a4881911e136

Requested by

Host: n817.thenewstribune.com
URL: https://n817.thenewstribune.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:c800:16:f649:1500:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

- /

Resource Hash

2f8bb74f2466ad1f2740c7901695e0c4d90aa57f32cd9bcdcd5351e0a1fdf1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P7
age: 126973
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 7379
x-xss-protection: 1; mode=block
last-modified: Sun, 18 Dec 2022 15:05:01 GMT
server: -
etag: 2b39eb9cc9f1a0e6fa66a4881911e136
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: wFpYfgyJ5edNMZu0uFMWiwKOKn2lHY9mFS3pzn6L5poQNaf5EJGsMg==
expires: Tue, 19 Dec 2023 15:05:01 GMT

GET
BLOB 200
OK fc706f23-cbbe-48f3-873d-624955dcd874
https://www.thenewstribune.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/fc706f23-cbbe-48f3-873d-624955dcd874
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d38236a3fa83635118b6b177bda2330ce7e5ce09a3e50d9f4a6933b2923c5af8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 5543
Content-Type: application/javascript

GET
BLOB 200
OK b656fc33-e5e7-40f5-8944-73d81023f0e7
https://www.thenewstribune.com/ 79 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/b656fc33-e5e7-40f5-8944-73d81023f0e7
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6942aa2d9cb977a25b9e503f731dd38210f0d0337b8b6783c5f9321924275261

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 80442
Content-Type: application/javascript

GET
BLOB 200
OK cbd603f9-e925-4305-b400-0d612f3083cd
https://www.thenewstribune.com/ 79 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/cbd603f9-e925-4305-b400-0d612f3083cd
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6942aa2d9cb977a25b9e503f731dd38210f0d0337b8b6783c5f9321924275261

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 80442
Content-Type: application/javascript

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ Frame 2D0C 43 B
245 B 524ms
115ms Image
image/gif 34.224.131.223
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pv&page=ml&hier=_HomePage&ptype=homepage&pubname=The%20News%20Tribune&sec=Homepage&tv=js-3.0.160&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=10&tvcfg=all&tid=1ed13475-24d0-43aa-8efc-366d8d384a57&pid=37de7485-80b9-4062-acd0-682077198219&dtm=1671589274312&qnm=_matherq&visible=1&tabid=41806a3d-f941-4dfa-8902-5c6ca65eebfe&refr=https%3A%2F%2Fwww.thenewstribune.com%2F&url=https%3A%2F%2Fwww.thenewstribune.com%2F&vrefr=https%3A%2F%2Fwww.thenewstribune.com%2F&vp=0x0&ds=0x0&tofa=1671589274&vid=1&lvidt=1671589274&duid=f1b0187b-a65f-4e6b-bca3-37b28cd061e2&fp=983239506&cid=ma12095&mrk=74930801&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTY3MTU4OTI3MDIxMiIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIzMy4xbWIiLCJoZWFwVCI6IjM5LjZtYiIsImZzdFBhaW50IjoiMjg2OSIsImZldGNoUyI6IjIzODAiLCJkb21haW5TIjoiMjM4MiIsImRvbWFpbkUiOiIyNTUxIiwiY29ublMiOiIyNTUxIiwiY29ubkUiOiIyNjIxIiwic3NsUyI6IjI1NzIiLCJyZXF1UyI6IjI2MjEiLCJyZXNwUyI6IjI2NTIiLCJyZXNwRSI6IjI2NzQiLCJkb21Mb2FkIjoiMjY2MiIsImRvbUludGVyIjoiMzA1MiIsImRvbUxvYWRTIjoiMzMxMSIsImRvbUxvYWRFIjoiMzMyMyJ9fQ
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.224.131.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-131-223.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date: Wed, 21 Dec 2022 02:21:14 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3 200 bridge3.549.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame FD2D 693 KB
222 KB 22ms
21ms Document
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95b968e13d205a7842b355f9bd82f9f64f6f272ff0810734c49d2bb89d64a336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewstribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 218131
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 227324
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 13:45:43 GMT
expires: Mon, 18 Dec 2023 13:45:43 GMT
last-modified: Fri, 09 Dec 2022 15:29:50 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 74ms
31ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.thenewstribune.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202212121148/ 210 KB
66 KB 82ms
35ms Script
application/javascript 2606:4700::6812:106b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202212121148/wrap.js
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/awMxVZLpNW6K6EG6WC5S8oR_a68/gpt_and_prebid/config.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:106b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4287c42dfa851c2d08b8fb73a4e43f11b7ba2cb30c924e70f52b5db171ec1edf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Dec 2022 16:50:50 GMT
server: cloudflare
x-amz-request-id: 79PRN948QHVRQ22A
age: 718117
etag: W/"a295e934190c6de7fe47fed7fbac382f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 77cd24a4ee70bbd9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: UoElqZ9r5EnIMcfDbeK21DiamGYKttzalAecoX/zJcbRyRQPod5CeHSuH49Dfe78YsFElLb1zic=

GET
H2 200 launchpad.bundle.js Show response
launchpad.privacymanager.io/1/ 25 KB
9 KB 282ms
89ms Script
application/x-javascript 13.226.2.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad.privacymanager.io/1/launchpad.bundle.js
Requested by: Host: launchpad-wrapper.privacymanager.io
URL: https://launchpad-wrapper.privacymanager.io/11d88664-2cc9-41ec-b61a-fc789bcde449/launchpad-liveramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.2.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-2-111.tlv50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b9d318b3157ccbfc3bb00e82a446613294f9a592c01537662386bd848882b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: IBczV1acfLsLLKzHm11PkizTXPxE9_cH
content-encoding: gzip
via: 1.1 49b0a784530e09f22671459cadc376ba.cloudfront.net (CloudFront)
date: Wed, 21 Dec 2022 01:23:24 GMT
x-amz-cf-pop: TLV50-C1
age: 3471
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/LaunchPadLibraryBuild-prod:f09170b2-5416-4e55-be91-38e5eec207ec
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: a78f2a5a4864424e54348ce47b156abb
last-modified: Thu, 10 Mar 2022 13:10:48 GMT
server: AmazonS3
etag: W/"3e312624cdc2445a38a716f92dc3c0cd"
vary: Accept-Encoding
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: e4ad213b137401d20a50fe1692169cc5f8b39867b6fe39afed7e307e1b9c967e
cache-control: must-revalidate,public,max-age=3600
x-amz-cf-id: 1QqAbACXmIuTa2VaCJCdFHXtOMeGOJildnZDcjQhxYmaHEqPzspVvw==

GET
H3 200 pubads_impl_2022120601.js Show response
securepubads.g.doubleclick.net/gpt/ 381 KB
129 KB 69ms
23ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

949ef00ce71e069fc69a6b829771726245072e18e56b264c536837c459b3febf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 19:29:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24704
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132161
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 09:39:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 20 Dec 2023 19:29:30 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 390 B
191 B 74ms
30ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.thenewstribune.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58c1c5f33f3cabdf3ec6997934a5dbb6527717d8d406e0037d08acddfa9807b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 166
x-xss-protection: 0
expires: Wed, 21 Dec 2022 02:21:14 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 78ms
29ms XHR
application/javascript 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: KO0V33_zzBQMkGMaMpLupHqINiAUum0D
content-encoding: gzip
via: 1.1 08b9c2fd11813ffdb8fa03129d0a465c.cloudfront.net (CloudFront)
date: Tue, 20 Dec 2022 04:49:19 GMT
x-amz-cf-pop: FRA56-C2
age: 77516
x-cache: Hit from cloudfront
last-modified: Wed, 07 Dec 2022 02:43:04 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: vNAsehE2J4UwA6KDzx6UfoP_htMv6PoGokUbYFMgQqVAMyPq_iioyQ==

POST
H2 200 interact Show response
edge.adobedc.net/ee/v1/ 587 B
419 B 174ms
173ms Fetch
application/json 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://edge.adobedc.net/ee/v1/interact?configId=462177a8-1012-4e47-aee6-a4f6f3154a6b&requestId=e752f336-50e2-4f96-a890-1b0745f8b24d

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ooizl-ynbs/thenewstribunecore.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

27ee88fba4383c650fbad29f4831e3ea3e50723ec500fe42958171d9cec25401

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thenewstribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Wed, 21 Dec 2022 02:21:13 GMT
content-encoding: deflate
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-rate-limit-remaining: 599
x-adobe-edge: IRL1;6
x-xss-protection: 1; mode=block
x-request-id: e752f336-50e2-4f96-a890-1b0745f8b24d
server: jag
vary: Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
x-konductor: 22.11.2:836cd9b5

POST
H2 200 interact Show response
edge.adobedc.net/ee/v1/ 522 B
405 B 210ms
209ms Fetch
application/json 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://edge.adobedc.net/ee/v1/interact?configId=462177a8-1012-4e47-aee6-a4f6f3154a6b&requestId=9015d578-3842-496e-adaa-b0be30714967

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ooizl-ynbs/thenewstribunecore.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

d1de19641ab7735cfc5a743ffe50f62b10f77765e24ade9c5ddf1cbdb336b184

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thenewstribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Wed, 21 Dec 2022 02:21:14 GMT
content-encoding: deflate
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-rate-limit-remaining: 599
x-adobe-edge: IRL1;6
x-xss-protection: 1; mode=block
x-request-id: 9015d578-3842-496e-adaa-b0be30714967
server: jag
vary: Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
x-konductor: 22.11.2:836cd9b5

GET
H3 200 inbox_dbcafa82ba21334528d547ee82a14869.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 73 KB
19 KB 78ms
33ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/inbox_dbcafa82ba21334528d547ee82a14869.br.js
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main_e2d6c32b895aee0a3860d165f6afbb7b.br.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c56617b3dabcfa00d7b20aa2b2e76ff3f4483fb67abb4bdcef754d617617d537

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 21:04:58 GMT
content-encoding: br
age: 1660576
x-guploader-uploadid: ADPycdusp1xU4yBXhebRbVL-u30uw9QlcZ9Ugu5vQN-ndE5UQcKY7arDyIcCP-Ax6nGpO97SFicLLwJiHhkdd024jHLV_w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19212
last-modified: Thu, 01 Dec 2022 21:04:45 GMT
server: UploadServer
etag: "b3024b00232fa083e1e1ad8aee0aef0b"
x-goog-generation: 1669928685364358
x-goog-hash: crc32c=QpYP6Q==, md5=swJLACMvoIPh4a2K7grvCw==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 19212
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 01 Dec 2023 21:04:58 GMT

GET
H3 200 onsite_d77202ee63f46daf80998ccf300f48a4.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 161 KB
34 KB 68ms
23ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/onsite_d77202ee63f46daf80998ccf300f48a4.br.js
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main_e2d6c32b895aee0a3860d165f6afbb7b.br.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 97cee0b4094231f93a768249e8a3b8b084bf9ada186680f9f5d9dd7fdc1cbc52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 19:36:04 GMT
content-encoding: br
age: 715510
x-guploader-uploadid: ADPycdvZ7j1QLL-kbuyz5nTFAsuW3Slit3e9o9XUyGkHtyT0CO43OxPINL8KXG-KXgYrZ-KT_acAUZbuIy88sYpIArsPaQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34874
last-modified: Mon, 12 Dec 2022 19:36:01 GMT
server: UploadServer
etag: "a9ed059d293c786c02fb0f9ca25c4f12"
x-goog-generation: 1670873761420375
x-goog-hash: crc32c=OPCM4A==, md5=qe0FnSk8eGwC+w+colxPEg==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 34874
accept-ranges: bytes
content-type: text/javascript
expires: Tue, 12 Dec 2023 19:36:04 GMT

GET
H3 200 ads_12036d8507211f5a6513c50cdcd2188e.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 370 KB
69 KB 86ms
41ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ads_12036d8507211f5a6513c50cdcd2188e.br.js
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main_e2d6c32b895aee0a3860d165f6afbb7b.br.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 7f1b16eaedbed2350b3f7f27dff10f5fbbce59bcd490b57f553dc638e0999143

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 17:20:04 GMT
content-encoding: br
age: 550870
x-guploader-uploadid: ADPycduCBhhck5yQS1lWl0g8EkRh0gLx55AtvA0Umai_Y7FEzcr68I2UIr5iFQp3o9OdVu2FlSCUIRyF4IeKE1WMXuXzdQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70338
last-modified: Wed, 14 Dec 2022 17:19:41 GMT
server: UploadServer
etag: "619c57a9563094b124e4bd07c0f57b65"
x-goog-generation: 1671038381010085
x-goog-hash: crc32c=TosGwQ==, md5=YZxXqVYwlLEk5L0HwPV7ZQ==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 70338
accept-ranges: bytes
content-type: text/javascript
expires: Thu, 14 Dec 2023 17:20:04 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 52ms
52ms Image
image/gif 34.246.233.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=5100178&ntv_pl=1092954
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.233.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-233-4.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 02:21:14 GMT
server: nginx/1.12.1
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 51ms
50ms Image
image/gif 34.246.233.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=9373f727-f3b9-42d7-a185-f99137d4c48b&ntv_fl=aiKFO5BQmNlpJWOY5E-s2QR8pMh2mCVbW-xvMZq4kDSm4iWXqKfnzjH0L91tJiZGdPIBhGCqcPLipPYhWXiV3bB7ivOyqG3QupmxI41dCVEJAsWp0WgREqLrr1a4XcP6IpL2hNeeDAgVsxAYEWvAMDuPyzpl71Uecl9laUVG3vEbzYb-eeVp2dzXOdlIJH_Z&ntv_ht=mm2iYwA&ntv_at=303,302&ntv_a=AAAAAAAAAAWq0QA&ord=1671589274544&ntv_it
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.233.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-233-4.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 02:21:14 GMT
server: nginx/1.12.1
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 gdprConsent
jadserve.postrelease.com/ 43 B
426 B 51ms
51ms Image
image/gif 34.246.233.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/gdprConsent?ntv_pl=1092954&ntv_gdpr_consent=&ntv_it
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.233.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-233-4.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 02:21:14 GMT
server: nginx/1.12.1
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame B533 3 KB
2 KB 137ms
57ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?ad_type=video&client=ca-video-pub-3446305859157241&env=vp&gdfp_req=1&unviewed_position_start=1&output=xml_vast4&sz=400x300&url=https%3A%2F%2Fwww.thenewstribune.com%2F&correlator=3109709725039657&adsafe=high&videoad_start_delay=0&max_ad_duration=30000&sdmax=120000&vpa=click&vpmute=0&adtest=false&ciu_szs=300x250&iu=%2F7675%2FTAC.site_thenewstribune%2F_HomePage&hl=en&cmsid=2476245&description_url=https%3A%2F%2Fwww.thenewstribune.com%2Fsports%2Fnfl%2Fseattle-seahawks%2Farticle270256592.html&vid_t=DK%20Metcalf%20on%20rare%20game%20without%20Tyler%20Lockett%20in%20the%20Seahawks%E2%80%99%20offense%2C%20Geno%20Smith%E2%80%99s%20consistently%20catchable%20passes&vid=6317562712112&cust_params=sec_sect%3D26389%2C7103%2C26329%26topic%3D%26vpa%3D0%26vpmute%3D0&sdkv=h.3.549.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=p&ctv=0&mpt=videojs-ima&mpv=2.0.0&sdki=445&ptt=20&adk=3438072188&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.549.0&media_url=blob%3Ahttps%253a%2F%2Fwww.thenewstribune.com%2F115ef43e-91cd-446d-8ae2-87b89d567333&sid=6194BC8C-FBD3-4C26-A898-6FF28C4CAC12&nel=0&eid=44748969%2C44765701&dlt=1671589272874&idt=1415&dt=1671589274555&cookie_enabled=1&scor=226259067396439&ged=ve4_td1_tt0_pd1_la1000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aff7b119bcfdca1284aef4881d39e32b2a4598e920c698f88c31a5c6494ca251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 973
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 3651 3 KB
1 KB 140ms
65ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?ad_type=video&client=ca-video-pub-3446305859157241&env=vp&gdfp_req=1&unviewed_position_start=1&output=xml_vast4&sz=400x300&url=https%3A%2F%2Fwww.thenewstribune.com%2F&correlator=851891859962009&adsafe=high&videoad_start_delay=0&max_ad_duration=30000&sdmax=120000&vpa=click&vpmute=0&adtest=false&ciu_szs=300x250&iu=%2F7675%2FTAC.site_thenewstribune%2F_HomePage&hl=en&cmsid=2476245&description_url=https%3A%2F%2Fwww.thenewstribune.com%2Fnews%2Farticle270216052.html&vid_t=Watch%3A%20Eagle%20carries%20goose%20in%20flight%20near%20Wanapum%20Dam&vid=6317514829112&cust_params=sec_sect%3D26164%2C7103%26topic%3D%26vpa%3D0%26vpmute%3D0&sdkv=h.3.549.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=videojs-ima&mpv=2.0.0&sdki=445&ptt=20&adk=123734905&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.549.0&media_url=blob%3Ahttps%253a%2F%2Fwww.thenewstribune.com%2F637718a4-7164-47fa-9904-4c75352b15d3&sid=6194BC8C-FBD3-4C26-A898-6FF28C4CAC12&nel=0&eid=44748969%2C44765701&dlt=1671589272874&idt=1372&dt=1671589274560&cookie_enabled=1&scor=3738307755882997&ged=ve4_td1_tt0_pd1_la1000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

862cc29647e2bfc9567191b9475cda431dcaf80f556578d21cea3dbee24da5f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 969
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 8672 3 KB
1 KB 128ms
58ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?ad_type=video&client=ca-video-pub-3446305859157241&env=vp&gdfp_req=1&unviewed_position_start=1&output=xml_vast4&sz=400x300&url=https%3A%2F%2Fwww.thenewstribune.com%2F&correlator=1990461297598873&adsafe=high&videoad_start_delay=0&max_ad_duration=30000&sdmax=120000&vpa=click&vpmute=0&adtest=false&ciu_szs=300x250&iu=%2F7675%2FTAC.site_thenewstribune%2F_HomePage&hl=en&cmsid=2476245&description_url=https%3A%2F%2Fwww.thenewstribune.com%2Fsports%2Fnfl%2Fseattle-seahawks%2Farticle270257412.html&vid_t=Pete%20Carroll%3A%20Doctors%20told%20Seahawks%20Tyler%20Lockett%E2%80%99s%20hand%20surgery%20was%20%E2%80%98perfect%2C%E2%80%99%20quick%20return%20is%20possible&vid=6317566375112&cust_params=sec_sect%3D26389%2C7103%2C26329%26topic%3D%26vpa%3D0%26vpmute%3D0&sdkv=h.3.549.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=p&ctv=0&mpt=videojs-ima&mpv=2.0.0&sdki=445&ptt=20&adk=3331662890&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.549.0&media_url=blob%3Ahttps%253a%2F%2Fwww.thenewstribune.com%2Fac70464d-fe95-4b62-9d6a-d9ed235db21c&sid=6194BC8C-FBD3-4C26-A898-6FF28C4CAC12&nel=0&eid=44748969%2C44765701&dlt=1671589272874&idt=1359&dt=1671589274566&cookie_enabled=1&scor=1920901942869809&ged=ve4_td1_tt0_pd1_la1000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7a55fcb0644fa21a25cb41dc6e9075f791b1137338ded288f45e844311eb095

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 976
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3cd72a5d1e37179772788b51f4f83e54 Show response
n817.thenewstribune.com/plugin/library/ 4 KB
2 KB 23ms
23ms Script
text/javascript 2600:9000:2491:c800:16:f649:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://n817.thenewstribune.com/plugin/library/3cd72a5d1e37179772788b51f4f83e54

Requested by

Host: n817.thenewstribune.com
URL: https://n817.thenewstribune.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:c800:16:f649:1500:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

- /

Resource Hash

4ec6e20e8d8fbe9338d338befc0c6485e9338c8c3eaf24ab594d189f5f86af55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 21:16:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P7
age: 1746290
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 1699
x-xss-protection: 1; mode=block
last-modified: Tue, 29 Nov 2022 21:16:24 GMT
server: -
etag: 3cd72a5d1e37179772788b51f4f83e54
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: KJ3kntD70vVrSAcIktk0pInoi7W1c7dbjDiOT6gOQ5C6V23oEiUPFg==
expires: Thu, 30 Nov 2023 21:16:24 GMT

POST
H2 200 LB-Zone-1 Show response
n817.thenewstribune.com/DG/DEFAULT/rest/rpc/238/ 989 B
1 KB 393ms
392ms XHR
application/json 2600:9000:2491:c800:16:f649:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://n817.thenewstribune.com/DG/DEFAULT/rest/rpc/238/LB-Zone-1?referer=https%3A%2F%2Fwww.thenewstribune.com%2F&bcsessionid=&bctempid=d1350bba-9601-4e07-8db0-e45fe28bc013&overruleReferrer=&time=2022-12-21T02%3A21%3A14%2B00%3A00&ts=1671589274572

