www.thenewstribune.com Open in urlscan Pro
23.41.180.11 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://appllnc.robinhood-account.alsoekr.com/
Effective URL:
https://www.thenewstribune.com/
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On April 05 via api (April 5th 2024, 12:58:23 am UTC) from IT — Scanned from IT

Summary HTTP 222 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 48 IPs in 5 countries across 37 domains to perform 222 HTTP transactions. The main IP is 23.41.180.11, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.thenewstribune.com. The Cisco Umbrella rank of the primary domain is 340602.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on January 30th 2024. Valid for: 7 months.

This is the only time www.thenewstribune.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	89.117.146.210 89.117.146.210	40021 (NL-811-40021) (NL-811-40021)
1 1	166.108.36.245 166.108.36.245	6118 (MCCLATCHY...) (MCCLATCHY-CORP)
54	23.41.180.11 23.41.180.11	16625 (AKAMAI-AS) (AKAMAI-AS)
3	142.250.185.138 142.250.185.138	15169 (GOOGLE) (GOOGLE)
1	52.216.57.89 52.216.57.89	16509 (AMAZON-02) (AMAZON-02)
4	104.126.37.152 104.126.37.152	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	18.245.31.100 18.245.31.100	16509 (AMAZON-02) (AMAZON-02)
1	34.111.134.78 34.111.134.78	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	172.217.18.99 172.217.18.99	15169 (GOOGLE) (GOOGLE)
3	172.64.146.152 172.64.146.152	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.18.41.104 104.18.41.104	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.245.31.78 18.245.31.78	16509 (AMAZON-02) (AMAZON-02)
8	35.161.181.150 35.161.181.150	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.27 18.66.112.27	16509 (AMAZON-02) (AMAZON-02)
8	52.35.48.138 52.35.48.138	16509 (AMAZON-02) (AMAZON-02)
18	151.101.66.132 151.101.66.132	54113 (FASTLY) (FASTLY)
2	65.9.95.111 65.9.95.111	16509 (AMAZON-02) (AMAZON-02)
1 2	107.178.250.234 107.178.250.234	15169 (GOOGLE) (GOOGLE)
1	54.166.51.141 54.166.51.141	14618 (AMAZON-AES) (AMAZON-AES)
2	34.117.77.79 34.117.77.79	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 3	65.9.95.52 65.9.95.52	16509 (AMAZON-02) (AMAZON-02)
4	3.73.232.59 3.73.232.59	16509 (AMAZON-02) (AMAZON-02)
1 2	52.213.253.4 52.213.253.4	16509 (AMAZON-02) (AMAZON-02)
1	91.228.74.159 91.228.74.159	16509 (AMAZON-02) (AMAZON-02)
2	142.250.184.200 142.250.184.200	15169 (GOOGLE) (GOOGLE)
2	34.160.169.226 34.160.169.226	15169 (GOOGLE) (GOOGLE)
2	178.249.97.23 178.249.97.23	11054 (LIVEPERSON) (LIVEPERSON)
2	104.18.33.216 104.18.33.216	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.102.15 18.66.102.15	16509 (AMAZON-02) (AMAZON-02)
2	142.250.74.206 142.250.74.206	15169 (GOOGLE) (GOOGLE)
1	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
2	173.194.76.157 173.194.76.157	15169 (GOOGLE) (GOOGLE)
2	142.250.185.163 142.250.185.163	15169 (GOOGLE) (GOOGLE)
2	13.32.27.47 13.32.27.47	16509 (AMAZON-02) (AMAZON-02)
2	178.249.97.99 178.249.97.99	11054 (LIVEPERSON) (LIVEPERSON)
5	34.120.154.120 34.120.154.120	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	142.250.185.196 142.250.185.196	15169 (GOOGLE) (GOOGLE)
2	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2	172.64.144.166 172.64.144.166	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.160.150.11 3.160.150.11	16509 (AMAZON-02) (AMAZON-02)
1	13.32.27.122 13.32.27.122	16509 (AMAZON-02) (AMAZON-02)
1	65.9.94.57 65.9.94.57	16509 (AMAZON-02) (AMAZON-02)
2	65.9.95.107 65.9.95.107	16509 (AMAZON-02) (AMAZON-02)
1	208.89.15.170 208.89.15.170	11054 (LIVEPERSON) (LIVEPERSON)
1	65.9.95.9 65.9.95.9	16509 (AMAZON-02) (AMAZON-02)
1	65.9.94.19 65.9.94.19	16509 (AMAZON-02) (AMAZON-02)
1	54.231.229.201 54.231.229.201	16509 (AMAZON-02) (AMAZON-02)
2	208.89.12.87 208.89.12.87	11054 (LIVEPERSON) (LIVEPERSON)
1	3.239.232.237 3.239.232.237	14618 (AMAZON-AES) (AMAZON-AES)
222	48