Requested by

Host: n817.thenewstribune.com
URL: https://n817.thenewstribune.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:c800:16:f649:1500:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

- /

Resource Hash

82974b4398437d4fb787a1ee7ba612d097572e6865ce0b730a72b8356a7b560b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thenewstribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 21 Dec 2022 02:21:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 472
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: bq71VZUwuuOVhLOcsntKZlVkmk36F-8NENDQSGwzbmOUw1AcxDU94g==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK / Show response
data.cdnbasket.net/ 14 B
338 B 651ms
131ms XHR
application/json 35.227.254.22
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data.cdnbasket.net/
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_62f4846d97d6cffa05fd709123de3ea8.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.254.22 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 22.254.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 1b8ba4868781f0b66efefdaa399da69c291235688dd9123ea45d31a44a6992da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Dec 2022 02:21:15 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1 200
OK / Show response
page.cdnbasket.net/ 14 B
338 B 538ms
132ms XHR
application/json 34.102.180.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://page.cdnbasket.net/
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_62f4846d97d6cffa05fd709123de3ea8.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.180.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.180.102.34.bc.googleusercontent.com
Software: /
Resource Hash: 6744210f688494b27c48e2efd47f4bc07c2b3213dcb7cd9562243821f598e8f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Dec 2022 02:21:15 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1 200
OK / Show response
view.cdnbasket.net/ 14 B
338 B 699ms
133ms XHR
application/json 34.149.202.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://view.cdnbasket.net/
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_62f4846d97d6cffa05fd709123de3ea8.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.202.102 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 102.202.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 8beb8e14fae48b4d27d511b3ecfd31d686862d0ae6885c19ef1c488c79dde62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Dec 2022 02:21:15 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
BLOB 200
OK ef77997a-1dea-413e-b881-c2806c5e7323 Show response
https://www.thenewstribune.com/ 410 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/ef77997a-1dea-413e-b881-c2806c5e7323
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ooizl-ynbs/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c96c3b81eeecd9dedb66b10f3ebcde82b970f511c80a6f54aaaac0a52626e9c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 410
Content-Type: [object object]

GET
H2 200 .js Show response
dyv1bugovvq1g.cloudfront.net/11/www.thenewstribune.com/ 4 KB
1 KB 489ms
422ms XHR
application/json 2600:9000:223e:da00:5:82fd:2500:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dyv1bugovvq1g.cloudfront.net/11/www.thenewstribune.com/.js
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/thenewstribune.com/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:da00:5:82fd:2500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ffbc653c9f8786b0a39fc63ef00a9a247315687267478843439f079fb87d4c7e

Request headers

Referer: https://www.thenewstribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 21 Dec 2022 02:21:16 GMT
content-encoding: gzip
via: 1.1 94328d2509009edc0657f5c786a93e42.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
content-length: 609
last-modified: Wed, 21 Dec 2022 02:18:53 GMT
server: AmazonS3
etag: "0209e4faef4d84d9eef005aec33c1b1c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: max-age=300
access-control-allow-credentials: true
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: aRnJs4AalrGd6J1LW2tT3RgXQJqeCZz6FkOKJuOPdD-wDTkacWzsLw==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 131 B
487 B 120ms
120ms XHR
application/json 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.thenewstribune.com&pubid=10f892c4-b76d-4f37-b1fd-0ae5d74780b5
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e7e696f3b5ef25c97cde87bfbe910d446dc98e85192c814c4c3a540d1ac857ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:14 GMT
via: 1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 131
x-amz-cf-id: wiPJe8dK2dnzzNxjvIWBtx6l_NLou-o5CLTDXTD-Gn_ehIqDJX8ugw==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
468 B 440ms
351ms XHR
text/javascript 108.138.4.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.thenewstribune.com%2F&pid=Ffs8q5Tgr34qj&cb=0&ws=1600x1200&v=22.1212.1511&t=2000&slots=%5B%7B%22sd%22%3A%22htlad-2-gpt%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F7675%2FTAC.site_thenewstribune%2F_HomePage%22%7D%2C%7B%22sd%22%3A%22htlad-3-gpt%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F7675%2FTAC.site_thenewstribune%2F_HomePage%22%7D%2C%7B%22sd%22%3A%22htlad-4-gpt%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F7675%2FTAC.site_thenewstribune%2F_HomePage%22%7D%2C%7B%22sd%22%3A%22htlad-5-gpt%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F7675%2FTAC.site_thenewstribune%2F_HomePage%22%7D%2C%7B%22sd%22%3A%22htlad-12-gpt%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F7675%2FTAC.site_thenewstribune%2F_HomePage%22%7D%5D&pubid=10f892c4-b76d-4f37-b1fd-0ae5d74780b5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.4.150 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-4-150.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:15 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: 79SK11EFGKD59CPQJCRG
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.thenewstribune.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 3G9MpTiI0SfU22lC2DvJd3RVgPx91WHC98NEZxgcrG8FT-1iKNb3OQ==

GET
H2 200 pdp.gif
www.thenewstribune.com/ooizl-ynbs/ 42 B
392 B 361ms
361ms Image
image/gif 184.24.0.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/ooizl-ynbs/pdp.gif?z=eyJpZCI6Im1pX2FzX3RudF8yMjM5MzA3NjMxNDEyMDk4OTI5MTg3NTQyNDk4NTEzNjQzNzQyNV8xXzBfMTY3MTU4OTI3MzU1NiIsInBsYXllcnMiOlsidmlkZW8tZ2FsbGVyeSIsInZpZGVvLWdhbGxlcnkiLCJ2aWRlby1nYWxsZXJ5IiwiaW4tZGVwdGgiXX0=
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.0.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-0-132.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:15 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 56774
content-length: 42
last-modified: Mon, 19 Dec 2022 14:02:19 GMT
server: MI
etag: "2a-5f02ec47950c0"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 785064366, 942015400 741900676
content-type: image/gif
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=604741
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame FD2D 3 KB
1002 B 115ms
71ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?ad_type=video&client=ca-video-pub-3446305859157241&env=vp&gdfp_req=1&unviewed_position_start=1&output=xml_vast4&sz=400x300&url=https%3A%2F%2Fwww.thenewstribune.com%2F&correlator=2755602692534140&adsafe=high&videoad_start_delay=0&max_ad_duration=30000&sdmax=120000&vpa=click&vpmute=0&adtest=false&ciu_szs=300x250&iu=%2F7675%2FTAC.site_thenewstribune%2F_HomePage&hl=en&cmsid=2476245&description_url=https%3A%2F%2Fwww.thenewstribune.com%2Fnews%2Flocal%2Farticle269951772.html&vid_t=Learn%20about%20the%20Blue%20Zones%20Project%20that%20is%20coming%20to%20Parkland%20and%20Spanaway%20to%20better%20community%20health&vid=6317147089112&cust_params=sec_sect%3D26191%26topic%3D%26vpa%3D0%26vpmute%3D0&sdkv=h.3.549.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=videojs-ima&mpv=2.0.0&sdki=445&ptt=20&adk=3171463985&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.549.0&media_url=blob%3Ahttps%253a%2F%2Fwww.thenewstribune.com%2F0fc3d1e3-745b-4774-a78a-48f52c5f4469&sid=6194BC8C-FBD3-4C26-A898-6FF28C4CAC12&nel=0&eid=44748969%2C44765701&dlt=1671589272874&idt=1713&dt=1671589274750&cookie_enabled=1&scor=3384636570066699&ged=ve4_td2_tt1_pd2_la2000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b710e0f678afcee88d65a3857f16a5455c52b1e948bd6565309db3bfc85e0e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 975
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
593 B 21ms
21ms Fetch
application/json 13.32.99.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/1/launchpad.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-122.fra60.r.cloudfront.net
Software: /
Resource Hash: e73a140c69c1bc697cacc30b095e0adbe7153c61bb8d94b3b550e34601c4b042

Request headers

Accept: application/json
Referer: https://www.thenewstribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 21 Dec 2022 00:47:24 GMT
via: 1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront), 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, FRA60-P3
age: 5630
x-amzn-requestid: ebda928e-65d7-42ae-8238-237384a394a2
x-amzn-trace-id: Root=1-63a2579c-73a42ccd3d025ff5622c8ad1;Sampled=0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: deKgbHvCDoEF-wg=
content-length: 30
x-amz-cf-id: rXe3SS3qbTtODqnibG7K63r5tIZrQdbGvY1MUCaVexFLs7Fa8yMufw==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

OPTIONS
H2 200 /
geo.privacymanager.io/ Frame 0
0 181ms
115ms Preflight
application/json 13.32.99.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-122.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Wed, 21 Dec 2022 02:21:14 GMT
via: 1.1 bfad099b4e1fa2ec7d21876e0293dc20.cloudfront.net (CloudFront), 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
x-amz-apigw-id: deYQPFONjoEFZVg=
x-amz-cf-id: rz1SGuSRtvmTGx8fswR4epO1_rVSj-AbLf9RKOBKpDn5DVNz0WPmqg==
x-amz-cf-pop: FRA56-P3 FRA60-P3
x-amzn-requestid: 3e198a77-585a-4dcf-bd79-3a5b9c1fa485
x-cache: Miss from cloudfront

GET
H3 200 local_storage_frame17.min.html Show response
assets.bounceexchange.com/assets/bounce/ Frame A1E7 2 KB
1 KB 23ms
22ms Document
text/html 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main_e2d6c32b895aee0a3860d165f6afbb7b.br.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f4fc114373da7e63fade04d84f7f1cfb5b31632246f33b10f3b7b275b85e6dd6

Request headers

Referer: https://www.thenewstribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: etag Content-Type
age: 321717
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=31536000
content-encoding: gzip
content-length: 1073
content-type: text/html; charset=UTF-8
date: Sat, 17 Dec 2022 08:59:17 GMT
etag: "ef029681564becbaa5cd6bef2a806d08"
expires: Sun, 17 Dec 2023 08:59:17 GMT
last-modified: Wed, 14 Dec 2022 17:19:29 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1671038369133056
x-goog-hash: crc32c=wj3ZbA== md5=7wKWgVZL7LqlzWvvKoBtCA==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 1073
x-guploader-uploadid: ADPycdv_bq69CIEnF7XJlh8FvQ8M33etqXm3S5FUGoTD5h5U9H937K_GcVJnoWxMtsUiNzy50i9iWhDEY64avJak9kapOppS90Os

GET
H2 200 oPS.js Show response
d15kdpgjg3unno.cloudfront.net/ 105 KB
22 KB 92ms
24ms Script
application/javascript 2600:9000:2490:1200:11:b309:9100:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=11
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/thenewstribune.com/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:1200:11:b309:9100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 760fdda5f8b07a601d474e9b8bf112803f3ea71ad5ace3bb556b3a93218a2ebe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 2SbXF9SraliP8SStVKvo4q2YPWt7..i9
content-encoding: gzip
via: 1.1 e75bff6012758ccb55ff41b176b32342.cloudfront.net (CloudFront)
date: Tue, 20 Dec 2022 12:39:11 GMT
last-modified: Fri, 16 Dec 2022 14:37:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 49323
etag: W/"fcd934fd62b626675e12460a36455fe7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=84600
x-amz-cf-id: rvi_tgeVlAZI33GI7yQeESebVZOpBT4Igm5TXzgqmatPkTwkGvSTdg==

GET
H/1.1 200
OK 1x1-pixel.png
ams-pageview-public.s3.amazonaws.com/ 68 B
448 B 380ms
119ms Image
image/png 52.216.221.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ams-pageview-public.s3.amazonaws.com/1x1-pixel.png?id=1d5c59e663ea
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.221.81 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 21 Dec 2022 02:21:16 GMT
Last-Modified: Mon, 26 Oct 2020 16:52:19 GMT
Server: AmazonS3
x-amz-request-id: ZPWA1KTXANMVX0Q8
ETag: "91e42db1c66c0b276abf6234dc50b2eb"
Content-Type: image/png
Cache-Control: no-store
Accept-Ranges: bytes
Content-Length: 68
x-amz-id-2: WRzWNxxQOIBcqAcTU4szXDrRjqOQruGxUnys3RhhyWNHrXNPMSxFDd+eX4ZfNUUAt4DWo4CdhxY=

POST
H2 200 238 Show response
n817.thenewstribune.com/DG/DEFAULT/rest/rpc/ 678 B
1 KB 389ms
388ms XHR
application/json 2600:9000:2491:c800:16:f649:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: n817.thenewstribune.com
URL: https://n817.thenewstribune.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:c800:16:f649:1500:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

- /

Resource Hash

76caef6f679b05b758f3d3b7a5bd82ba1764fd5811c08aa0ffdcca89bbc9a6d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thenewstribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 21 Dec 2022 02:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 448
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: TZyRc0B6lhdmjob9INLiHmBEc4ctKk7JaTpOSRqu8iqjHPXPKX15IQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 238 Show response
n817.thenewstribune.com/DG/DEFAULT/rest/rpc/ 383 B
1 KB 388ms
387ms XHR
application/json 2600:9000:2491:c800:16:f649:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: n817.thenewstribune.com
URL: https://n817.thenewstribune.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:c800:16:f649:1500:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

- /

Resource Hash

524b1ce441567fce83af7e7dc1b33dba588b073cc6308dc86faa62b7862464b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thenewstribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 21 Dec 2022 02:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 180
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: suub4Zasc_oqRfWfqVc-CDbibYxtklGpCPqHvD1H2b6xG7_zZazKZg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 238 Show response
n817.thenewstribune.com/DG/DEFAULT/rest/rpc/ 192 B
1 KB 392ms
391ms XHR
application/json 2600:9000:2491:c800:16:f649:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: n817.thenewstribune.com
URL: https://n817.thenewstribune.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:c800:16:f649:1500:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

- /

Resource Hash

23272225d63e70bde580c9c76c3e9593eeb4995983e51218e37eb233dfe08515

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thenewstribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 21 Dec 2022 02:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 170
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: LybKezAU2MihqIeLS4C9daOYtMGedtE0LDbxJckhoAiY0PXYAS70Cw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 cs Show response
mcclatchy.blueconic.net/DG/DEFAULT/ 66 B
863 B 113ms
113ms Script
text/javascript 107.23.160.177
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://mcclatchy.blueconic.net/DG/DEFAULT/cs?bcsessionid=d1350bba-9601-4e07-8db0-e45fe28bc013&&callback=bc_json240

Requested by

Host: n817.thenewstribune.com
URL: https://n817.thenewstribune.com/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.23.160.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-160-177.compute-1.amazonaws.com

Software

- /

Resource Hash

f9a0ae88e503e365d9fef257a5a227aba56325ed3b9aee5cfe4f14837cb1554e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 02:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-permitted-cross-domain-policies: master-only
content-type: text/javascript; charset=utf-8
p3p: policyref="", CP="DSP"
cache-control: no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag: noindex, nofollow
content-length: 86
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK Test_oPS_Script_Loads Show response
sqs.us-east-1.amazonaws.com/397719490216/ 378 B
658 B 753ms
244ms XHR
text/xml 3.236.169.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sqs.us-east-1.amazonaws.com/397719490216/Test_oPS_Script_Loads?Action=SendMessage&MessageBody=cid%3D11%26bt%3Dnull
Requested by: Host: d15kdpgjg3unno.cloudfront.net
URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.236.169.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-236-169-96.compute-1.amazonaws.com
Software: /
Resource Hash: 9ea0f19e962c7a83808a97c45edf616ce5bf9362864c1f1ef67e091336201007

Request headers

Referer: https://www.thenewstribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
Date: Wed, 21 Dec 2022 02:21:15 GMT
x-amzn-RequestId: 52c2e3fb-fc50-59cb-ac81-bfe7938be4b5
Content-Length: 378
Content-Type: text/xml

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 87ms
34ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.thenewstribune.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 29ms
29ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.thenewstribune.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 458 KB
85 KB 381ms
380ms XHR
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=730463028357692&correlator=2778319158831260&eid=31071256%2C44777898&output=ldjh&gdfp_req=1&vrg=2022120601&ptt=17&impl=fifs&iu_parts=7675%2CTAC.site_thenewstribune%2C_HomePage&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=1x1%2C970x250%7C970x90%7C728x90%2C300x600%7C300x250%2C300x600%7C300x250%2C300x600%7C300x250%2C970x90%7C728x90&ifi=1&adks=133916278%2C3169226637%2C1219296229%2C1219574512%2C1211340632%2C3608025220&didk=1622125026~356144529~303353385~359666826~302699615~1340713370&sfv=1-0-40&ists=32&prev_scp=htl_refresh%3D1%26htl_slot_gpid%3Dweb-overlay%26slot%3Doverlay%7Catf%3Dy%26htl_refresh%3D1%26htl_slot_gpid%3Dweb-top-banner%26pkg%3Da%26slot%3Dtop-banner%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%7Catf%3Dy%26htl_refresh%3D1%26htl_slot_gpid%3Dweb-flex%26slot%3Dflex-1%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%7Catf%3Dy%26htl_refresh%3D1%26htl_slot_gpid%3Dweb-flex%26pkg%3Db%26slot%3Dflex-2%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%7Catf%3Dn%26htl_refresh%3D1%26htl_slot_gpid%3Dweb-flex%26pkg%3Dc%26slot%3Dflex-3%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%7Catf%3Dn%26htl_refresh%3D1%26htl_slot_gpid%3Dweb-fixed-bottom%26slot%3Dfixed-bottom%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0&eri=1&cust_params=is_testing%3Dno%26cob%3Dy%26id%3D%26pl%3Dhomepage%26ref%3D%26sect%3Decefrontpage%26sids%3D%26sub%3Dn%26top%3D%26vl%3D0%26htlbidid%3D14787&sc=1&cookie_enabled=1&abxe=1&dt=1671589275152&lmt=1671589232&dlt=1671589272874&idt=1773&adxs=-12245933%2C315%2C-12245933%2C255%2C1045%2C315&adys=-12245933%2C175%2C-12245933%2C1255%2C2996%2C9014&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C-1%7C1%7C2%7C3&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.thenewstribune.com%2F&frm=20&vis=1&psz=0x0%7C970x0%7C0x0%7C350x0%7C300x0%7C1600x0&msz=0x0%7C970x0%7C0x0%7C350x0%7C300x0%7C1600x0&fws=128%2C0%2C128%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0&ga_vid=1755136708.1671589275&ga_sid=1671589275&ga_hid=1313290490&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d6d3cae3d9267af2551c741c87cc2a0540481422a63ab3b96cf11d7b81d34b2

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4204414533974691611/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4204414533974691611/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COnT16fTifwCFe-IgwcdOQEJYA&gqi=&layout=/sadbundle/%24csp%253Der3%24/4204414533974691611/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4204414533974691611/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4204414533974691611/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COnT16fTifwCFe-IgwcdOQEJYA&gqi=&layout=/sadbundle/%24csp%253Der3%24/4204414533974691611/index.html
date: Wed, 21 Dec 2022 02:21:15 GMT
x-content-type-options: nosniff
content-encoding: br
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86674
x-xss-protection: 0
google-lineitem-id: -2,-1,6175632940,-1,-1,6175632940
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-1,138416362438,-1,-1,138415807463
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3F07 6 KB
3 KB 135ms
29ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewstribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 02:21:15 GMT
expires: Thu, 21 Dec 2023 02:21:15 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 c Show response
ids.cdnwidget.com/ 31 B
205 B 187ms
135ms XHR
application/json 34.107.191.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ids.cdnwidget.com/c?cookieID=&deviceID=&iv=&v=&GCH1=&SCH1=&GCS1=094225224&GCS2=NWRhZTc2NWUtYjAwMi00NDYzLWIzOTItOTAyODhkYjMwMTdkLmxvY2FsLDZlMmQ2MTkzLWFiMzAtNGFlMS04YzZlLTlkZjNiYzc0NDAzOS5sb2NhbA==&pe=false&wsid=3749&varID=&varData=undefined&log=%7B%22config%22%3A%7B%22gmEN%22%3Atrue%2C%22pixEN%22%3Atrue%7D%2C%22apikey%22%3A%222%5EHIykD%22%2C%22cjsversion%22%3A%221.5.9%22%2C%22wsid%22%3A3749%2C%22loadID%22%3A%22JMvTQY1GxnyxtHa%22%2C%22timing%22%3A%7B%22sessionStorageLoad%22%3A46%2C%22IDStageStart%22%3A46%2C%22netComplete%22%3A290%2C%22obsReqpage%22%3A586%2C%22obsReqdata%22%3A699%2C%22obsReqview%22%3A747%2C%22IDStagePrefire%22%3A748%7D%2C%22matches%22%3A%7B%22cookie%22%3Afalse%2C%22LS%22%3Afalse%7D%2C%22info%22%3A%7B%22isSpoofed%22%3Afalse%2C%22PM%22%3Afalse%2C%22DNT%22%3Afalse%2C%22deviceTimezone%22%3A0%2C%22extensionID%22%3Anull%2C%22externalID%22%3Anull%2C%22agent%22%3A%7B%22device%22%3Anull%7D%2C%22firstLoad%22%3Atrue%7D%7D
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_62f4846d97d6cffa05fd709123de3ea8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.191.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.191.107.34.bc.googleusercontent.com
Software: /
Resource Hash: 6627c5ab36fa407f18fc9b6987e359eccef005ae6d35b370d2142b7daa770324

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: https://www.thenewstribune.com
date: Wed, 21 Dec 2022 02:21:15 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

GET
BLOB 200
OK 7b7128fc-82b4-4b49-9951-bb8172e530fa Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/7b7128fc-82b4-4b49-9951-bb8172e530fa
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ooizl-ynbs/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01e865a13312e960b5e6b9ae86272987f3e2c240d9256b82bf40dd0529d3bab9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 471cd52d-fecf-443a-91d2-6db92243ce2e Show response
https://www.thenewstribune.com/ 266 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/471cd52d-fecf-443a-91d2-6db92243ce2e
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ooizl-ynbs/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89959989fc6953c080ffc7ddd6fd58ccd1ea151557cf13e1e8f00d54f12df4a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 266
Content-Type: text/javascript

GET
BLOB 200
OK 0d51f6f6-86b4-408c-9942-737e43a31626 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/0d51f6f6-86b4-408c-9942-737e43a31626
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ooizl-ynbs/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f76b73ee055dea437af2f74b2cb2e61d98c7251c4da10782ddc3014e62f06f86

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 439d97fe-11aa-4fe0-9ae0-d7121e51d52b Show response
https://www.thenewstribune.com/ 354 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/439d97fe-11aa-4fe0-9ae0-d7121e51d52b
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ooizl-ynbs/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de1e4de280b6c5a994c5cf6cd5e9dc27d1007a773610b658fb28abcbe446aa4b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 354
Content-Type: [object object]

GET
BLOB 200
OK 0bbdd714-3c17-4871-a114-4d17eebc054a Show response
https://www.thenewstribune.com/ 370 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/0bbdd714-3c17-4871-a114-4d17eebc054a
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ooizl-ynbs/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4b228f3d327586f6a4496da45c54db8d2dd6fdd1320f776b955fa00b09c8c430

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 370
Content-Type: [object object]

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 90ms
37ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

afb7ea80d0b74fc7796d4ca51b5d473e97ffb4f0aeceaa9fac033992b4c29955

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11181
x-xss-protection: 0

GET
BLOB 200
OK be9dca71-6923-4a0b-a95f-3d4cd8cfeafe Show response
https://www.thenewstribune.com/ Frame 1FAB 580 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/be9dca71-6923-4a0b-a95f-3d4cd8cfeafe
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc23f0b941f100ab048b7ad426f8f0a3baa64f0214128f35c215eec65d79eb44

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 580
Content-Type: text/javascript

GET
BLOB 200
OK b8d4592f-5acc-425e-9880-e273018c532b Show response
https://www.thenewstribune.com/ Frame 32DA 343 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/b8d4592f-5acc-425e-9880-e273018c532b
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f156f7606c83a5b8d821fe2c00e18612a17e1765aaad3662cf28c0b1969e198

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 343
Content-Type: text/javascript

GET
BLOB 200
OK 4d997c6c-c310-4044-9461-e371dfe96d3d Show response
https://www.thenewstribune.com/ Frame 31D8 426 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/4d997c6c-c310-4044-9461-e371dfe96d3d
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a8f221f028cab6d2619c4c624a1be0044cdea534580268ef8e26eced08d61f27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 426
Content-Type: text/javascript

GET
BLOB 200
OK 2ede8e74-72e6-41fa-a8fa-50d00dbe89e8 Show response
https://www.thenewstribune.com/ Frame 089B 390 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/2ede8e74-72e6-41fa-a8fa-50d00dbe89e8
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1fef013c1c2efb6a9abf8510ff88054861f60b56b50d276fd3925ec7fff2047b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 2d2b12ec-8757-4a6d-83e7-fa0ec5d987a2 Show response
https://www.thenewstribune.com/ Frame 7C32 545 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/2d2b12ec-8757-4a6d-83e7-fa0ec5d987a2
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d7a61d537d5d760873c8a3382cd94843074a083d1dee675df4921aa876d3f35

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 545
Content-Type: text/javascript

GET
BLOB 200
OK 2f5f99b4-6683-4317-8b03-d8dcde256426 Show response
https://www.thenewstribune.com/ Frame 12B2 388 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/2f5f99b4-6683-4317-8b03-d8dcde256426
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 38c6a2d5b4a654ad9062ea9e6ba8632e6396ebeaa2943020a0897b9f7e038519

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 388
Content-Type: text/javascript

GET
BLOB 200
OK f0831d91-1510-4bea-9bf9-01b239fde504 Show response
https://www.thenewstribune.com/ Frame 1724 342 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/f0831d91-1510-4bea-9bf9-01b239fde504
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9a3b0bfa12d811192b83c90de77d01b7cf811dfc4f4bb6764c2f931c59659055

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 342
Content-Type: text/javascript

GET
BLOB 200
OK a997a5d6-4364-4c20-9012-88d853ac49e9 Show response
https://www.thenewstribune.com/ Frame F1D5 1 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/a997a5d6-4364-4c20-9012-88d853ac49e9
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0025b4565edf4c7cfc56348ffbe82d06aad15d8950c48e32e7aada9668cac068

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 1282
Content-Type: text/javascript

GET
H2 200 push.26a4f058cebd483ab176.js Show response
www.thenewstribune.com/ooizl-ynbs/ 2 KB
1 KB 26ms
25ms Script
application/javascript 184.24.0.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/ooizl-ynbs/push.26a4f058cebd483ab176.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/7b7128fc-82b4-4b49-9951-bb8172e530fa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.0.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-0-132.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 91967c0586b18289b2492b3b2abfbeb611a36d4a0e249d14efce99eff7af6204

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:15 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 129
content-length: 677
last-modified: Tue, 20 Dec 2022 13:45:07 GMT
server: MI
etag: W/"64d-5f042a4cd9ec0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 745507710 737094840
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=560003
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 chatbot.9be61b379bd436b5a7bd.js Show response
www.thenewstribune.com/ooizl-ynbs/ 2 KB
1 KB 39ms
38ms Script
application/javascript 184.24.0.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/ooizl-ynbs/chatbot.9be61b379bd436b5a7bd.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/471cd52d-fecf-443a-91d2-6db92243ce2e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.0.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-0-132.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: aa942a3ff91212dd6dda93102aed00df77c56644f51aebf6897cba98027f3019

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:15 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 1728
content-length: 1010
last-modified: Tue, 20 Dec 2022 13:45:07 GMT
server: MI
etag: W/"909-5f042a4cd9ec0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 782753246 797152390
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=561736
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 pageLoad.8653a5b5117e4914a471.js Show response
www.thenewstribune.com/ooizl-ynbs/ 130 KB
41 KB 39ms
38ms Script
application/javascript 184.24.0.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/ooizl-ynbs/pageLoad.8653a5b5117e4914a471.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/0d51f6f6-86b4-408c-9942-737e43a31626
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.0.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-0-132.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: b72652b56ae330db8cc49c32017990eb5292f236b0e4618c327d1c686d9f6608

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:15 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 166
content-length: 41629
last-modified: Tue, 20 Dec 2022 13:45:07 GMT
server: MI
etag: W/"2060c-5f042a4cd9ec0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 742235959 750813375
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=560015
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 pdp.gif
www.thenewstribune.com/ooizl-ynbs/ 42 B
384 B 160ms
159ms Image
image/gif 184.24.0.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/ooizl-ynbs/pdp.gif?a=eyJpZCI6Im1pX2FzX3RudF8yMjM5MzA3NjMxNDEyMDk4OTI5MTg3NTQyNDk4NTEzNjQzNzQyNV8xXzBfMTY3MTU4OTI3MzU1NiIsIm5vdyI6MTY3MTU4OTI3NTMxNiwibnMiOnRydWV9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.0.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-0-132.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:15 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 56776
content-length: 42
last-modified: Mon, 19 Dec 2022 14:02:19 GMT
server: MI
etag: "2a-5f02ec47950c0"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 731593625 613986336
content-type: image/gif
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=604800
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 pdp.gif
www.thenewstribune.com/ooizl-ynbs/ 42 B
392 B 160ms
160ms Image
image/gif 184.24.0.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/ooizl-ynbs/pdp.gif?k=eyJpZCI6Im1pX2FzX3RudF8yMjM5MzA3NjMxNDEyMDk4OTI5MTg3NTQyNDk4NTEzNjQzNzQyNV8xXzBfMTY3MTU4OTI3MzU1NiIsImdwdFJlcXVlc3RlZCI6MzY2NCwibG9hZEV2ZW50U3RhcnQiOjUxMDF9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.0.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-0-132.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:15 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 56775
content-length: 42
last-modified: Mon, 19 Dec 2022 14:02:19 GMT
server: MI
etag: "2a-5f02ec47950c0"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 785064366, 941196200 741900676
content-type: image/gif
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=604800
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 1FAB 103 KB
28 KB 72ms
24ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/be9dca71-6923-4a0b-a95f-3d4cd8cfeafe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 21 Dec 2022 02:21:15 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27298
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: uO5Mbc2eGin8Dbss6s74EWQI7Ih3RYmKPLO68L9bs0PHwHm6TT+zqqQq7v8AWtqWsxWbP8sozY5rxERBTF2ReQ==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tag.aspx Show response
ml314.com/ Frame 32DA 31 KB
11 KB 77ms
21ms Script
application/javascript 34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?2111
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/b8d4592f-5acc-425e-9880-e273018c532b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 27d7b573de36acef9ddbf975de05251f5219d2e4b8424288aae62aa57d5a6396

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 01:34:43 GMT
content-encoding: br
age: 2792
x-guploader-uploadid: ADPycdsnuu8dXwS4fEh-PKW94vQwklpnmOazn88rLcfkRxDkTEeJC4rrdqhvdd7XtTxJW2kcHxCvNV1OijhbrEy70f9kgr89cDJk
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10473
last-modified: Tue, 09 Aug 2022 21:49:07 GMT
server: UploadServer
etag: W/"fe36d3317b1b052708eb2260e253aa63"
vary: Accept-Encoding
x-goog-generation: 1660081747697868
x-goog-hash: crc32c=BjH7bw==, md5=/jbTMXsbBScI6yJg4lOqYw==
content-type: application/javascript
cache-id: FRA-1209ea83
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 32025
accept-ranges: none

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 31D8 136 KB
52 KB 79ms
29ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-848620132

Requested by

Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/4d997c6c-c310-4044-9461-e371dfe96d3d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9ea5989732edb102b37fbcd59e7f4a843c05c36af1e10750e00477c9f9c27f09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53207
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Dec 2022 02:21:15 GMT

GET
H2

200

analytics-1.5.12.min.js Show response
cdn.keywee.co/dist/ Frame 089B
Redirect Chain

https://cdn.keywee.co/dist/analytics.min.js
https://cdn.keywee.co/dist/analytics-1.5.12.min.js

22 KB
8 KB

22ms
22ms

Script
application/javascript

2600:9000:2156:1600:e:ec66:e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.keywee.co/dist/analytics-1.5.12.min.js
Protocol: H2
Server: 2600:9000:2156:1600:e:ec66:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d29d84e698eb10452f97d8a6f249b73496beb844cef58e920e3832bd321d64a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 11:30:44 GMT
content-encoding: gzip
via: 1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
last-modified: Mon, 28 Dec 2020 09:55:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 53431
etag: W/"13a05c433850fad0455e2ee1a1707eb0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=259200,public
x-amz-cf-id: o2D-KjLw7Rw8iLiXxU8a_IK0jescsNjZaFYoKO8bfILmYo_Cx3cinw==

Redirect headers

date: Wed, 21 Dec 2022 02:21:16 GMT
via: 1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
location: /dist/analytics-1.5.12.min.js
content-length: 0
x-amz-cf-id: llvZbx41zeklm-GMzkNTJl_oI25Yst9eP6MInALfTytnWcMK8RU0zg==

GET
H/1.1 200
OK events.js Show response
tags.srv.stackadapt.com/ Frame 7C32 17 KB
6 KB 465ms
114ms Script
text/javascript 44.209.218.223
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/2d2b12ec-8757-4a6d-83e7-fa0ec5d987a2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.209.218.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-218-223.compute-1.amazonaws.com
Software: /
Resource Hash: d68b8ce9f72f1dc6328c565cea5a982794b16107d14c1b0c74c98e9379d64788

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 21 Dec 2022 02:21:15 GMT
Cache-Control: max-age=5
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 5381
Content-Type: text/javascript

GET
H2 200 m
secure-us.imrworldwide.com/cgi-bin/ Frame 12B2 44 B
597 B 212ms
45ms Image
image/gif 46.51.201.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.thenewstribune.com/&rp=&ts=compact&rnd=1671589275393
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.51.201.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-51-201-242.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 02:21:15 GMT
server: nginx
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-us.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 quant.js Show response
edge.quantserve.com/ Frame 1724 25 KB
10 KB 74ms
22ms Script
application/javascript 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.quantserve.com/quant.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/f0831d91-1510-4bea-9bf9-01b239fde504
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d854082be0173c977aad8f65cdb9b88fd005f3dd3f34f894ab9fdba5a283780f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:15 GMT
content-encoding: gzip
etag: "StHfV9prSwQMxjKWocWEFw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Wed, 28 Dec 2022 02:21:15 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame F1D5 109 KB
43 KB 106ms
61ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-48278079-1

Requested by

Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/a997a5d6-4364-4c20-9012-88d853ac49e9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bf6bc1aa9838ce82292b3f20f001742e56d80fa548942deb96e23aa2c361e930

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43652
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Dec 2022 02:21:15 GMT

GET
H2 200 pushly-sdk.min.js Show response
cdn.p-n.io/ 220 KB
50 KB 99ms
31ms Script
application/javascript 18.66.112.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=Nv2FlxP0ilQCLgZJ8iLg2qZHnsOUBRevIweT
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ooizl-ynbs/push.26a4f058cebd483ab176.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-4.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ff1954848478f652afd2a8e780863b412d7c7b58307ae9d37b380f257ee4eddf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:15 GMT
content-encoding: gzip
via: 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
last-modified: Tue, 20 Dec 2022 07:05:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 651
etag: W/"9cd0cf2adcc3e59f7b212e5decec5cfa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=900
x-amz-cf-id: VItx52op7tUVIpJ-NPuhnQ3reSD_pjZtnMPdj7g-l8pkOtMGXosNpQ==

GET
H2 200 tag.js Show response
lptag.liveperson.net/tag/ 21 KB
8 KB 196ms
36ms Script
application/javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/tag/tag.js?site=2196236

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ooizl-ynbs/chatbot.9be61b379bd436b5a7bd.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=300; includeSubDomains
last-modified: Thu, 03 Sep 2020 08:27:49 GMT
server: ws
etag: "5f50a905-1d8f"
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length: 7567

GET
H2 200 cookie-consent.css
cdn-prod.securiti.ai/consent/ 41 KB
8 KB 99ms
22ms Stylesheet
text/css 2600:9000:223f:e00:12:1bf:30c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-prod.securiti.ai/consent/cookie-consent.css

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ooizl-ynbs/pageLoad.8653a5b5117e4914a471.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:e00:12:1bf:30c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7b0f51ee5400fd66a44bf55bcf94ad8287d59833e45b96037344cb285c0b67ff

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: dmYCEZJ5aA4wGJm9gwLjEiJ6tFDDvWFf
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
content-encoding: gzip
date: Wed, 21 Dec 2022 01:42:48 GMT
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2308
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Fri, 16 Dec 2022 21:11:36 GMT
server: AmazonS3
etag: W/"980629463a979a52564a453e67c7f023"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
x-amz-cf-id: UeDJcnpz7akLSiws246xK8wbpe9kjhsUK8fSBMD6r-mft11VZFDr-Q==

GET
H2 200 cookie-consent-sdk.js Show response
cdn-prod.securiti.ai/consent/ 189 KB
48 KB 67ms
25ms Script
application/javascript 2600:9000:223f:e00:12:1bf:30c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-prod.securiti.ai/consent/cookie-consent-sdk.js

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ooizl-ynbs/pageLoad.8653a5b5117e4914a471.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:e00:12:1bf:30c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

379f9e5b00a8989947938c2ea7b8bcefa55a4217ab32fbe3fe41df71906d5488

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 2aQqlKGfTU2KJi8_DDq3G2_W.NB8gFmc
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
content-encoding: gzip
date: Wed, 21 Dec 2022 01:38:20 GMT
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2575
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Fri, 16 Dec 2022 21:11:32 GMT
server: AmazonS3
etag: W/"c394d613275f81f274583d312f067db0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
x-amz-cf-id: zh5j07lYmIE97B85VJdlFiXU78Ur6yQQz_WFLfNbJ9ICdtH8VnFH-Q==

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 100ms
39ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Dec 2022 02:21:15 GMT

GET
H3 200 utsync.ashx Show response
ml314.com/ Frame 32DA 62 B
81 B 92ms
47ms Script
application/javascript 34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=88280&ct=js&pi=&fp=&clid=&if=1&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.thenewstribune.com%2F&pv=1671589275475_r5cgmdpmn&bl=en-us&cb=4923331&return=&ht=&d=&dc=&si=1671589275475_r5cgmdpmn&cid=&s=1600x1200&rp=https%3A%2F%2Fwww.thenewstribune.com%2F&v=2.5.2.2
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?2111
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 02:21:15 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/javascript; charset=utf-8
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62
expires: 0

GET
H2 200 rules-p-50B2Fi6bBqYto.js Show response
rules.quantcount.com/ Frame 1724 1 KB
1 KB 99ms
29ms Script
application/javascript 2600:9000:2127:cc00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-50B2Fi6bBqYto.js
Requested by: Host: edge.quantserve.com
URL: https://edge.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:cc00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 75d9d212e2811afea51e1b0d425566c5b3f2be843066b5a8f91f9df7c328cda6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:15:58 GMT
content-encoding: gzip
via: 1.1 0c8bf5614b4bcc3e76982cb7ff9a7662.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 326
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 13 Oct 2022 22:15:13 GMT
server: AmazonS3
etag: W/"52f4ba3839d01c1dbb310f6ef96bde89"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: 5h-Sco6Zns5J443IkJnjIC3ulL389CFqfGWBDaGbZL-WucQkSY1aRA==

GET
H2 200 init1.js Show response
api.bounceexchange.com/bounce/ 36 B
341 B 199ms
69ms Script
text/html 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bounceexchange.com/bounce/init1.js?wklzs=1117&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgDYB2fAVgA4BOAJmLIBYKBmTYALxCgAZMB3AKYAjHKmACA+qgAmUZsQZVMAJwE4QAGzhoMBQt24APfDQMqBMActXKo2AIYaNqBAHMJcZRqgALYMAAHHABSZgBBYJoAMUiovniAOmAfAQQBPhxgZVQhRAEEpBAAW1jMADdUUWAJQpAAa1QBKGDiACFImg0AjtCImho-QJCaMnDIsmjx6Pi+JJS0jKycvILiqZj+yIBhDuUesc3N4gARbBB6xua2jrL9iOv+nDghIrFxaQkikGUEF1c7mCOHACbYdARlKwSDQgVyuAQfFwAoEgmg7R7PV7+eESDBVFE0XqAjTA0Hol5vbGFZQYewVZRwYYE8JEkmojoBewyCRPERIbJCKxI4kotGdGFwhEIKTSVJoGCNaRC1mihBwIrc54SDlwiQVdKM3rcUk0ALZMr2JAATxq5waagkFqQAgC7yVIJOxukriiqGUmQAMiB7IrNuEsnB3adzX6ANrayTAS0BAQAXV8xQE5XssYqMpAusqOQ0qdgyKzsezaCQxYkCHsRRLLMz0ZwMcrqGrkiQ9nErm+lrTTfLreBKHQUu7vf7g7LLZjPMx70+31+bhnwuHMehsOxLnXwM34Mh24lUgQ++b2db0hgAQkyiE0KQdTTCBA1VUwctm4XFI+uLERtZyvNtlCrGs6gES0+G+aQcAvTcGUhYFXAbBBgHg5oyHaMgoxAvsYRrAIQACOA7wqURHyAjc51-LEPipGk6QZBC5w5LkeRwPkcisViQKEC06nlJwJBlAJoUtNDgDTTcT13KUZFlVB5XhPjYxgVRJHbTs1NbJAfGpBsJCEakMl4qBw0vWNOO4gUtXsOFdJjVV1R5eydT1DI014NizQta1ajtHAHSQJ0XVU0saJA+Mah8ew3Gxb57wsVQcBSaRWJlGAt3FeTpSUlSMsig8yiy5y1Q1IR3MkTzMJ8srTVQc0rRtC57UdZ13gQwLGgkUB8w0bM4WKzMhACHhMAEQIoBjAAibTi1mgAaWbJwEPtlEtZbZtcRxi027afAzbbgWzfTZpTTAXTwI6GzOIpxNQeKnQkGBBtcOwyjiqAgA
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main_e2d6c32b895aee0a3860d165f6afbb7b.br.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: fe3fcb884394be745dbd11141b6d780028a4d86106b6292d7502db096f582218