1 89.117.146.210 (United States) 1 redirects

ASN40021 (NL-811-40021, US)
PTR: vmi1717887.contaboserver.net

appllnc.robinhood-account.alsoekr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 166.108.36.245 (Sacramento, United States) 1 redirects

ASN6118 (MCCLATCHY-CORP, US)
PTR: vnet831.ejoco.com

thenewstribune.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

54 23.41.180.11 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-41-180-11.deploy.static.akamaitechnologies.com

www.thenewstribune.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.theolympian.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.mcclatchy-wires.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.mcclatchy-partners.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.57.89 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

mcclatchy-next-apps-prod.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.126.37.152 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-152.deploy.static.akamaitechnologies.com

api.dsp.mcclatchy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.245.31.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-100.fra56.r.cloudfront.net

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.134.78 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 78.134.111.34.bc.googleusercontent.com

flowerstreatment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.18.99 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f99.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.146.152 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.41.104 (None, )

ASN13335 (CLOUDFLARENET, US)

img.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.31.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-78.fra56.r.cloudfront.net

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.161.181.150 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-161-181-150.us-west-2.compute.amazonaws.com

api2.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-27.fra56.r.cloudfront.net

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.35.48.138 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-35-48-138.us-west-2.compute.amazonaws.com

profile-api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 151.101.66.132 (United States)

ASN54113 (FASTLY, US)

api.lab.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.95.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-111.prg50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.250.234 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com

js.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.166.51.141 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-51-141.compute-1.amazonaws.com

www.i.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.117.77.79 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.77.117.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.95.52 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-52.prg50.r.cloudfront.net

cdn.keywee.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.73.232.59 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-232-59.eu-central-1.compute.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.213.253.4 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-253-4.eu-west-1.compute.amazonaws.com

secure-us.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.159 (United Kingdom)

ASN16509 (AMAZON-02, US)

edge.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.160.169.226 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 226.169.160.34.bc.googleusercontent.com

scissorsstatement.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.97.23 (United States)

ASN11054 (LIVEPERSON, US)

lptag.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.33.216 (None, )

ASN13335 (CLOUDFLARENET, US)

sdk.iad-05.braze.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-15.fra56.r.cloudfront.net

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.206 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.76.157 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net

www.google.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.27.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-47.fra56.r.cloudfront.net

htlbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.97.99 (United States)

ASN11054 (LIVEPERSON, US)
PTR: lo-accdn.lpsnmedia.net

accdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.120.154.120 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 120.154.120.34.bc.googleusercontent.com

lpcdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.144.166 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.160.150.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-11.fra60.r.cloudfront.net

launchpad-wrapper.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-122.fra56.r.cloudfront.net

launchpad.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.94.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-94-57.prg50.r.cloudfront.net

dyv1bugovvq1g.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.95.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-107.prg50.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.89.15.170 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va.idp.liveperson.net

va.idp.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-9.prg50.r.cloudfront.net

edition.pagesuite-professional.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.94.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-94-19.prg50.r.cloudfront.net

d15kdpgjg3unno.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.231.229.201 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

ams-pageview-public.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 208.89.12.87 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va.v.liveperson.net

va.v.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.239.232.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-239-232-237.compute-1.amazonaws.com