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
date: Wed, 21 Dec 2022 02:21:15 GMT
content-encoding: gzip
x-envoy-upstream-service-time: 27
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2 204 cjs-logger
e.cdnwidget.com/ 0
100 B 188ms
137ms Image
image/png 34.102.193.48
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.cdnwidget.com/cjs-logger?source=ID%20generation%20error&severity=Warning&error=Country%2520not%2520allowed&cookieID=&deviceID=&BXWID=3749&warpspeed=2%5EHIykD&loadID=JMvTQY1GxnyxtHa&version=1.5.9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.193.48 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 48.193.102.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:15 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/png

GET
H3 200 1081709588515684 Show response
connect.facebook.net/signals/config/ Frame 1FAB 293 KB
84 KB 50ms
24ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1081709588515684?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3c4501f00a895cee2b6a92c2ed2482c3fdd3512febac899e30533a48bfcbd545

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 21 Dec 2022 02:21:15 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86262
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: mPXwas4C6zd3C3Cu4Co2e91On+U/UqGpN7pgZMRbKsBFo1mg1lT2UM8EJSCDHv09a6D3noUz2LvTLIkwOB7AOg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/848620132/ Frame 31D8 2 KB
1 KB 118ms
68ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/848620132/?random=1671589275513&cv=11&fst=1671589275513&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fwww.thenewstribune.com%2F&ref=https%3A%2F%2Fwww.thenewstribune.com%2F&tiba=ggaw&auid=101453419.1671589276&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-848620132

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cefaa2122b5241fdfe02a820ab07fdad41335a9b216369173a9c7ea845f0b4aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 02:21:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 870
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3010.js Show response
cdn.keywee.co/config/ Frame 089B 233 B
564 B 22ms
21ms Script
application/javascript 2600:9000:2156:1600:e:ec66:e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.keywee.co/config/3010.js
Requested by: Host: cdn.keywee.co
URL: https://cdn.keywee.co/dist/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1600:e:ec66:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5f3013245f4ee591e331364ee5044664a65048925168bfee28037bb16082f5b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:02:31 GMT
via: 1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
last-modified: Fri, 25 Feb 2022 21:45:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 15754
etag: "81210c02155f33808ec1fb7ec890dfee"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
content-length: 233
x-amz-cf-id: 5wNxgk4lSk_tC9WWN6CkFad98XdfYgq2IuZXx-sXchdd0NLz2jr1iA==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame F1D5 49 KB
20 KB 71ms
21ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-48278079-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 21 Dec 2022 01:50:44 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1831
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 21 Dec 2022 03:50:44 GMT

GET
H3 200 container.html Show response
edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AE5C 6 KB
3 KB 65ms
21ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202212121148/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewstribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 02:21:15 GMT
expires: Thu, 21 Dec 2023 02:21:15 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9D62 0
0 61ms
61ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstdwxjVaWKL89gBG2ufsxASi-zdRwJerW8FGFRGCJyGQmj4SgWBQM-2NtOaoTRkCTh0jioArvAYa0qu82sr4rPpcXGAzRLB4IK_aDzlACPzirbDkuf0qu7VQMmfy93Xdcd26wJ9zxAb7E06DUS26PhIKo7ieh0mNJA1E7b-UxhBKdQT5sCxNgPUtVuNb9pCj9O6l79nAZsirNzMfIrbjr4rXbKB8BcIslBvKwuLrOHeLCWQFMxNTa_RLfkXJj-ELU0HlsMUFlqJrxXbADYiHKEAgqhYg0sA9Clhp0gdVOAkqayGRuHBjH3sa7yxwHjN2nRjI4K8JESnHSY_lzxzsQt6lmIbXD5jenjw8Lk3t0HXI8fLdbQmt9Ju5w&sai=AMfl-YTh64t5clsmvJWpVmV2v41PD8EUWf-D598diU2rpy6r6Q3GN-FPSVYDUr0HQJUqo9hCLSkayivjbzqsEQ5wjZgsK00gPnpiin0MdEfyEb5rd8zRHAMW8gZXTNgsH_Yx&sig=Cg0ArKJSzP_KYbTP6AMsEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 9D62 23 KB
9 KB 70ms
22ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 10:07:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58423
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Jan 2023 10:07:32 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 9D62 3 KB
1 KB 73ms
26ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 20:42:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20312
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Jan 2023 20:42:43 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9D62 0
0 31ms
30ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRiLvpwmagNpNWpHd-wHo8Bo60l7TZiezwUjFQU4WbVOrh_MjWEXOlVCdSwG_vUFXH46Sus
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9D62 153 KB
47 KB 90ms
34ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Dec 2022 02:21:15 GMT

GET
H3 200 4977148588003013168
tpc.googlesyndication.com/simgad/ Frame 9D62 73 KB
73 KB 80ms
33ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4977148588003013168

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea3beb3b729fa441bfe32c9025cb5b80981c4df45cdc63ba6d77879e07d0c230

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 11:20:49 GMT
x-content-type-options: nosniff
age: 226826
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74736
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 00:00:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 18 Dec 2023 11:20:49 GMT

GET
H3 200 container.html Show response
edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6345 6 KB
3 KB 21ms
21ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202212121148/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewstribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 02:21:15 GMT
expires: Thu, 21 Dec 2023 02:21:15 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A32A 6 KB
3 KB 22ms
21ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202212121148/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewstribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 02:21:15 GMT
expires: Thu, 21 Dec 2023 02:21:15 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 952D 0
0 60ms
60ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssFAWi0PcwRf7PF69JbuCwUt7DKPdbCFVG76gepuTTz8_IVy0p3Z2kGoGtME4x87jJ8cRRzcFBEuJD05I3kAM50R1gPbVnM0CeNv2ZEyaidjWF1aiyYA9J0txuuCBdzIrINvgpVYrqt2-hz7GnW0hQ186qp7_e2bLkXhryU6QWvozNEcca6hdSpr5FWHFUjZhpYo84w_SlJWIcKTzOIhDDcJ-TWz5sb1YaBpSmlFfwdo9LAONweBQY2JZwSt60yNoi_DZgOO9MiVWqya2QNnu02C8md9jjLV8FLauYJp5enh-PScJC5wvXIzUkZxsXZQd8sGaplwew0qPMIPXN_QY4xmn6OIOSLOsn1xOsx1nSk_6wL6lJwGXy0AA&sai=AMfl-YRyKjakQD6NXbn-vtUCGc4_OKlC6FaADWStEuadCJ0qp3eDVWnCJt0z54QzMNJB70_lg8aJ1zTH1sDDvGlTbd8zyn8lQvNYcMA3Zh3--c1xhl38eEqWd0tINVcFA_bp&sig=Cg0ArKJSzG3ER_geZyCYEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 952D 23 KB
9 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 10:07:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58423
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Jan 2023 10:07:32 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 952D 3 KB
1 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 20:42:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20312
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Jan 2023 20:42:43 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 952D 0
0 31ms
30ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS_7UgHi4YRvBwr4WGkYeunJdIjrET439cKgGUwtwdUIZNgI1H-gqotyfrQaxrQp01_n8-_
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 952D 153 KB
47 KB 67ms
63ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Dec 2022 02:21:15 GMT

GET
H3 200 6548609989777871249
tpc.googlesyndication.com/simgad/ Frame 952D 71 KB
71 KB 35ms
35ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6548609989777871249

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95c9d55236c9738e63958cae59ad3e318e1878aff5ca8af40bf2eb24f67ff0b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 10:10:44 GMT
x-content-type-options: nosniff
age: 317431
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72768
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 15:32:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 17 Dec 2023 10:10:44 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 48ms
48ms Image
image/gif 34.246.233.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=304&ntv_ui=9373f727-f3b9-42d7-a185-f99137d4c48b&ntv_a=AAAAAAAAAAWq0QA&ntv_ht=mm2iYwA&ntv_fl=aiKFO5BQmNlpJWOY5E-s2QR8pMh2mCVbW-xvMZq4kDSm4iWXqKfnzjH0L91tJiZGdPIBhGCqcPLipPYhWXiV3bB7ivOyqG3QupmxI41dCVEJAsWp0WgREqLrr1a4XcP6IpL2hNeeDAgVsxAYEWvAMDuPyzpl71Uecl9laUVG3vEbzYb-eeVp2dzXOdlIJH_Z&ord=-1986021887&ntv_ift=0&ntv_it
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.233.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-233-4.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 02:21:15 GMT
server: nginx/1.12.1
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 en.json Show response
cdn-prod.securiti.ai/consent/cookie_banner/0451dd58-47bb-4a6e-9e6f-7fbe4070b019/e1f7f95d-86a8-43ee-baa1-dbf966e10daa/ 229 KB
56 KB 67ms
24ms XHR
application/json 2600:9000:223f:e00:12:1bf:30c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-prod.securiti.ai/consent/cookie_banner/0451dd58-47bb-4a6e-9e6f-7fbe4070b019/e1f7f95d-86a8-43ee-baa1-dbf966e10daa/en.json

Requested by

Host: cdn-prod.securiti.ai
URL: https://cdn-prod.securiti.ai/consent/cookie-consent-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:e00:12:1bf:30c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4a5ca62ea2dc8c4a9f826a9f047cc12c5ec311a9dec85e850978a7aa9f4af1af

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 3OrHcDOu1Chd0uzBSLHf0eap89gE14cO
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
content-encoding: gzip
date: Tue, 20 Dec 2022 13:50:41 GMT
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 45640
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 06 Dec 2022 15:57:53 GMT
server: AmazonS3
etag: W/"1f7bc666ee96ddda9e5220b3aa6b6f48"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
x-frame-options: DENY
cache-control: public,max-age=86400
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: Gs-HsJRowrF9lPnzakbgkLy_usg0KNUquLgDv_24j-0HUgCofSbSnQ==

GET
H2 200 location Show response
app.securiti.ai/core/v1/utils/geo/ 829 B
1 KB 614ms
188ms XHR
application/json 35.166.34.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.securiti.ai/core/v1/utils/geo/location

Requested by

Host: cdn-prod.securiti.ai
URL: https://cdn-prod.securiti.ai/consent/cookie-consent-sdk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.166.34.221 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-166-34-221.us-west-2.compute.amazonaws.com

Software

Resource Hash

86b1ee29b2a05af1d09b09d013c8377c25326858975f42c82e27811013b94617

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=315360000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:16 GMT
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
x-content-type-options: nosniff
strict-transport-security: max-age=315360000
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
access-control-allow-credentials: true
content-length: 829
x-xss-protection: 1; mode=block

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4204414533974691611/ Frame 5D16 18 KB
4 KB 23ms
23ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4204414533974691611/index.html

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19077ed0387541633bebe693427f72a78ec7cc5fbef9be817786aff9f54858d0

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 467432
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3934
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Dec 2022 16:30:43 GMT
expires: Fri, 15 Dec 2023 16:30:43 GMT
last-modified: Wed, 14 Dec 2022 07:50:10 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame AE5C 0
0 64ms
64ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CWw5gm22iY6maDu-RjuwPuYKkgAal1ZP4bf3Sg4rmEICqn4OYOBABIJjiyBtglfrwgYwHoAGFnLPLA8gBCakCQT3smXQngz7gAgCoAwHIA0iqBLACT9C7PNEhECq6uj5jBEuhloqk_O0z9Sj2L-Llut_Kgg-JYH02-ooPdTLo06x7HZ-3xfK_tsIDoAYTbV4u83jSVhgYWb-asB6BEHf5eG3poYY5MAJtId_XjtHEkSU5XUNvVT0xya2f9zjqJBZwl9ewKxgay4pLtrdgtcs9lpy-hmkKgRLxUUujDRPcmvRGk-4BWAqHdyGknuMxjqD7TNoa2LrXhr3i79ac3h8iuTz5iwj0NZL6bhLq82z9OXiinxGRuh-VVI8MFhe-jRhHCu2cegOosCjeFB-MnnKWu1HQ0zkz2eTxrNMl-ItAvrYm8jGqhy8W8G57YrJkcFFj0IjskE4Cai0mfpmky14MvIhxRlBqdVw4lccEwjDqvLpUt6esxqV0nS3r7UnpkIpdVcCxo8AExtrLiJUE4AQBoAYugAfj48w0qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ2NsH0ggRCIDhgHAQARgdMgLrAjoCgECACgPICwHYEwPQFQGYFgGAFwGyFx4KHAgAEhRwdWItMzQ0NjMwNTg1OTE1NzI0MRiGwg8&sigh=i4Lw0MsW4z0&uach_m=[UACH]&cid=CAQSOwDq26N9Tc25j4LGf0CUaRzCX4EysmPcMjabSbY_lGexD4j4fkWdcEYgVUnRdgV77yvlqr3rgAXJ458jGAEgEw&template_id=419
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame AE5C 23 KB
9 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com
URL: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 10:07:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58423
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Jan 2023 10:07:32 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame AE5C 68 B
244 B 148ms
45ms Image
image/png 16.170.180.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_YXdNeFZaTHBOVzZLNkVHNldDNVM4b1JfYTY4LzIzMDUzMzY3NjY6OTMweDE4MA==&v=5&s=v31gkp7oa7o&id=eyJkZnAiOnsiYWQiOjE3MjA0NTc0LCJjIjpudWxsLCJsIjowLCJvIjoyMzA1MzM2NzY2LCJBIjoiLzc2NzUvVEFDLnNpdGVfdGhlbmV3c3RyaWJ1bmUvX0hvbWVQYWdlIiwieSI6MCwiY28iOjAsInMiOiJodGxhZC0yLWdwdCJ9LCJ0cF9jcmlkIjpudWxsfQ%3D%3D&sb=undefined&cb=5030208&h=www.thenewstribune.com&d=eyJ3aCI6IllYZE5lRlphVEhCT1Z6WkxOa1ZITmxkRE5WTTRiMUpmWVRZNEx6SXpNRFV6TXpZM05qWTZPVE13ZURFNE1BPT0iLCJ3ZCI6eyJvIjoyMzA1MzM2NzY2LCJ3IjoiOTMwIiwiaCI6IjE4MCJ9LCJ3ciI6Mn0=
Requested by: Host: edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com
URL: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.170.180.228 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-16-170-180-228.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Wed, 21 Dec 2022 02:21:16 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 error_handler.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 6345 7 KB
3 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/error_handler.js

Requested by

Host: edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com
URL: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f26ccd4e8b025d912f8fc717147c83f61888ade088fb1b2c62f67537e6e4cb46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 09:15:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61551
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3136
x-xss-protection: 0
server: cafe
etag: 5752131211420753933
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Jan 2023 09:15:25 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 6345 2 KB
535 B 79ms
32ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com
URL: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Dec 2022 02:21:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 00:50:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Dec 2022 02:21:16 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6345 0
0 31ms
30ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT2nEl_d5Ea_2lUEHOJZOqCWQa3sv4KiwElV81JmTu7l2bMG9VeZk2SnbLNep4FeNrwiDJ9
Requested by: Host: edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com
URL: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6345 153 KB
47 KB 74ms
30ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com
URL: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Dec 2022 02:21:16 GMT

GET
H3 200 148b897ed20242fb53e65c70a8c63c89.js Show response
www.gstatic.com/mysidia/ Frame 6345 34 KB
14 KB 65ms
21ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/148b897ed20242fb53e65c70a8c63c89.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com
URL: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 20:17:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 367399
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14307
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 19:06:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 16 Mar 2023 20:17:57 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame 6345 68 B
243 B 44ms
43ms Image
image/png 16.170.180.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_YXdNeFZaTHBOVzZLNkVHNldDNVM4b1JfYTY4LzIzMDUzMzY3NjY6MzAweDYwMA==&v=5&s=v31gkp7oaam&id=eyJkZnAiOnsiYWQiOjE3MjA0NTc0LCJjIjpudWxsLCJsIjowLCJvIjoyMzA1MzM2NzY2LCJBIjoiLzc2NzUvVEFDLnNpdGVfdGhlbmV3c3RyaWJ1bmUvX0hvbWVQYWdlIiwieSI6NzY2MjUsImNvIjowLCJzIjoiaHRsYWQtNC1ncHQifSwidHBfY3JpZCI6bnVsbH0%3D&sb=undefined&cb=1096736&h=www.thenewstribune.com&d=eyJ3aCI6IllYZE5lRlphVEhCT1Z6WkxOa1ZITmxkRE5WTTRiMUpmWVRZNEx6SXpNRFV6TXpZM05qWTZNekF3ZURZd01BPT0iLCJ3ZCI6eyJvIjoyMzA1MzM2NzY2LCJ3IjoiMzAwIiwiaCI6IjYwMCJ9LCJ3ciI6Mn0=
Requested by: Host: edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com
URL: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.170.180.228 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-16-170-180-228.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Wed, 21 Dec 2022 02:21:16 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 error_handler.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame A32A 7 KB
3 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/error_handler.js

Requested by

Host: edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com
URL: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f26ccd4e8b025d912f8fc717147c83f61888ade088fb1b2c62f67537e6e4cb46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 09:15:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61551
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3136
x-xss-protection: 0
server: cafe
etag: 5752131211420753933
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Jan 2023 09:15:25 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A32A 2 KB
535 B 34ms
34ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com
URL: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Dec 2022 02:21:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 00:42:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Dec 2022 02:21:16 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A32A 0
0 30ms
30ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRng3VuS1ggfJ4OJZo3gwTnt4jmhghb8d37YGFA9_bRORHXLSv5f9sOOiLn9SvfxZhP0whk
Requested by: Host: edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com
URL: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A32A 153 KB
47 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com
URL: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Dec 2022 02:21:16 GMT

GET
H3 200 148b897ed20242fb53e65c70a8c63c89.js Show response
www.gstatic.com/mysidia/ Frame A32A 34 KB
14 KB 64ms
31ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/148b897ed20242fb53e65c70a8c63c89.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com
URL: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 20:17:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 367399
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14307
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 19:06:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 16 Mar 2023 20:17:57 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame A32A 68 B
243 B 43ms
43ms Image
image/png 16.170.180.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_YXdNeFZaTHBOVzZLNkVHNldDNVM4b1JfYTY4LzIzMDUzMzY3NjY6MzAweDYwMA==&v=5&s=v31gkp7oad3&id=eyJkZnAiOnsiYWQiOjE3MjA0NTc0LCJjIjpudWxsLCJsIjowLCJvIjoyMzA1MzM2NzY2LCJBIjoiLzc2NzUvVEFDLnNpdGVfdGhlbmV3c3RyaWJ1bmUvX0hvbWVQYWdlIiwieSI6NzY2MjUsImNvIjowLCJzIjoiaHRsYWQtNS1ncHQifSwidHBfY3JpZCI6bnVsbH0%3D&sb=undefined&cb=5182861&h=www.thenewstribune.com&d=eyJ3aCI6IllYZE5lRlphVEhCT1Z6WkxOa1ZITmxkRE5WTTRiMUpmWVRZNEx6SXpNRFV6TXpZM05qWTZNekF3ZURZd01BPT0iLCJ3ZCI6eyJvIjoyMzA1MzM2NzY2LCJ3IjoiMzAwIiwiaCI6IjYwMCJ9LCJ3ciI6Mn0=
Requested by: Host: edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com
URL: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.170.180.228 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-16-170-180-228.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Wed, 21 Dec 2022 02:21:16 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ Frame 1FAB 0
18 B 63ms
30ms Image
text/plain 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1081709588515684&ev=PageView&dl=https%3A%2F%2Fwww.thenewstribune.com%2F&rl=https%3A%2F%2Fwww.thenewstribune.com%2F&if=true&ts=1671589276089&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1671589276088.1095772798&it=1671589275491&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 21 Dec 2022 02:21:16 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ Frame 1FAB 0
15 B 63ms
30ms Image
text/plain 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1081709588515684&ev=ViewContent&dl=https%3A%2F%2Fwww.thenewstribune.com%2F&rl=https%3A%2F%2Fwww.thenewstribune.com%2F&if=true&ts=1671589276090&sw=1600&sh=1200&v=2.9.90&r=stable&ec=1&o=30&fbp=fb.1.1671589276088.1095772798&it=1671589275491&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 21 Dec 2022 02:21:16 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 pixel;r=511300543;labels=TNT;rf=0;a=p-50B2Fi6bBqYto;url=https%3A%2F%2Fwww.thenewstribune.com%2F;ref=https%3A%2F%2Fwww.thenewstribune.com%2F;uht=2;fpan=1;fpa=P0-451119471-1671589275480;pbc=;ns=1;ce=...
pixel.quantserve.com/ Frame 1724 35 B
371 B 48ms
22ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=511300543;labels=TNT;rf=0;a=p-50B2Fi6bBqYto;url=https%3A%2F%2Fwww.thenewstribune.com%2F;ref=https%3A%2F%2Fwww.thenewstribune.com%2F;uht=2;fpan=1;fpa=P0-451119471-1671589275480;pbc=;ns=1;ce=1;qjs=1;qv=bf501fc4-20221215111636;cm=;gdpr=0;d=thenewstribune.com;dst=0;et=1671589276092;tzo=0;ogl=;ses=759af6f5-6804-452d-b543-6187babd0ceb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 02:21:16 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C391 13 KB
5 KB 23ms
22ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thenewstribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 17287
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 21:33:09 GMT
expires: Wed, 20 Dec 2023 21:33:09 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EDAB 783 B
535 B 33ms
33ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

024dea2d4ebaec53d0aca12344ab0b5dd96afa52fc8f063a608085674f0536a6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-c9BU2YsB70UYGW3a2Vlvag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thenewstribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-c9BU2YsB70UYGW3a2Vlvag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 02:21:16 GMT
expires: Wed, 21 Dec 2022 02:21:16 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 /
www.google.com/pagead/1p-user-list/848620132/ Frame 31D8 42 B
64 B 36ms
36ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/848620132/?random=1671589275513&cv=11&fst=1671588000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fwww.thenewstribune.com%2F&ref=https%3A%2F%2Fwww.thenewstribune.com%2F&tiba=ggaw&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=421039788&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 02:21:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/848620132/ Frame 31D8 42 B
548 B 108ms
35ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/848620132/?random=1671589275513&cv=11&fst=1671588000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fwww.thenewstribune.com%2F&ref=https%3A%2F%2Fwww.thenewstribune.com%2F&tiba=ggaw&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=421039788&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 02:21:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame F1D5 2 B
22 B 76ms
30ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1428703279&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thenewstribune.com%2F&dr=&dp=%2F&dh=thenewstribune.com&ul=en-us&de=UTF-8&dt=Home%3AHomepage&sd=24-bit&sr=1600x1200&vp=&je=0&_u=YEBAAUABAAAAACgDIC~&jid=1515051200&gjid=1172073877&cid=651578776.1671589276&tid=UA-48278079-1&_gid=1810981518.1671589276&_r=1&gtm=2oubu0&cg1=The%20News%20Tribune&cg2=Homepage&cd1=TNT&cd2=The%20News%20Tribune&cd3=Home&cd4=_HomePage%7C%7C%7C%7C&cd6=Homepage&cd7=Product%3A%20Escenic&cd14=&cd15=&cd16=loggedin%3Ano&z=1676696326

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thenewstribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 02:21:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9D62 0
0 62ms
61ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsufRiOtfNvs-31ULJ5zo6Na_TCSOVa66cgVdGD8aYKFgbmFfBfjLNnqrnXSl1-p64rxflLHMjQY2UNr9OE9rFQnYbs8vwby_3UykKwsf8cDKnCJ_RgRsPZmcv-8Fczn1yvHDeInCH4D5QCW89gc66ygSTJVlUKv2tXEgaUubQgu7boam4BRXwAqeKAma4wkY_5mTLZthZpHW7HEjUcdwAfvggIcG2nZxK-kMj5-cQbIucxf6fqaJRfcQ6pXXibUYJDPNPyK6Jzjupo6YxitKdcnRuTwtzda7p5Ch-opvlBRr2ye7MwnTd5jshFfPYOx55thSIE1t4UcyqNXC8THX7wz5bsXBkDxuxPpEcbHzg&sai=AMfl-YTPCTqxFlog5-t_evXub38XvIalEuVxa7gwLzRFM6nDDFQo5PeKdvStV1ALksaHszphacRJ4aoD1QGbUUYZN-vEYbfOu3Vuwwgeo5lQR_JVxWnQCjLjJXkrdtIfpEPg&sig=Cg0ArKJSzExdf2tSmTXkEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 21 Dec 2022 02:21:16 GMT

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ Frame 2D0C 43 B
245 B 115ms
115ms Image
image/gif 34.224.131.223
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNjE3NTYzMjk0MCIsImVidXkiOiIzMTIwNzUwNjY1IiwiZWFkdiI6IjUxMDM4ODUwNTYiLCJlY2lkIjoiMTM4NDE2MzYyNDM4IiwiZWVudiI6ImoiLCJlcGlkIjoiMTQ0ODUzNzQiLCJlc2lkIjoiMTQ0ODUyNTQifQ&tv=js-3.0.160&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=10&tvcfg=all&tid=f1448634-8be5-48a3-8768-7756e303af6d&pid=37de7485-80b9-4062-acd0-682077198219&dtm=1671589276148&qnm=_matherq&visible=1&tabid=41806a3d-f941-4dfa-8902-5c6ca65eebfe&refr=https%3A%2F%2Fwww.thenewstribune.com%2F&url=https%3A%2F%2Fwww.thenewstribune.com%2F&vrefr=https%3A%2F%2Fwww.thenewstribune.com%2F&vp=0x0&ds=0x0&tofa=1671589274&vid=1&lvidt=1671589274&duid=f1b0187b-a65f-4e6b-bca3-37b28cd061e2&fp=983239506&cid=ma12095&mrk=74930801
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.224.131.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-131-223.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date: Wed, 21 Dec 2022 02:21:16 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 5D16 6 KB
3 KB 24ms
21ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4204414533974691611/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02ebc319500d29d704855de3d846bbb2479434953bb7b34f533122f432ce33bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 18:58:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26579
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2568
x-xss-protection: 0
server: cafe
etag: 6734328975651772599
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 21 Dec 2022 18:58:17 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 5D16 34 KB
13 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4204414533974691611/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 09:40:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60018
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 21 Dec 2022 09:40:58 GMT

GET
H3 200 d681b0ea493b86917629fde5a55da662.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4204414533974691611/ Frame 5D16 96 KB
28 KB 27ms
25ms Script
application/x-javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4204414533974691611/d681b0ea493b86917629fde5a55da662.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4204414533974691611/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f6bced2edd1fe6b5d65915df4e7784f948f6ac71f2d620000dcfa7287055b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 18 Dec 2022 16:46:34 GMT
age: 207282
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28783
x-xss-protection: 0
last-modified: Wed, 14 Dec 2022 07:50:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 18 Dec 2023 16:46:34 GMT

GET
DATA 200
OK truncated
/ Frame 952D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4681233e2976482f51104bf6da715bf3a5bf1a81a4dd970f049a1d1680672511

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 952D 0
0 59ms
58ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst8e47QNv87hfFiPMN9ehJkAOfFJhHyQ9EvxxkrejasYKid4Vw5BTiYIouhoPAWFus8p2-0JCwpmwN9vsVZbn7Oq0sDjsFtt8OITG8CNMQAG7q7HJe9yXF6b5-YnaLOUetwLrOt_dMgPpU_16_Hpisbp-PDWIy_3F_konT-4wzFaAtQ98n56zEjAruM7NcLKTD3vujm5yS-NztnCj2AnALflZQsm1vWaHD_ep9a68XatQvtpYlQo-j8zXwQFb9nookBmnPyVcdjvmQs-U5VL3Rmiwpd3KzFxwZxi1MWL0AY0yJZhcE2zv3FHxI9QbJlNUKZSPN3nXdC0q3GsFn-fidv0S7mvEtnMnBVkg5xOw&sai=AMfl-YTeE9EAB2utVIQlb0K-8UtFasL9mavCwXPSxVsGlk7o5vZr-uswfbAQGry17T1GqLv7IYzzZAJtypLj5U5o1uvjM7_rWopOp7nHntwOGUYG1mgXRYmMIRZW7Q6dS2zE&sig=Cg0ArKJSzAYdx-8VHhsWEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 21 Dec 2022 02:21:16 GMT

GET
H2 200 .jsonp Show response
lptag.liveperson.net/lptag/api/account/2196236/configuration/applications/taglets/ 289 KB
104 KB 79ms
79ms Script
application/x-javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/lptag/api/account/2196236/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/ooizl-ynbs/chatbot.9be61b379bd436b5a7bd.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

75c14d573ca7ea5d7cdbe8afcefcf0cbfccae6f71ce146645fb2f72f68a4fc4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:16 GMT
strict-transport-security: max-age=300; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: ws
x-cache-status: MISS
access-control-allow-methods: GET, POST, PATCH
content-type: application/x-javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ Frame F1D5 4 B
447 B 87ms
28ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-48278079-1&cid=651578776.1671589276&jid=1515051200&gjid=1172073877&_gid=1810981518.1671589276&_u=YEBAAUAAAAAAACgDIC~&z=1213037487

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thenewstribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 21 Dec 2022 02:21:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sa.css
tags.srv.stackadapt.com/ Frame 7C32 65 B
292 B 115ms
114ms Stylesheet
text/css 44.209.218.223
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.209.218.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-218-223.compute-1.amazonaws.com
Software: /
Resource Hash: b23499bc6db4024c90e88fbe67bde4383aaec46802e76cbd3aca96fc4912b5de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 21 Dec 2022 02:21:16 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 65
Content-Type: text/css

GET
H/1.1 200
OK sa.jpeg Show response
tags.srv.stackadapt.com/ Frame 7C32 0
881 B 467ms
116ms Fetch
image/jpeg 44.209.218.223
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.209.218.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-218-223.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 21 Dec 2022 02:21:16 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 651
Content-Type: image/jpeg

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 26B6 143 B
166 B 69ms
22ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com
URL: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 829
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 02:07:27 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame AE5C 3 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com
URL: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 20:42:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20313
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Jan 2023 20:42:43 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame AE5C 18 KB
7 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com
URL: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 10:07:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58424
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Jan 2023 10:07:32 GMT

GET
H3 200 subresource.wbn
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 6345 0
51 KB 121ms
74ms Other
application/webbundle 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/subresource.wbn

Requested by

Host: edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com
URL: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52381
x-xss-protection: 0
server: cafe
etag: 7065473307912138658
vary: Accept-Encoding
content-type: application/webbundle
access-control-allow-origin: *
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Dec 2022 02:21:16 GMT

GET
H/1.1 200
OK load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 6345 2 KB
2 KB 120ms
120ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com
URL: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Server

-, , ASN (),

Reverse DNS

Software

Resource Hash

751d553428d5a12f48713eded93b897b76a86182d7636ab668da62efaa55b100

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
X-Content-Type-Options: nosniff, nosniff
content-type: text/javascript; charset=utf-8

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6345 0
0 74ms
73ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Ch6cAm22iY6uaDu-RjuwPuYKkgAbevO_8a-OuidbLDfrDtNmFNRABIJjiyBtglfrwgYwHoAH42ci_AcgBCakCtMN6t-XPsT7gAgCoAwHIA8sEqgStAk_QNRgEDQDq8REsC8KmbL4k7lsB6f5FiV5LCEz0gpv72tLABpa8GhOD3F0OqGMgoFLh0hiw2fJnB1y4BpwggRBIoJ7fmAa64NP_pu7LlVULnl7PKlSN_rbFeCC7V84xQqhEnxQKMtdUvrfTZjEKflhbNZohJPhV2CGUB20222ce2auL2l0NgCHF91N4Ucnm9WGi-iIJqdCSBZRswMTB1JdMryjpd5ZF_hmCjI-dOD61YDEIkkBO8fsYfGWRUrNhn9rA-F7nDH-CQ5iCBKYH3dGE3Q7FeqaeJp2D8QdXCRONRiALP4eip2l26gqhvAUIaPdq_NZJ7v7N7Lp2L-xj2YAMaohybDI-kagMTT_73J_A4EOCcwMMTiWwwVeKzqeGo5ZbLLOXbIjto6jSZi7ABKfUn5a9A-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeA1ta8AqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBCIlQbSCBEIgOGAcBABGB0yAusCOgKAQIAKA8gLAdgTDYgUBNAVAYAXAbIXHgocCAASFHB1Yi0zNDQ2MzA1ODU5MTU3MjQxGIbCDw&sigh=7Vvw9vE4jmA&uach_m=[UACH]&cid=CAQSOwDq26N9Tc25j4LGf0CUaRzCX4EysmPcMjabSbY_lGexD4j4fkWdcEYgVUnRdgV77yvlqr3rgAXJ458jGAEgEw&template_id=494
Requested by: Host: edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com
URL: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H/1.1 200
OK abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 6345 24 KB
24 KB 130ms
130ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com
URL: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Server

-, , ASN (),

Reverse DNS

Software

Resource Hash

432a0e678fd554e5e225965e0baf8ce42c2f047720d52600885f6e672b241674

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
X-Content-Type-Options: nosniff, nosniff
content-type: text/javascript; charset=utf-8

GET
H2 200 pushly-sdk.min.css
cdn.p-n.io/ 27 KB
2 KB 24ms
21ms Stylesheet
text/css 18.66.112.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.p-n.io/pushly-sdk.min.css?domain_key=Nv2FlxP0ilQCLgZJ8iLg2qZHnsOUBRevIweT
Requested by: Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=Nv2FlxP0ilQCLgZJ8iLg2qZHnsOUBRevIweT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-4.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5df2498d566a9c0c42fef5906f0818a35cfc4ce1cac95e1e0eed4265c838eb10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 06:22:06 GMT
content-encoding: gzip
via: 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
last-modified: Wed, 05 Oct 2022 20:36:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 72964
etag: W/"5324d6c6926b312f68532f29a3bb2aec"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=86400
x-amz-cf-id: rjg7BUlti0Lhf2WKH77ToPNzP-ieG10tGtAUxIqHz6ZV2qsJmO05NA==

GET
H3 200 subresource.wbn
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame A32A 0
51 KB 89ms
54ms Other
application/webbundle 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/subresource.wbn

Requested by

Host: edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com
URL: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52381
x-xss-protection: 0
server: cafe
etag: 7065473307912138658
vary: Accept-Encoding
content-type: application/webbundle
access-control-allow-origin: *
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Dec 2022 02:21:16 GMT

GET
H/1.1 200
OK load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame A32A 2 KB
2 KB 89ms
89ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com
URL: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Server

-, , ASN (),

Reverse DNS

Software

Resource Hash

751d553428d5a12f48713eded93b897b76a86182d7636ab668da62efaa55b100

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
X-Content-Type-Options: nosniff, nosniff
content-type: text/javascript; charset=utf-8

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A32A 0
0 73ms
73ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cgu8Tm22iY6yaDu-RjuwPuYKkgAbevO_8a-OuidbLDfrDtNmFNRABIJjiyBtglfrwgYwHoAH42ci_AcgBCakCtMN6t-XPsT7gAgCoAwHIA8sEqgStAk_QSrtQlgBm_JfcIGskrvd1R4mUDBaazMrtXx1rJMOHwI6hxRpwT6ZuesYCr3adw6VtmOb9Dnfvlix4fq-a3R0bT4OqpCimwGaTTitVXbcmtpTjYmIgQ6OGw7NqDlkpo09mj8JumlyorZeJfU2TE-lUIFGHnrEmsHsdim-xY2gEXH-vwfag9fTNO2INYE69R1ltSmSzIpp2QJG8OYMYAyysSHCM9qLj9pnKrESO9RXuh0wliYkzaA6P5CfVs20u43w0LKpqEeW3vLyh_qJeXRordfDdRkwA43DdkvzaGmSLpbmgWg1u0CgCk5kUSQJ5SE4wr7l4qTSoP2UyvRzuSB0My4J5xcCp7z9_doX-JRVBcYF5yZmPXABDjiGIHY3BaeFBF5FVNzDvvYTSSXjABKfUn5a9A-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeA1ta8AqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBCIlQbSCBEIgOGAcBABGB0yAusCOgKAQIAKA8gLAdgTDYgUBNAVAYAXAbIXHgocCAASFHB1Yi0zNDQ2MzA1ODU5MTU3MjQxGIbCDw&sigh=yxOMvafz8Sc&uach_m=[UACH]&cid=CAQSOwDq26N9Tc25j4LGf0CUaRzCX4EysmPcMjabSbY_lGexD4j4fkWdcEYgVUnRdgV77yvlqr3rgAXJ458jGAEgEw&template_id=494
Requested by: Host: edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com
URL: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H/1.1 200
OK abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame A32A 24 KB
24 KB 98ms
98ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com
URL: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Server

-, , ASN (),

Reverse DNS

Software

Resource Hash

432a0e678fd554e5e225965e0baf8ce42c2f047720d52600885f6e672b241674

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
X-Content-Type-Options: nosniff, nosniff
content-type: text/javascript; charset=utf-8

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ Frame 2D0C 43 B
245 B 114ms
114ms Image
image/gif 34.224.131.223
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNjE3NTYzMjk0MCIsImVidXkiOiIzMTIwNzUwNjY1IiwiZWFkdiI6IjUxMDM4ODUwNTYiLCJlY2lkIjoiMTM4NDE1ODA3NDYzIiwiZWVudiI6ImoiLCJlcGlkIjoiMTQ0ODUzNzQiLCJlc2lkIjoiMTQ0ODUyNTQifQ&tv=js-3.0.160&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=10&tvcfg=all&tid=0b3708f9-e6af-4fcf-a09f-09cac790a87f&pid=37de7485-80b9-4062-acd0-682077198219&dtm=1671589276210&qnm=_matherq&visible=1&tabid=41806a3d-f941-4dfa-8902-5c6ca65eebfe&refr=https%3A%2F%2Fwww.thenewstribune.com%2F&url=https%3A%2F%2Fwww.thenewstribune.com%2F&vrefr=https%3A%2F%2Fwww.thenewstribune.com%2F&vp=0x0&ds=0x0&tofa=1671589274&vid=1&lvidt=1671589274&duid=f1b0187b-a65f-4e6b-bca3-37b28cd061e2&fp=983239506&cid=ma12095&mrk=74930801
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.224.131.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-131-223.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date: Wed, 21 Dec 2022 02:21:16 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 6345 38 KB
38 KB 100ms
21ms Image
image/jpeg 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRsNN49MzKPNoepDps9gjxXY93gjr-dkfoCYXHcRURwzairPhlzrxApJYlrgg&usqp=CAI

Requested by

Host: edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com
URL: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d99e718cab8c6b8660c2c9fa7d850dc5db3032d3e047677cbb199e11d522015c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 23:00:39 GMT
x-content-type-options: nosniff
age: 12037
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38458
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 00:10:54 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 20 Dec 2023 23:00:39 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 6345 19 KB
19 KB 104ms
36ms Image
image/jpeg 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRIcA5EGdrbtC6pEV7LvrfQjkR96YMxCMf2NeZDT5strxOHxwQSHW1iyra7Z_k&usqp=CAI

Requested by

Host: edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com
URL: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e72be61571fe24e0eef51adb808234b76361bfb018ed9df2eab59c5b62a8fcaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 23:04:07 GMT
x-content-type-options: nosniff
age: 11829
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19573
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 18:54:07 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 20 Dec 2023 23:04:07 GMT

GET
H3

200

6969611511364383186
tpc.googlesyndication.com/simgad/ Frame 6345
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKC30-H4FxCABBiABDIIiaPx8GELT9I
https://tpc.googlesyndication.com/simgad/6969611511364383186

53 KB
53 KB

31ms
30ms

Image
image/jpeg

2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6969611511364383186

Requested by

Host: edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com
URL: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41a6e8394ea26e885a192d7a6ed16969bb3a6fc8a63eab95dd357ff0831d71a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 23:18:04 GMT
x-content-type-options: nosniff
age: 10992
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54076
x-xss-protection: 0
last-modified: Wed, 31 Mar 2021 14:37:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 20 Dec 2023 23:18:04 GMT

Redirect headers

date: Tue, 20 Dec 2022 02:58:26 GMT
x-content-type-options: nosniff
server: cafe
age: 84170
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/6969611511364383186
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 19 Jan 2023 02:58:26 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame A32A 38 KB
38 KB 121ms
43ms Image
image/jpeg 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRsNN49MzKPNoepDps9gjxXY93gjr-dkfoCYXHcRURwzairPhlzrxApJYlrgg&usqp=CAI

Requested by

Host: edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com
URL: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d99e718cab8c6b8660c2c9fa7d850dc5db3032d3e047677cbb199e11d522015c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 23:00:39 GMT
x-content-type-options: nosniff
age: 12037
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38458
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 00:10:54 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 20 Dec 2023 23:00:39 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame A32A 19 KB
20 KB 88ms
22ms Image
image/jpeg 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRIcA5EGdrbtC6pEV7LvrfQjkR96YMxCMf2NeZDT5strxOHxwQSHW1iyra7Z_k&usqp=CAI

Requested by

Host: edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com
URL: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e72be61571fe24e0eef51adb808234b76361bfb018ed9df2eab59c5b62a8fcaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 23:04:07 GMT
x-content-type-options: nosniff
age: 11829
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19573
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 18:54:07 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 20 Dec 2023 23:04:07 GMT

GET
H3

200

6969611511364383186
tpc.googlesyndication.com/simgad/ Frame A32A
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKC30-H4FxCABBiABDIIiaPx8GELT9I
https://tpc.googlesyndication.com/simgad/6969611511364383186

53 KB
53 KB

31ms
30ms

Image
image/jpeg

2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6969611511364383186

Requested by

Host: edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com
URL: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41a6e8394ea26e885a192d7a6ed16969bb3a6fc8a63eab95dd357ff0831d71a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 23:18:04 GMT
x-content-type-options: nosniff
age: 10992
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54076
x-xss-protection: 0
last-modified: Wed, 31 Mar 2021 14:37:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 20 Dec 2023 23:18:04 GMT

Redirect headers

date: Tue, 20 Dec 2022 02:58:26 GMT
x-content-type-options: nosniff
server: cafe
age: 84170
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/6969611511364383186
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 19 Jan 2023 02:58:26 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EDAB 0
0 110ms
57ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120601&jk=730463028357692&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 css
fonts.googleapis.com/ Frame 5D16 690 B
363 B 41ms
40ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=DM+Sans:700

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4204414533974691611/d681b0ea493b86917629fde5a55da662.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

71c81bc20d7d9e2006410eb27cb4cb86c01a8c6e0640422a22b4c6a4e735f0c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Dec 2022 02:21:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 01:25:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Dec 2022 02:21:16 GMT

GET
H3 200 316c76594e81dbf72c23080d0cecd686.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4204414533974691611/media/ Frame 5D16 33 KB
5 KB 29ms
27ms Image
image/svg+xml 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4204414533974691611/media/316c76594e81dbf72c23080d0cecd686.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4204414533974691611/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c3a31701ee4ccc6355f224186c9f12e787a9a15228308b59051f0fc0f674fef

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 18 Dec 2022 16:46:34 GMT
age: 207282
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4833
x-xss-protection: 0
last-modified: Wed, 14 Dec 2022 07:50:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 18 Dec 2023 16:46:34 GMT

GET
H3 200 575369ff5f6f6acfd57deb9d75222a43.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4204414533974691611/media/ Frame 5D16 5 KB
2 KB 30ms
28ms Image
image/svg+xml 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4204414533974691611/media/575369ff5f6f6acfd57deb9d75222a43.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4204414533974691611/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd0a79c9f6fe230a03c556ab5f3f0ff8b1c7fcac00f498e03bfa1e8c12864cbd

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 18 Dec 2022 16:46:34 GMT
age: 207282
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1993
x-xss-protection: 0
last-modified: Wed, 14 Dec 2022 07:50:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 18 Dec 2023 16:46:34 GMT

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame C391 36 KB
16 KB 52ms
22ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 16:41:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34804
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 16:41:12 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ Frame F1D5 42 B
63 B 37ms
36ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-48278079-1&cid=651578776.1671589276&jid=1515051200&_u=YEBAAUAAAAAAACgDIC~&z=1011080291

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 02:21:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ Frame F1D5 42 B
63 B 83ms
32ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-48278079-1&cid=651578776.1671589276&jid=1515051200&_u=YEBAAUAAAAAAACgDIC~&z=1011080291

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 02:21:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame AE5C 0
0 32ms
31ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQqrsMIDUnQLJPr5XBWc78ahuCBWreJ77PLoqLBaf9rLmseOM5O44tW-cOSQ--05DwHYFA5
Requested by: Host: edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com
URL: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AE5C 153 KB
47 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com
URL: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Dec 2022 02:21:16 GMT

GET
DATA 200
OK truncated
/ Frame AE5C 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eafb5df512cff880735757c1c4d594641b197a4c0d494a47652f09d3f8cfbe01

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 26B6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

39ms
36ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com
URL: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 02:21:16 GMT
expires: Wed, 21 Dec 2022 02:21:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 02:21:16 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 singleupload Show response
app.securiti.ai/privaci/v1/consent/cookie/ 67 B
406 B 210ms
210ms XHR
application/json 35.166.34.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.securiti.ai/privaci/v1/consent/cookie/singleupload

Requested by

Host: cdn-prod.securiti.ai
URL: https://cdn-prod.securiti.ai/consent/cookie-consent-sdk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.166.34.221 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-166-34-221.us-west-2.compute.amazonaws.com

Software

Resource Hash

f1e25328be62ee5aca4777d33ecfbaf64a502f80dac2008bd7197e236cac8dc7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=315360000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thenewstribune.com/
X-Auth-Token: c90cbd37-3516-4008-9325-c228a23488e5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type: application/json

Response headers

date: Wed, 21 Dec 2022 02:21:16 GMT
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
x-content-type-options: nosniff
strict-transport-security: max-age=315360000
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
access-control-allow-credentials: true
content-length: 67
x-xss-protection: 1; mode=block

OPTIONS
H2 200 singleupload
app.securiti.ai/privaci/v1/consent/cookie/ Frame 0
0 188ms
187ms Preflight 35.166.34.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.securiti.ai/privaci/v1/consent/cookie/singleupload

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.166.34.221 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-166-34-221.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=315360000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-auth-token
Access-Control-Request-Method: POST
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,content-type,x-request-id,x-correlation-id,X-Xsrftoken,X-Auth-Token,X-User-Auth-Token,X-Tenant-Id,X-CMP-UUID,x-xsrf-token,X-DSP-USERID,X-CMP-DOMAIN-ID,X-CMP-FORM-ID,isotype,X-CMP-PrefCenter-Id,X-ORG-ID
access-control-allow-origin: https://www.thenewstribune.com
access-control-request-method: POST
content-length: 0
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
date: Wed, 21 Dec 2022 02:21:16 GMT
strict-transport-security: max-age=315360000
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H3 200 rP2Cp2ywxg089UriASitCBimCw.woff2
fonts.gstatic.com/s/dmsans/v11/ Frame 5D16 18 KB
18 KB 71ms
24ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmsans/v11/rP2Cp2ywxg089UriASitCBimCw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=DM+Sans:700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3c0fa2cd71bb91d0e3acf5d77b93c49a184e9ad941532ca8c07c82eb0bd6a6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 10:04:44 GMT
x-content-type-options: nosniff
age: 58592
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18212
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:54:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Dec 2023 10:04:44 GMT

GET
H/1.1 200
OK window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame A32A 3 KB
3 KB 0ms
0ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com
URL: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Server

-, , ASN (),

Reverse DNS

Software

Resource Hash

b2286ec341537b6ac60edddc2db84438c2cce9c6629f3cd633ae139d6cd741de

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
X-Content-Type-Options: nosniff, nosniff
content-type: text/javascript; charset=utf-8

GET
H/1.1 200
OK qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame A32A 18 KB
18 KB 0ms
0ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com
URL: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Server

-, , ASN (),

Reverse DNS

Software

Resource Hash

1d9b1f9c4fbd23c7f9122ea15bd14ae8bb7174503cf0dd7619728fdea75246ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
X-Content-Type-Options: nosniff, nosniff
content-type: text/javascript; charset=utf-8

GET
H/1.1 200
OK window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 6345 3 KB
3 KB 0ms
0ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com
URL: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Server

-, , ASN (),

Reverse DNS

Software

Resource Hash

b2286ec341537b6ac60edddc2db84438c2cce9c6629f3cd633ae139d6cd741de

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
X-Content-Type-Options: nosniff, nosniff
content-type: text/javascript; charset=utf-8

GET
H/1.1 200
OK qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 6345 18 KB
18 KB 0ms
0ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com
URL: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Server

-, , ASN (),

Reverse DNS

Software

Resource Hash

1d9b1f9c4fbd23c7f9122ea15bd14ae8bb7174503cf0dd7619728fdea75246ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
X-Content-Type-Options: nosniff, nosniff
content-type: text/javascript; charset=utf-8

GET
H2 503 /
accdn.lpsnmedia.net/api/account/2196236/configuration/setting/accountproperties/ 0
0 185ms
34ms Script
text/plain 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://accdn.lpsnmedia.net/api/account/2196236/configuration/setting/accountproperties/?cb=accountSettingsCB
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/2196236/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo-accdn.lpsnmedia.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 ui-framework.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/ 40 KB
15 KB 263ms
53ms Script
application/javascript 178.249.101.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/ui-framework.js?version=10.23.0.0-release_5549

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/2196236/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

am-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 03 Nov 2022 22:03:25 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Thu, 21 Dec 2023 02:21:16 GMT

GET
H2 200 UMSClientAPI.min.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/ 88 KB
30 KB 289ms
79ms Script
application/javascript 178.249.101.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/UMSClientAPI.min.js?version=10.23.0.0-release_5549

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/2196236/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

am-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

57554877947a356911e17034359412ea444c15f58884c0100062788dd3660bb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 03 Nov 2022 22:03:24 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Thu, 21 Dec 2023 02:21:16 GMT

GET
H2 200 lpChatV3.min.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/ 92 KB
31 KB 320ms
110ms Script
application/javascript 178.249.101.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/lpChatV3.min.js?version=10.23.0.0-release_5549

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/2196236/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

am-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

5941d1622373ff4da4a0ec6ae2c474a80f2e65763aca377b069690ed4cc26d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 03 Nov 2022 22:03:25 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Thu, 21 Dec 2023 02:21:16 GMT

GET
H2 200 surveylogicinstance.min.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/ 8 KB
3 KB 314ms
104ms Script
application/javascript 178.249.101.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/surveylogicinstance.min.js?version=10.23.0.0-release_5549

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/2196236/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

am-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 03 Nov 2022 22:03:25 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Thu, 21 Dec 2023 02:21:16 GMT

GET
H2 503 zones
accdn.lpsnmedia.net/api/account/2196236/configuration/le-campaigns/ 0
0 209ms
66ms Script
text/plain 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://accdn.lpsnmedia.net/api/account/2196236/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/2196236/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo-accdn.lpsnmedia.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame 5D16 36 KB
16 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 16:41:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34804
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 16:41:12 GMT

GET
DATA 200
OK truncated
/ Frame A32A 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 68c463175e3c4cd6d21d1b76b5f987d60f053241db42bea53d1b7886cdadbf2f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6345 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee0a6f4c9dfcfec0fce1e8af5b5308253ef370a04ac365f2dc5856855af4ecde

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame A32A 20 KB
20 KB 24ms
24ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:12:48 GMT
x-content-type-options: nosniff
age: 14908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Dec 2023 22:12:48 GMT

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 6345 20 KB
20 KB 23ms
23ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 22:12:48 GMT
x-content-type-options: nosniff
age: 14908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Dec 2023 22:12:48 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C391 0
12 B 23ms
22ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?fIGbrQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:16 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame F1AF 36 KB
16 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 16:41:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34804
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 16:41:12 GMT

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame D0B4 36 KB
16 KB 24ms
21ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 16:41:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34804
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 16:41:12 GMT

GET
H/1.1 200
OK saq_pxl Show response
tags.srv.stackadapt.com/ Frame 7C32 238 B
549 B 117ms
116ms XHR
text/plain 44.209.218.223
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=XDbR9bgzYgamKCe5q8YQuw,%20hXFHelqg_0qGLqDaoIkgLQ&is_js=true&landing_url=https%3A%2F%2Fwww.thenewstribune.com%2F&t=sapx&tip=v-JwkWRH4h7eWf4i-vpfKGrmQdo0STKfFoEt4z78Ej4&host=https://www.thenewstribune.com&sa-user-id-v2=s%253AuulabTL_TgtpolDkW_wF_Nly14M.5zhKJd1ps0V8%252F5AqzYOiwrLRJDVHe6RutaYvp7WE%252BoI&sa-user-id=s%253A0-bae95a6d-32ff-4e0b-69a2-50e45bfc05fc.oF2QtfyHe0eypQLasYHQ25lbk5gX%252BqkBBLQTmGgrfhI
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.209.218.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-218-223.compute-1.amazonaws.com
Software: /
Resource Hash: 68b8e71982e93fa7dd2f406283c640fa9e5cb2bcae72669d20f54012c428da3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 21 Dec 2022 02:21:17 GMT
Access-Control-Allow-Methods: GET
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://www.thenewstribune.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 238

GET
H2 200 desktopEmbedded.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/ 961 KB
300 KB 28ms
27ms Script
application/javascript 178.249.101.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/desktopEmbedded.js?version=10.23.0.0-release_5549

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/2196236/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

am-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

6622b5e1a9d93d6b5a2f4eb7a0556f802fb002e5efde0d0f4e3781a94776e331

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 03 Nov 2022 22:03:25 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Thu, 21 Dec 2023 02:21:16 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 952D 42 B
64 B 113ms
61ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstB2uv13WpSLhPLzXq8uzN3n0o4bY8ZstU-YoDeQQP9VCmz8YxS5JKEkmUm8BEr25ginhaw2eZmoRLX6xqYVnFzfsVg5y1udKNUB1s6VZvyrzeWJexw&sig=Cg0ArKJSzMfdDq2y8i1oEAE&id=lidar2&mcvt=1041&p=1102,444,1192,1172&mtos=1041,1041,1041,1041,1041&tos=1041,0,0,0,0&v=20221207&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3608025220&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671589275658&rpt=544&isd=0&lsd=0&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 02:21:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AE5C 42 B
64 B 68ms
68ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssFNomivEONzRBZQhKFR1vf4LeJYDLbyahfOLSfGqYmhPhN3xjCF42ksqTGQ0ZGZqQLOsQFnKRp_EPyJkP31zrxrqBIk_IpDaizlYCJiWGH6URx7CLNthYfjMdUJEeFYc7MLtcfE_1jqBD4OCXwCOVmnt9ymNHnYVMtxpg93h_szTeMpn2575GugmPRdNL5BHPuto-bDoBLJ2KJblYnFm8dvoJh4SGG-hoiU6h3FnSafbDWlSy_OWK2h6qboGgVk6TriQJ2KukcucqvrOiODBL5oogNSg9fLqUKmekRjJYemhPSpr8VatOjmg-wQoo0_9LJeCro90HJDFodIcqSJonqr3MwSAv0kcchW8NNIP3qJT3ZFowgWNQKF5xTp5C-_hU14qNMEPEszoJoQlGs8iOKCWptBjI9FNn2nz6zIdmVVfXovvD6EVFvTnv_M99tdDaQ0otQthidjICcKQumCb5wylD5neYV8ODasfieRwXJRAb1bTyP0RwwjIX7ipuetiLsDC-qo_h2_kyXjvZLpDrQVq8-N977VNahTMrrshOOqlSf9OuPv6Kl2HNkatVl6ljr41Kc7hZmxoOIgIg9zsPSQA5ygQ-NFqbJmnbR6iO7NogEbSByV6irs5rq2mxxP9trEkgit2GSd_O522BXls90PSRjXZMQupmZWavgjOjT1XfV2MTqDaEiTHZNEu9Hn-b95kNtNaqNI6AhshYKeGOvN4JqFIKTjNFrLmfQ995bgMR5pLjTo9uItaEIZoJ-ugKhvsA1waWzQF4WaXFYXGZnR7vygkWHGsia7UojhI3JaHO70iKmmhmDvenTTUcI1nXq9yJtAlQod_jLQFl3v5OPS8e9pxGfRiR9bDqCQALFVKl24QzaXb2SFGKXDleNytZD3P8T27VLEbfh81L4by4RwrfzCDPx8VrtAFRT0B87psj0ZEjnIUb2yFjYwxGwXroUilTC9z48oK729tAq7OKyPCWpfPJ1nGiRdKvYyIt9BqhlSgqZt3zzHfNdPMkxGmaCI3aBhwJY0GJtecU4Y7yfU345qlQdzdsFGhrFjit9PNSXNdcL-rpjfhyzo-JvtULBa1quW40OJ6eA8ubTRUkUMr2WJ7eTugPBpOaDWGz-DiagNA4LFe09dL71Qf_8ZzpbbVB4BD0Mj46EFyH61UV6&sai=AMfl-YQRSoWrAve_MjZANB8BCQszalH93jY2WnmK2NexzNZg5_0p2MBukaROEGgFtqPWIVlGj5Pm3ddU5OSmn_fdZgHTsIPumf_d8KpyST21SYE8BlxKs1aySzs_HS6_y3Xq5ukfBM-iin3yc0w&sig=Cg0ArKJSzOj5aH117ni7EAE&cid=CAQSOwDq26N9Tc25j4LGf0CUaRzCX4EysmPcMjabSbY_lGexD4j4fkWdcEYgVUnRdgV77yvlqr3rgAXJ458jGAEgEw&id=lidar2&mcvt=1000&p=87,335,267,1265&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=3169226637&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671589275588&rpt=875&isd=0&lsd=0&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Dec 2022 02:21:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 61ms
60ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120601&jk=730463028357692&bg=!t7SltPDNAAYgquz3AKo7ACkAdvg8WmgJU60fz5pv7Qu9YUxU9R7j1TJER2bngpUKHu33zzEzBcEcNAIAAAG4UgAAAANoAQcKAErN1-ezsfFKPwtg48C1GrRBOazSJixsLW43_CqY4AIbUCuAq4ITwZS8OSbwwP5DENt5kHqk-v4g9GYH0hD3mtsLcilUTdta2bZJBJkCxV2cporreZWh7qXbAA-wQ5kZwQgQUfnbyLgGUesi41QT4q4zhVW0WRMfyOu9_oxaA5HF0LXCYkKnO_OdBSApDj1IURHUnZvj7b4Ej2op-2ilt0o85UNb74v8gOnc9RdBfXMZmwJtoMu6QNox1ztcx03lZdJwQ8Tljh4a0oQuMjQn-pfTKHPEbEIDmBHbPuvTyIYbYbE44rq1vZkQfqeCnCLhsamixD-Ue1m_F7WuBCioATc9hvilBP25q6hFbUSOfxL0JTsTOM053QTXDq8WkbSyVoz8ggTFx_VcbV_7hID6O9MVQ_aOkghO5gzuZAMf2GE3ldiBON0YCS9qlAIA6wuzYtZ8SzgHh4qPidbNeUDebOLLfDcL9yPYYOmiK8KdFaAiV_4nWCh4giyKmoxqzfkRjmmxVxraPmpmhfKSU0yArQ2Obp3iVGqVFUQb1UFinymjZmPdnfpeLfL4GRjXcdwQhYCsLaUjhYNTME0FEmY6kjDPazUtixRpttJ0T6rTy3MIVNKj9EO9M7OafRbpKArEdwUGOZBgaZf9TWHzgEOMLuXqdTyiOTcpZ3rYEtuEKVYd1_sm0ppHX7_nzcgCdXNtWIv_7CZatcfP1APgQ7_VCU2qVZuHWLtEv4-NaFTRFkQFViSKTr089001aK_BRnXwlzyawJyXAc5y3GxvWEkLyacsv5N7yjzp7REHDECb1F3BEDbXU07NiLgdsSAPbCzs4D9kgrNHvzwB8q2eZCd-hcCPzSwLRXT6OyIbG2QalCMOZIo8sQ8ud53DYFfnCOIZfHMmTlcyiYbSLAkkWSPKQrUpjfM16e8vOiulLFVKcCCVHQnM4dl0EzJGhx4DOz9fzT6xMmXqLj-qKmdxl1rzlxfo1ZdI7xupysIBZ-nbsKsDkNKI8bhm-C7AgVoSXKu6dWaq8jUmlGj7RkVrLK89pLk_l30
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 /
www.facebook.com/tr/ Frame 1FAB 0
15 B 29ms
29ms Image
text/plain 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1081709588515684&ev=Microdata&dl=https%3A%2F%2Fwww.thenewstribune.com%2F&rl=https%3A%2F%2Fwww.thenewstribune.com%2F&if=true&ts=1671589277625&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22fbp%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.90&r=stable&ec=2&o=30&fbp=fb.1.1671589276088.1095772798&it=1671589275491&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 21 Dec 2022 02:21:17 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 storage.secure.min.html Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/ Frame B4F9 39 KB
16 KB 28ms
27ms Document
text/html 178.249.101.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/storage.secure.min.html?loc=https%3A%2F%2Fwww.thenewstribune.com&site=2196236&env=prod&isCrossDomain=true

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/2196236/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

am-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

639fcd75ad19240531093db9d079f4be79913034b5ce3a7ae0b4006735f1fb2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thenewstribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-allow-methods: GET, POST, PATCH
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
content-encoding: gzip
content-type: text/html
date: Wed, 21 Dec 2022 02:21:17 GMT
expires: Thu, 21 Dec 2023 02:21:17 GMT
last-modified: Thu, 03 Nov 2022 22:00:32 GMT
server: ws
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
x-cache-status: HIT
x-content-type-options: nosniff

GET
H2 200 storage.secure.min.js Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/ 37 KB
15 KB 54ms
54ms Script
application/javascript 178.249.101.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/storage.secure.min.js?loc=https%3A%2F%2Fwww.thenewstribune.com&site=2196236&force=1&env=prod&isCrossDomain=true

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/2196236/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

am-lpcdn.lpsnmedia.net

Software

ws /

Resource Hash

a2721298ae526f997c556afcd0a7f768abfd6ad9b0ce4ec449d5b27b86929f04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 02:21:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 03 Nov 2022 22:00:32 GMT
server: ws
x-cache-status: HIT
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires: Thu, 21 Dec 2023 02:21:17 GMT

GET
H2 503 refererrestrictions
accdn.lpsnmedia.net/api/account/2196236/configuration/domainprotection/ Frame B4F9 0
0 34ms
34ms Script
text/plain 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://accdn.lpsnmedia.net/api/account/2196236/configuration/domainprotection/refererrestrictions?cb=lpCb8511x60512
Requested by: Host: lpcdn.lpsnmedia.net
URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/storage.secure.min.html?loc=https%3A%2F%2Fwww.thenewstribune.com&site=2196236&env=prod&isCrossDomain=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo-accdn.lpsnmedia.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lpcdn.lpsnmedia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 503 refererrestrictions
accdn.lpsnmedia.net/api/account/2196236/configuration/domainprotection/ Frame B4F9 0
0 34ms
33ms Script
text/plain 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://accdn.lpsnmedia.net/api/account/2196236/configuration/domainprotection/refererrestrictions?cb=lpCb35903x32474
Requested by: Host: lpcdn.lpsnmedia.net
URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/storage.secure.min.html?loc=https%3A%2F%2Fwww.thenewstribune.com&site=2196236&env=prod&isCrossDomain=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo-accdn.lpsnmedia.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lpcdn.lpsnmedia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 316c76594e81dbf72c23080d0cecd686.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4204414533974691611/media/ Frame 5D16 33 KB
5 KB 23ms
23ms Image
image/svg+xml 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4204414533974691611/media/316c76594e81dbf72c23080d0cecd686.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4204414533974691611/d681b0ea493b86917629fde5a55da662.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c3a31701ee4ccc6355f224186c9f12e787a9a15228308b59051f0fc0f674fef

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 18 Dec 2022 16:46:34 GMT
age: 207285
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4833
x-xss-protection: 0
last-modified: Wed, 14 Dec 2022 07:50:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 18 Dec 2023 16:46:34 GMT

GET
H3 200 3f2fc5ba645447b513a75cbd62e0234e.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4204414533974691611/media/ Frame 5D16 8 KB
3 KB 23ms
23ms Image
image/svg+xml 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4204414533974691611/media/3f2fc5ba645447b513a75cbd62e0234e.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98dde1ef4bee5b029414497f78b0e84ce767d2abe32ba277d896fb89e16ad762

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 15 Dec 2022 16:30:46 GMT
age: 467433
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2946
x-xss-protection: 0
last-modified: Wed, 14 Dec 2022 07:50:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 15 Dec 2023 16:30:46 GMT

GET
H2 503 refererrestrictions
accdn.lpsnmedia.net/api/account/2196236/configuration/domainprotection/ Frame B4F9 0
0 33ms
33ms Script
text/plain 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://accdn.lpsnmedia.net/api/account/2196236/configuration/domainprotection/refererrestrictions?cb=lpCb16561x85585
Requested by: Host: lpcdn.lpsnmedia.net
URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/storage.secure.min.html?loc=https%3A%2F%2Fwww.thenewstribune.com&site=2196236&env=prod&isCrossDomain=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo-accdn.lpsnmedia.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lpcdn.lpsnmedia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

POST
H2 204 event-stream Show response
k.p-n.io/ 0
124 B 243ms
184ms Fetch 52.57.182.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k.p-n.io/event-stream
Requested by: Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=Nv2FlxP0ilQCLgZJ8iLg2qZHnsOUBRevIweT
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.182.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-182-252.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thenewstribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 21 Dec 2022 02:21:20 GMT
access-control-allow-headers: *
access-control-max-age: 600
access-control-allow-methods: *

POST
H2 204 event-stream Show response
k.p-n.io/ 0
125 B 75ms
22ms Fetch 52.57.182.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k.p-n.io/event-stream
Requested by: Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=Nv2FlxP0ilQCLgZJ8iLg2qZHnsOUBRevIweT
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.182.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-182-252.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thenewstribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 21 Dec 2022 02:21:20 GMT
access-control-allow-headers: *
access-control-max-age: 600
access-control-allow-methods: *

GET
H2 503 refererrestrictions
accdn.lpsnmedia.net/api/account/2196236/configuration/domainprotection/ Frame B4F9 0
0 33ms
33ms Script
text/plain 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://accdn.lpsnmedia.net/api/account/2196236/configuration/domainprotection/refererrestrictions?cb=lpCb60660x41828
Requested by: Host: lpcdn.lpsnmedia.net
URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/storage.secure.min.html?loc=https%3A%2F%2Fwww.thenewstribune.com&site=2196236&env=prod&isCrossDomain=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo-accdn.lpsnmedia.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lpcdn.lpsnmedia.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 postmessage.min.html
va.idp.liveperson.net/postmessage/ Frame 90F5 0
0 454ms
108ms Document
text/html 208.89.15.170

General

Check archive.org

Show headers Download Go to

Full URL

https://va.idp.liveperson.net/postmessage/postmessage.min.html?bust=1671589281802&loc=https%3A%2F%2Fwww.thenewstribune.com

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/2196236/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.15.170 -, , ASN (),

Reverse DNS

Software

ws /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thenewstribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-allow-methods: GET, POST, PATCH
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
content-encoding: gzip
content-type: text/html
date: Wed, 21 Dec 2022 02:21:22 GMT
etag: W/"5f2ff440-2a51"
last-modified: Sun, 09 Aug 2020 13:04:00 GMT
server: ws
strict-transport-security: max-age=31536000; includeSubDomains

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cf-images.us-east-1.prod.boltdns.net
URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998024001/7192fbc2-a9b1-4a6f-ae7c-6f7f515d53dc/40ac7aab-1009-484a-a54b-7f8993259d6b/1280x720/match/image.jpg

Domain: cf-images.us-east-1.prod.boltdns.net
URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998024001/8d55dfe8-630f-4b7d-8f32-301469879db5/5810e08b-6a65-49d5-927c-c7996520926a/1280x720/match/image.jpg

Domain: cf-images.us-east-1.prod.boltdns.net
URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998024001/0521bdfb-55d5-47dd-a3a5-6190dac8ae2e/3b1d27d3-6fe0-4573-bc2e-48bcbf2e17a5/1280x720/match/image.jpg

Verdicts & Comments Add Verdict or Comment

320 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
n817.thenewstribune.com/DG/DEFAULT	1970-01-20 17:55:49	Name: BCSessionID Value: d1350bba-9601-4e07-8db0-e45fe28bc013
mcclatchy.blueconic.net/DG/DEFAULT	1970-01-20 17:05:25	Name: BCSessionID Value: d1350bba-9601-4e07-8db0-e45fe28bc013
www.secure06an-xfinity.duckdns.org/	1969-12-31 23:59:59	Name: PHPSESSID Value: 75803c034485d3025d56e35c2b484ca7
.demdex.net/	1970-01-20 12:39:01	Name: demdex Value: 22915593495693395901934303105514401542
.doubleclick.net/	1970-01-20 17:41:25	Name: IDE Value: AHWqTUkbfkew3EI0ZZOAYKcjHUh2JN6IVgkIjo0vXSa0F4uCoPK_ZvvEvlw7EEdZPyM
.everesttech.net/	1970-01-20 17:05:25	Name: everest_g_v2 Value: g_surferid~Y6JtmQAFiANsYgAo
.casalemedia.com/	1970-01-20 17:05:25	Name: CMID Value: Y6JtmSx2BU5LDjpDNTgwMQAA
.casalemedia.com/	1970-01-20 10:29:25	Name: CMPS Value: 1155
.casalemedia.com/	1970-01-20 10:29:25	Name: CMPRO Value: 1155
.thenewstribune.com/	1970-01-20 08:19:56	Name: ak_bmsc Value: 61429FABFCD1889F8A69E61B418C72E9~000000000000000000000000000000~YAAQnPAQApJ8NzGFAQAAJyF8MhLG/9ilg/skbLXtofZcT0+gjnlENBKT1GbEdASUADapqFiFor4ik8GK6BLKIhN/1mCpgd3kIeU8G5hs0hyktnRivWOLtwSxAzX5mfkOGaLwBJjWtZf8zXxzyOHX2xYwNmhHjKY5HeGlGlFOmW6w6NoXNSicfk0Fq0rHagdOEYCfxrmTlhXjntaakjok+FCLjMqZ6niw3V89NUqFTWIiLc4a70D6ThvuYVQBEMDRZ5fgoympVk5FNg+yJkUEsAmvbWpXG9etbscfNepqpbcLQcAgO9WNQ0wEqVpUUjHU7poQLI3hVJZs32qkFVmQtkDqwA24TwfTBsQ6Q+UkpD6aQWvfq9UX4Umf93QIZVXqNf6xpaLxuHpsCzaRjARVzKgOzWh3OixXTWG3JIYieGQar9qxmQlAaC923vlpeYvSVcQ/4I/gGN8emb1HRPUws/m3OPtRC0aGr1gJPToinHrfHc9bkAfauHceUvN+9v21jJytfCw=
.pubmatic.com/	1970-01-20 10:29:25	Name: KRTBCOOKIE_218 Value: 4056-Y6JtmQAAASfnZAAZ&KRTB&22978-Y6JtmQAAASfnZAAZ&KRTB&23194-Y6JtmQAAASfnZAAZ&KRTB&23209-Y6JtmQAAASfnZAAZ
.pubmatic.com/	1970-01-20 09:03:01	Name: PugT Value: 1671589273
.thenewstribune.com/	1970-01-20 17:55:49	Name: adcloud Value: {%22_les_v%22:%22y%2Cthenewstribune.com%2C1671591074%22}
.postrelease.com/	1970-01-20 17:05:25	Name: opt_out Value: 1
.thenewstribune.com/	1970-01-20 08:19:51	Name: _ml_ses Value: *
.dpm.demdex.net/	1970-01-20 12:39:01	Name: dpm Value: 22915593495693395901934303105514401542
mcclatchy.blueconic.net/	1970-01-20 08:29:54	Name: AWSALBCORS Value: VlDzBvIBZIleIThiD+M/k65OXmYZIR+1oTy9DwGw6v57X+Ncqb+8NR2Nao91fIMGRiFpxuVgieZ54sFUEieHFXZJMiW4niGY5CMPQEhCqQOtzq1qCwWW73RnBbeV
n817.thenewstribune.com/	1970-01-20 08:29:54	Name: AWSALB Value: DzY6PBA0gmak2gEN7O74ifp2GdDWfo7WjqvVbvLtcF0aB0oL4ou9MvCZqiG/A7znjSXJmDdLEcB4Aw+emi23bZLK+0sX3oRbNH2DT/ZZlqDKKKo1/fQoK9cltpCo
n817.thenewstribune.com/	1970-01-20 08:29:54	Name: AWSALBCORS Value: DzY6PBA0gmak2gEN7O74ifp2GdDWfo7WjqvVbvLtcF0aB0oL4ou9MvCZqiG/A7znjSXJmDdLEcB4Aw+emi23bZLK+0sX3oRbNH2DT/ZZlqDKKKo1/fQoK9cltpCo
.thenewstribune.com/	1970-01-20 10:29:25	Name: _gcl_au Value: 1.1.101453419.1671589276
tags.srv.stackadapt.com/	1970-01-20 17:05:25	Name: sa-user-id Value: s%3A0-bae95a6d-32ff-4e0b-69a2-50e45bfc05fc.oF2QtfyHe0eypQLasYHQ25lbk5gX%2BqkBBLQTmGgrfhI
.srv.stackadapt.com/	1970-01-20 17:05:25	Name: sa-user-id-v2 Value: s%3AuulabTL_TgtpolDkW_wF_Nly14M.5zhKJd1ps0V8%2F5AqzYOiwrLRJDVHe6RutaYvp7WE%2BoI
.thenewstribune.com/	1970-01-20 10:29:25	Name: _fbp Value: fb.1.1671589276088.1095772798
.thenewstribune.com/	1970-01-20 17:55:49	Name: _ga Value: GA1.2.651578776.1671589276
.thenewstribune.com/	1970-01-20 08:21:15	Name: _gid Value: GA1.2.1810981518.1671589276
.thenewstribune.com/	1970-01-20 08:19:49	Name: _gat_gtag_UA_48278079_1 Value: 1
.quantserve.com/	1970-01-20 17:50:03	Name: mc Value: 63a26d9c-20090-d4e7d-855b0
.thenewstribune.com/	1970-01-20 17:55:49	Name: _ml_id Value: f1b0187b-a65f-4e6b-bca3-37b28cd061e2.1671589274.1.1671589276.1671589274
.thenewstribune.com/	1970-01-20 17:44:18	Name: __qca Value: P0-451119471-1671589275480
www.thenewstribune.com/	1970-01-20 17:05:25	Name: sa-user-id Value: s%253A0-bae95a6d-32ff-4e0b-69a2-50e45bfc05fc.oF2QtfyHe0eypQLasYHQ25lbk5gX%252BqkBBLQTmGgrfhI
www.thenewstribune.com/	1970-01-20 17:05:25	Name: sa-user-id-v2 Value: s%253AuulabTL_TgtpolDkW_wF_Nly14M.5zhKJd1ps0V8%252F5AqzYOiwrLRJDVHe6RutaYvp7WE%252BoI
.doubleclick.net/	1970-01-20 08:19:52	Name: DSID Value: NO_DATA

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://accdn.lpsnmedia.net/api/account/2196236/configuration/setting/accountproperties/?cb=accountSettingsCB Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://accdn.lpsnmedia.net/api/account/2196236/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://accdn.lpsnmedia.net/api/account/2196236/configuration/domainprotection/refererrestrictions?cb=lpCb8511x60512 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://accdn.lpsnmedia.net/api/account/2196236/configuration/domainprotection/refererrestrictions?cb=lpCb35903x32474 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://accdn.lpsnmedia.net/api/account/2196236/configuration/domainprotection/refererrestrictions?cb=lpCb16561x85585 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://accdn.lpsnmedia.net/api/account/2196236/configuration/domainprotection/refererrestrictions?cb=lpCb60660x41828 Message: Failed to load resource: the server responded with a status of 503 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-dtb-cf.amazon-adsystem.com
accdn.lpsnmedia.net
adobedc.demdex.net
adservice.google.com
adservice.google.de
ams-pageview-public.s3.amazonaws.com
api.bounceexchange.com
api.lab.amplitude.com
app.securiti.ai
assets.bounceexchange.com
c.amazon-adsystem.com
cdn-prod.securiti.ai
cdn.confiant-integrations.net
cdn.keywee.co
cdn.p-n.io
cdn.parsely.com
cf-images.us-east-1.prod.boltdns.net
cm.everesttech.net
cm.g.doubleclick.net
connect.facebook.net
d15kdpgjg3unno.cloudfront.net
data.cdnbasket.net
dpm.demdex.net
dsum-sec.casalemedia.com
dyv1bugovvq1g.cloudfront.net
e.cdnwidget.com
edcf59b6add595af67521ef0143ed10d.safeframe.googlesyndication.com
edge.adobedc.net
edge.api.brightcove.com
edge.quantserve.com
encrypted-tbn1.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
geolocation.onetrust.com
googleads.g.doubleclick.net
htlbid.com
ids.cdnwidget.com
image2.pubmatic.com
imasdk.googleapis.com
jadserve.postrelease.com
js.matheranalytics.com
k.p-n.io
lasteventf-tm.everesttech.net
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
lpcdn.lpsnmedia.net
lptag.liveperson.net
mcclatchy.blueconic.net
media.thenewstribune.com
ml314.com
n817.thenewstribune.com
p1.parsely.com
page.cdnbasket.net
pagead2.googlesyndication.com
pixel.quantserve.com
pixel.rubiconproject.com
protected-by.clarium.io
pubads.g.doubleclick.net
publicapi.misitemgr.com
rules.quantcount.com
s.ntv.io
s0.2mdn.net
s3.amazonaws.com
sb.scorecardresearch.com
secure-us.imrworldwide.com
securepubads.g.doubleclick.net
sqs.us-east-1.amazonaws.com
stats.g.doubleclick.net
storage.googleapis.com
sync-tm.everesttech.net
tag.wknd.ai
tags.srv.stackadapt.com
thenewstribune.com
tpc.googlesyndication.com
us-u.openx.net
va.idp.liveperson.net
view.cdnbasket.net
www.bellinghamherald.com
www.everestjs.net
www.facebook.com
www.fresnobee.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.i.matheranalytics.com
www.mcclatchy-wires.com
www.secure06an-xfinity.duckdns.org
www.thenewstribune.com
cf-images.us-east-1.prod.boltdns.net
107.178.250.234
107.23.160.177
108.138.4.150
13.226.2.111
13.32.121.21
13.32.121.60
13.32.28.197
13.32.99.122
13.32.99.38
13.36.218.177
142.250.185.194
15.236.176.210
151.101.130.132
151.101.130.49
151.101.66.27
16.170.180.228
166.108.36.240
166.108.36.245
178.249.101.98
178.249.97.23
178.249.97.99
18.66.100.58
18.66.112.4
18.66.97.43
184.24.0.132
184.24.21.142
185.64.189.110
185.80.39.216
208.89.15.170
2600:9000:2127:cc00:6:44e3:f8c0:93a1
2600:9000:2156:1600:e:ec66:e40:93a1
2600:9000:223e:da00:5:82fd:2500:21
2600:9000:223f:e00:12:1bf:30c0:93a1
2600:9000:2490:1200:11:b309:9100:21
2600:9000:2491:c800:16:f649:1500:93a1
2606:4700::6812:106b
2606:4700::6812:1b55
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:806::2002
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:810::200a
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::2008
2a00:1450:4001:827::2001
2a00:1450:4001:828::200e
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2010
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2006
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2003
2a00:1450:4001:831::200e
2a00:1450:400c:c06::9b
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f145:82:face:b00c:0:25de
3.236.169.96
34.102.180.93
34.102.193.48
34.107.191.194
34.111.234.236
34.111.8.32
34.120.253.250
34.149.202.102
34.224.131.223
34.246.233.4
34.249.28.111
34.98.64.218
34.98.72.95
35.166.34.221
35.227.254.22
44.209.218.223
46.137.71.247
46.51.201.242
52.216.221.81
52.217.65.78
52.57.182.252
54.155.18.159
68.183.188.96
69.173.144.165
88.221.169.59
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
0025b4565edf4c7cfc56348ffbe82d06aad15d8950c48e32e7aada9668cac068
01e865a13312e960b5e6b9ae86272987f3e2c240d9256b82bf40dd0529d3bab9
024dea2d4ebaec53d0aca12344ab0b5dd96afa52fc8f063a608085674f0536a6
02ebc319500d29d704855de3d846bbb2479434953bb7b34f533122f432ce33bf
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07f5f7f3abaf3c6111a64319185cd36e59ca5124d7e9df78b93f9d1b810d9feb
0a3b5da8448fcbd9dc8e034663ee2649332c83a67f12b7c54d11e9880e9efce9
0b710e0f678afcee88d65a3857f16a5455c52b1e948bd6565309db3bfc85e0e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438
110d03583f0dee97872098b516fa66568f378b5d337bcc91b79c42b9d4a5f693
145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7
14e707178a0b672b479215bb15ed37912fd2a3cbe020d9f4f71269fb89c245d5
152131a6267a21f10489e687d5f7e48ac8eefc54db6a978d6cd0d8ea4e148650
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e07d2e805871c64b625eb03c950fc77cbbdb707a26493fce307d39f4571524
19077ed0387541633bebe693427f72a78ec7cc5fbef9be817786aff9f54858d0
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1b8ba4868781f0b66efefdaa399da69c291235688dd9123ea45d31a44a6992da
1bb9a4e479c09da4d37e5e5bf46aa215e1ae632d47df8283735464ad43a5b921
1c20d8ce6603049b9aa5ced95b275b75208d205306e8095909fbfd65e945a149
1d6d3cae3d9267af2551c741c87cc2a0540481422a63ab3b96cf11d7b81d34b2
1d9b1f9c4fbd23c7f9122ea15bd14ae8bb7174503cf0dd7619728fdea75246ad
1f156f7606c83a5b8d821fe2c00e18612a17e1765aaad3662cf28c0b1969e198
1fef013c1c2efb6a9abf8510ff88054861f60b56b50d276fd3925ec7fff2047b
20b9cd2a5e2125ece15cc0d11ae35586a1e9eb4bc90226eb3df789adf191be61
23272225d63e70bde580c9c76c3e9593eeb4995983e51218e37eb233dfe08515
233565e64aa57aca5c78d31c778b9d8ade9442a033aa3d04fb7497c1551c0892
242013aa9859153b059201f37aa2f3ee54042ebdcd50b6ed96aa4a9d2ae5e4d7
25475d82cc976fb2c71b15b3e416c22bf636dd247bbb268d312e7c076ec5b6e4
266be4aa37118811719ba09834022daa666e401434bd3866a851c29704b36d19
27d7b573de36acef9ddbf975de05251f5219d2e4b8424288aae62aa57d5a6396
27ee88fba4383c650fbad29f4831e3ea3e50723ec500fe42958171d9cec25401
292ca9e09a900cde3c17a06720d49db893fc24582958ff8ebad02b22b1a5cbcb
2b0e18d026f801cfbb4fdf886e99a811a4befbeb289daf315a8d30c963242943
2c209cd92b9532c63ed800dc6e82cc54ee5c860603cfc3940c00084203fc81f4
2c2d839942cb9548ad7447ed4fe2bd45e0c84b4eef108fd5c6ec085b0e2405da
2c392b8be4a90abe27bb228727d79c85c572774a605d1d37e5f023e11ccf19db
2dd936d2f0d48977829a08b5a98b1277e98ec40bc5d0fffa78023206f85f7855
2f8bb74f2466ad1f2740c7901695e0c4d90aa57f32cd9bcdcd5351e0a1fdf1e9
30d47a6c910e4ef2a4434903a30f1f289c008551250fc6bd2c70651e0761705a
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32f10a9c73e179757b72ff2bc19727bc88901b68664d54881844b1e97cc0868e
335bbe8921bc8b8c1216d534a510b15dad02045931d80b982d5948cc78b6e6d2
359ca6d9de759ae6cc10299b0952d454830da1b9f1109146dc4626685b898258
36e04bcb421a2adcdd0265b94a9c26b7b8efb84a2ef1094e012408c72ee2731a
379f9e5b00a8989947938c2ea7b8bcefa55a4217ab32fbe3fe41df71906d5488
38c6a2d5b4a654ad9062ea9e6ba8632e6396ebeaa2943020a0897b9f7e038519
39ad57ff1ca593f8f82e3d0c022fdfeecbce3c5e487d10e73b0c26fca3b94db6
3a3bea88da4953ef0130c1b8042c9c248e4e5601533d91856ff1d8d49e2d474c
3b8a4381e1e8ea803ff4e66f0315f9ea5bfdedecf23f57e609d488c917cee47a
3c4501f00a895cee2b6a92c2ed2482c3fdd3512febac899e30533a48bfcbd545
3c925c807cc1b490519a3d005045d08329d8cf67682fe53c0b4aa2018ef1f713
3d4035e709c3856b025a4783eaab5d50a5fd43d9f08bddbf99dc97f133d3f169
3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
41a6e8394ea26e885a192d7a6ed16969bb3a6fc8a63eab95dd357ff0831d71a5
41dd3e48dbef1ddbc59957d4e99ef7662c1702dd8b55d0900b02150f87af354a
4287c42dfa851c2d08b8fb73a4e43f11b7ba2cb30c924e70f52b5db171ec1edf
432a0e678fd554e5e225965e0baf8ce42c2f047720d52600885f6e672b241674
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45f08f27c7337d189e8c31e635b5d0a0781b273131135cd77ee8b6f12366e7a2
4681233e2976482f51104bf6da715bf3a5bf1a81a4dd970f049a1d1680672511
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4726734a48b33c83575aa629342e5a8c36cf253e8c282c6e067b8a0c60a542ba
484180efc7548d96869e8a2d5e12feb8249fd4494ec70cbec7de6afc3cd0b3d5
48f08678e02e62a5a40fc22ecb0d4e4cf56a7128c65d8c61c3da35eeed607623
4a5ca62ea2dc8c4a9f826a9f047cc12c5ec311a9dec85e850978a7aa9f4af1af
4b228f3d327586f6a4496da45c54db8d2dd6fdd1320f776b955fa00b09c8c430
4c3a31701ee4ccc6355f224186c9f12e787a9a15228308b59051f0fc0f674fef
4d7a61d537d5d760873c8a3382cd94843074a083d1dee675df4921aa876d3f35
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eafe527720a57f38f56582f14808a90af591621f7c37b6aee22c6524f479531
4ec6e20e8d8fbe9338d338befc0c6485e9338c8c3eaf24ab594d189f5f86af55
50a57cb4985deedf7bb498bce30400abe703ffdc6beb0d158475d5c6a6c6a10f
524b1ce441567fce83af7e7dc1b33dba588b073cc6308dc86faa62b7862464b8
52c9ab42f1114ff3114cd2982fdb84dadac85133bd2bb23874ed98537e8e5b2f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
568c451356216bcad0be9a07f979d3a732ddfdad3d31496dfe3385bf321fe4e3
57554877947a356911e17034359412ea444c15f58884c0100062788dd3660bb8
582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e
58c1c5f33f3cabdf3ec6997934a5dbb6527717d8d406e0037d08acddfa9807b0
5941d1622373ff4da4a0ec6ae2c474a80f2e65763aca377b069690ed4cc26d02
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5a6a1024807e3504d93d0fc26e07281450105e97e36169a178243b9856dad356
5df2498d566a9c0c42fef5906f0818a35cfc4ce1cac95e1e0eed4265c838eb10
5ea9230176a3122f6b192ed19401210ddac7a452404de7a63491608721c72af9
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5f3013245f4ee591e331364ee5044664a65048925168bfee28037bb16082f5b2
6030447fd8de7eaab09a30abb6d458b1af476fb92bd51debafd38633136f8bbf
60854df78736c718f1a853d0d06ad8156a07c478487ac064276b6381bf262563
60c67b61c036e739d02f7ede3743012003c6bf06788c9fba601b65983c0a0ab3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
639fcd75ad19240531093db9d079f4be79913034b5ce3a7ae0b4006735f1fb2f
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
650587719d00d216eff81b7a8feade391863ace124e282d62018b1df5fd75f92
65506e8cec16ec70de94523c92f3a9e2103c276cc1f33080c5276aacd49a2232
6622b5e1a9d93d6b5a2f4eb7a0556f802fb002e5efde0d0f4e3781a94776e331
6627c5ab36fa407f18fc9b6987e359eccef005ae6d35b370d2142b7daa770324
6744210f688494b27c48e2efd47f4bc07c2b3213dcb7cd9562243821f598e8f0
68b8e71982e93fa7dd2f406283c640fa9e5cb2bcae72669d20f54012c428da3d
68c463175e3c4cd6d21d1b76b5f987d60f053241db42bea53d1b7886cdadbf2f
6942aa2d9cb977a25b9e503f731dd38210f0d0337b8b6783c5f9321924275261
6952c4a4aa1fc82d1402fd360f1f073aa47afb0cb35901617970950feca316a4
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6aa726e75228ac6cf59c93e23a1b5438925f0375514c11427ed31f97cefacee4
6d79d8863c5872b67109d566cdf248f4373c42174919d6c274bea392ad6308a5
71c81bc20d7d9e2006410eb27cb4cb86c01a8c6e0640422a22b4c6a4e735f0c5
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
751d553428d5a12f48713eded93b897b76a86182d7636ab668da62efaa55b100
75c14d573ca7ea5d7cdbe8afcefcf0cbfccae6f71ce146645fb2f72f68a4fc4b
75d9d212e2811afea51e1b0d425566c5b3f2be843066b5a8f91f9df7c328cda6
760fdda5f8b07a601d474e9b8bf112803f3ea71ad5ace3bb556b3a93218a2ebe
764df958623e81ae49b597536c4f788d01b6d7d5b6fa5933868a4fd691e379df
76caef6f679b05b758f3d3b7a5bd82ba1764fd5811c08aa0ffdcca89bbc9a6d2
798b67bb2ea3243fac61fc7df7e5585a5adc40887e278bdf62598ca5d7629903
7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d
7b0f51ee5400fd66a44bf55bcf94ad8287d59833e45b96037344cb285c0b67ff
7c96c3b81eeecd9dedb66b10f3ebcde82b970f511c80a6f54aaaac0a52626e9c
7f1b16eaedbed2350b3f7f27dff10f5fbbce59bcd490b57f553dc638e0999143
7f3fcf242977812fac5c2ee6aeb7c76cabb08441350636e219f5ad2df74348cc
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
82974b4398437d4fb787a1ee7ba612d097572e6865ce0b730a72b8356a7b560b
830cac2a8908afc16e114cd8393040e1cf11977a968af0c0dd052d592868ea16
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
855b336540e9460f01d5d358d35d24748cbd20db695e0d41f6945cdbef07b7e8
861800a5f92c43690112a0dd11d031424bd6972effad3221efab1df2528dab95
862cc29647e2bfc9567191b9475cda431dcaf80f556578d21cea3dbee24da5f0
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
86b1ee29b2a05af1d09b09d013c8377c25326858975f42c82e27811013b94617
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
89959989fc6953c080ffc7ddd6fd58ccd1ea151557cf13e1e8f00d54f12df4a3
8b77f571208a0eb6891d6e3e3abb22802b57c0f1efc364215a955ab9d7cab282
8beb8e14fae48b4d27d511b3ecfd31d686862d0ae6885c19ef1c488c79dde62f
8c5bf6b2240ae5d5a9f66ca1db2bb6d97e1712e28362e0b1fea61583f533289e
91967c0586b18289b2492b3b2abfbeb611a36d4a0e249d14efce99eff7af6204
92fe827b33f7918ed22bd4b614e81b7a15b1b9b43df021648eb33861ddb28896
9366be9dc7f0c13655e2a45ce1df32f55b937efc0878b30954969c88151f1482
943c86949eee24ae98134e6f35c38c124aaa52b2621bda54dcbd4fae292ffe52
949b0b9bf6768359f6f85d4b5c112de352e47a7f476f0f47c1574a1e26f3f8e7
949e2886f2710abf4b3f39bc231ce4462d477f62bc6e958ce17804d82e293466
949ef00ce71e069fc69a6b829771726245072e18e56b264c536837c459b3febf
95b968e13d205a7842b355f9bd82f9f64f6f272ff0810734c49d2bb89d64a336
95c9d55236c9738e63958cae59ad3e318e1878aff5ca8af40bf2eb24f67ff0b3
962633a9b2b7df607d091396cbe096cef615f8bd36ea627151254a5743c4e0c7
97cee0b4094231f93a768249e8a3b8b084bf9ada186680f9f5d9dd7fdc1cbc52
989452e4449bc3fbf39cf293bd39dc561a02f5e56eba451d16d11995937dc80a
98dde1ef4bee5b029414497f78b0e84ce767d2abe32ba277d896fb89e16ad762
9a3b0bfa12d811192b83c90de77d01b7cf811dfc4f4bb6764c2f931c59659055
9b343f5b282fdc27b539204023977f6577848992348b1e7df65b437a4ccb6999
9cc747c7ddf91c1b85a1128611dee99625705a16c55d4c60e4061aa50b6f0194
9de8287131e2598e3407c73ce9501c58797c1c8180e729b8420e6ea793654ad8
9ea0f19e962c7a83808a97c45edf616ce5bf9362864c1f1ef67e091336201007
9ea5989732edb102b37fbcd59e7f4a843c05c36af1e10750e00477c9f9c27f09
9ff8be4caae44452d25370811829bcf0de87a264bc6dab2b9c45ec89b57b7c8c
a0107a6693b6ccde2883d4ad8f80a8a19a8278c5deb30f75f7dcd10292258e60
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0a9ce1553fa74dad4d8cf55b7df7d012a3acdec01cd39d682fce0e5b52e99f2
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a11f6bced2edd1fe6b5d65915df4e7784f948f6ac71f2d620000dcfa7287055b
a2721298ae526f997c556afcd0a7f768abfd6ad9b0ce4ec449d5b27b86929f04
a344d4c39d7f2c3be22d25f42778f132f3b154494dc03de8ca404f2d8ecc771c
a4561da777935fa07b41fbb1e3ade995d20c92560e803303f6f7e0d8fec27ff6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a8f221f028cab6d2619c4c624a1be0044cdea534580268ef8e26eced08d61f27
aa942a3ff91212dd6dda93102aed00df77c56644f51aebf6897cba98027f3019
ab3c3c284b61f45b8a1fb3b068f038a60a7e157b5345baebc290e11ded074304
ab80009b4b89bde5dad1b4ddfeceb50398e60997afc7bd6d5d29267b8dd21544
abb45ae4b3a896ae99132c1786a9676218c119ea552d3fbb5ab6d40d9e05e43c
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad8704323a343240bd16d1407038640e7e4db94a0399ae26fb969971dd05e6f0
ae4ebf47a893af26c9f146af0f337b50b181a99d0aaf217caa42b287e75d42b1
aeb75a195a5313f043a0926141eabb1b2bbd29bf730f42ee973916f7c105d627
aef582d4ee037e108e56f1442cf924b774f53206e4837fb8ade115ccc1e444cc
afb7ea80d0b74fc7796d4ca51b5d473e97ffb4f0aeceaa9fac033992b4c29955
aff7b119bcfdca1284aef4881d39e32b2a4598e920c698f88c31a5c6494ca251
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2286ec341537b6ac60edddc2db84438c2cce9c6629f3cd633ae139d6cd741de
b23499bc6db4024c90e88fbe67bde4383aaec46802e76cbd3aca96fc4912b5de
b38316b8854856c90a7249b74cd6c67c0c9980395d726089ccecedd64e0cbac5
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b72652b56ae330db8cc49c32017990eb5292f236b0e4618c327d1c686d9f6608
b9f65b633a49a499a034c954707d726a90d5571ec8fc571eb7c5e4e59e9b3108
bc21cd63148182df5b237359c9a6c017f90f5dc3d3427684fef1c8011c221071
bd24c662d59b09dc2750610bca4aa94d397a00dd217f9590ad8fc6c0ac93a389
becd124e0894570d928778df3677413aa7c44cb86e63e4592ccb117d3f2a5b21
bf6bc1aa9838ce82292b3f20f001742e56d80fa548942deb96e23aa2c361e930
c0d4d43beca81165da6ee70be7990118601aa20d1e1d27a55b6ce2b75f160fb6
c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac
c29450aa7faa8c3b95856e063381b57cdb15e600bd9330a30ef455231e6dcb75
c3250dddede58f7f19d690ea9b8dc8285a4ee533d29cfaa5bfe5bcb833f61501
c56617b3dabcfa00d7b20aa2b2e76ff3f4483fb67abb4bdcef754d617617d537
c7cdcc5b203caedbdc44a7eefab7dbabc65b31f242eb4f9ebfd0cb873c5e2f1a
cd0a79c9f6fe230a03c556ab5f3f0ff8b1c7fcac00f498e03bfa1e8c12864cbd
ceaccd3394b874684aeb2eb2642b9d244638121c9279cf45ca61b16b0d879b9f
cefaa2122b5241fdfe02a820ab07fdad41335a9b216369173a9c7ea845f0b4aa
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1de19641ab7735cfc5a743ffe50f62b10f77765e24ade9c5ddf1cbdb336b184
d2535815833746fe6683a50cac72e5025b099db7b21e6a5b3896e01973c91050
d29d84e698eb10452f97d8a6f249b73496beb844cef58e920e3832bd321d64a2
d2e14cb9b8fdd6c0d0385c77700342ebabc3f7e225aacc024cbf060154836a4c
d38236a3fa83635118b6b177bda2330ce7e5ce09a3e50d9f4a6933b2923c5af8
d56179d996f7bb8ce94673c80d3ab5169ee72f353d964e07f29fac5a1178f336
d68b8ce9f72f1dc6328c565cea5a982794b16107d14c1b0c74c98e9379d64788
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d854082be0173c977aad8f65cdb9b88fd005f3dd3f34f894ab9fdba5a283780f
d87a8b154b35ddff22ef7aba504fea8d1d60e95066656cc98ecdf539c1a49756
d89fcffc0f013b852144e04aa7a737bb546d07b34e548d8a4921ab04df726082
d99e718cab8c6b8660c2c9fa7d850dc5db3032d3e047677cbb199e11d522015c
dc23f0b941f100ab048b7ad426f8f0a3baa64f0214128f35c215eec65d79eb44
de1e4de280b6c5a994c5cf6cd5e9dc27d1007a773610b658fb28abcbe446aa4b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfe02a2d93a93c68f34213c0b1f9c16f59edc3a652167733cc9a06b3ed7fdecd
e02e931e3b33dfd8c740ea8d855acdd7dfde5548cfb19d55cee884fca43b37df
e1482b4682d8c319e429299882caefb8e5a1ef1f920e5d6ba94f37e1c018c1e0
e209665ef10fbcc77c20dd867a90137fb6b9bc60c329902c4965a54d2e0991e2
e2f603f1c3d380a4e66add278127064b269dcf63c203aea18eb166d3e54113bb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b9d318b3157ccbfc3bb00e82a446613294f9a592c01537662386bd848882b7
e72be61571fe24e0eef51adb808234b76361bfb018ed9df2eab59c5b62a8fcaa
e73a140c69c1bc697cacc30b095e0adbe7153c61bb8d94b3b550e34601c4b042
e768231b174c1dd7aa4f41f1a3036cabd6c487b7e62620807688c5b6d2446636
e7a55fcb0644fa21a25cb41dc6e9075f791b1137338ded288f45e844311eb095
e7e696f3b5ef25c97cde87bfbe910d446dc98e85192c814c4c3a540d1ac857ed
e94d05953e24fb7bb0feb46cd12039076bf8b019b7419115626873f79e5916c8
ea3beb3b729fa441bfe32c9025cb5b80981c4df45cdc63ba6d77879e07d0c230
eafb5df512cff880735757c1c4d594641b197a4c0d494a47652f09d3f8cfbe01
eccc6af2db59bf74846d50df7b7c61dcfe9f3ddc527a8d7717fd9aed5e8dbcd7
ee0a6f4c9dfcfec0fce1e8af5b5308253ef370a04ac365f2dc5856855af4ecde
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f02ec72066c988a60898d46ae83e2679cffa7f8443454998c2c3ab46de936992
f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20
f1bbda49198174d51c9d45ae321aa5006bc9a5b938f107785e1e9491a91ce6ef
f1e25328be62ee5aca4777d33ecfbaf64a502f80dac2008bd7197e236cac8dc7
f26ccd4e8b025d912f8fc717147c83f61888ade088fb1b2c62f67537e6e4cb46
f3c0fa2cd71bb91d0e3acf5d77b93c49a184e9ad941532ca8c07c82eb0bd6a6c
f3c78e4497069dc954a923782a5ea9735de4d4690360b79b899b2b84025b011a
f4fc114373da7e63fade04d84f7f1cfb5b31632246f33b10f3b7b275b85e6dd6
f76b73ee055dea437af2f74b2cb2e61d98c7251c4da10782ddc3014e62f06f86
f8c4c984b473b0af9395926bec3bc5124d43c9d29e9be278f3d2688a723c375d
f8eb721a2779fdba01e356f6447fa47531d38f642142826a7605da4c89cd04c6
f9a0ae88e503e365d9fef257a5a227aba56325ed3b9aee5cfe4f14837cb1554e
fdf59bdbecdce192c2cc203d4746a7e71013f50e41c3895a4347dca36af26b57
fe3fcb884394be745dbd11141b6d780028a4d86106b6292d7502db096f582218
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ff1954848478f652afd2a8e780863b412d7c7b58307ae9d37b380f257ee4eddf
ffbc653c9f8786b0a39fc63ef00a9a247315687267478843439f079fb87d4c7e

www.thenewstribune.com Open in urlscan Pro 184.24.0.132 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

367 Requests

79 %HTTPS

37 %IPv6

57 Domains

93 Subdomains

84 IPs

10 Countries

8539 kBTransfer

19151 kBSize

32 Cookies

44 Outgoing links

Page URL History

Redirected requests

367 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.thenewstribune.com Open in urlscan Pro
184.24.0.132 Public Scan

Screenshot
Live screenshot

Full Image

367
Requests

79 %
HTTPS

37 %
IPv6

57
Domains

93
Subdomains

84
IPs

10
Countries

8539 kB
Transfer

19151 kB
Size

32
Cookies

367 HTTP transactions
6 data transactions