sqs.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	thenewstribune.com 1 redirects thenewstribune.com — Cisco Umbrella Rank: 319597 www.thenewstribune.com — Cisco Umbrella Rank: 340602	883 KB
34	amplitude.com api2.amplitude.com — Cisco Umbrella Rank: 1235 profile-api.amplitude.com — Cisco Umbrella Rank: 49617 api.lab.amplitude.com — Cisco Umbrella Rank: 4517	7 KB
7	lpsnmedia.net accdn.lpsnmedia.net — Cisco Umbrella Rank: 3701 lpcdn.lpsnmedia.net — Cisco Umbrella Rank: 4055	287 KB
6	gstatic.com fonts.gstatic.com	243 KB
5	liveperson.net lptag.liveperson.net — Cisco Umbrella Rank: 3828 va.idp.liveperson.net — Cisco Umbrella Rank: 9163 va.v.liveperson.net — Cisco Umbrella Rank: 4135	132 KB
5	connatix.com cd.connatix.com — Cisco Umbrella Rank: 3452 img.connatix.com — Cisco Umbrella Rank: 4563 cds.connatix.com — Cisco Umbrella Rank: 3596	625 KB
5	osano.com cmp.osano.com — Cisco Umbrella Rank: 5222	81 KB
4	privacymanager.io launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 2864 launchpad.privacymanager.io — Cisco Umbrella Rank: 2374 geo.privacymanager.io — Cisco Umbrella Rank: 1937	28 KB
4	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 96 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 212	168 KB
4	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 2903	9 KB
4	mcclatchy.com api.dsp.mcclatchy.com — Cisco Umbrella Rank: 48465	2 KB
3	keywee.co 1 redirects cdn.keywee.co — Cisco Umbrella Rank: 21885	9 KB
3	matheranalytics.com 1 redirects js.matheranalytics.com — Cisco Umbrella Rank: 12297 www.i.matheranalytics.com — Cisco Umbrella Rank: 12013	43 KB
3	amazonaws.com mcclatchy-next-apps-prod.s3.amazonaws.com — Cisco Umbrella Rank: 66220 ams-pageview-public.s3.amazonaws.com — Cisco Umbrella Rank: 9131 sqs.us-east-1.amazonaws.com — Cisco Umbrella Rank: 5704	2 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 38	3 KB
2	cloudfront.net dyv1bugovvq1g.cloudfront.net d15kdpgjg3unno.cloudfront.net	28 KB
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 1599	122 KB
2	htlbid.com htlbid.com — Cisco Umbrella Rank: 7795	137 KB
2	google.it www.google.it — Cisco Umbrella Rank: 27044	515 B
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3274 www.google.com — Cisco Umbrella Rank: 2	322 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	21 KB
2	braze.com sdk.iad-05.braze.com — Cisco Umbrella Rank: 3235	594 B
2	scissorsstatement.com scissorsstatement.com — Cisco Umbrella Rank: 61959	882 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 43	160 KB
2	imrworldwide.com 1 redirects secure-us.imrworldwide.com — Cisco Umbrella Rank: 2585	1010 B
2	ml314.com ml314.com — Cisco Umbrella Rank: 1846	11 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 170	3 KB
2	mcclatchy-wires.com www.mcclatchy-wires.com — Cisco Umbrella Rank: 99075	73 KB
1	pagesuite-professional.co.uk edition.pagesuite-professional.co.uk — Cisco Umbrella Rank: 81438	36 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1386	1 KB
1	quantserve.com edge.quantserve.com — Cisco Umbrella Rank: 22078	9 KB
1	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 708	483 B
1	mcclatchy-partners.com www.mcclatchy-partners.com — Cisco Umbrella Rank: 175324	44 KB
1	theolympian.com www.theolympian.com — Cisco Umbrella Rank: 701364	58 KB
1	flowerstreatment.com flowerstreatment.com — Cisco Umbrella Rank: 62661	25 KB
1	alsoekr.com 1 redirects appllnc.robinhood-account.alsoekr.com	500 B
0	fullcontact.com Failed tags.fullcontact.com Failed
222	37

	Domain	Requested by
50	www.thenewstribune.com	www.thenewstribune.com cmp.osano.com
18	api.lab.amplitude.com	www.thenewstribune.com
8	profile-api.amplitude.com	www.thenewstribune.com
8	api2.amplitude.com	www.thenewstribune.com
6	fonts.gstatic.com	fonts.googleapis.com
5	lpcdn.lpsnmedia.net	cmp.osano.com
5	cmp.osano.com	www.thenewstribune.com cmp.osano.com
4	tags.srv.stackadapt.com	www.thenewstribune.com tags.srv.stackadapt.com
4	api.dsp.mcclatchy.com	www.thenewstribune.com
3	cdn.keywee.co	1 redirects cdn.keywee.co
3	fonts.googleapis.com	www.thenewstribune.com cmp.osano.com
2	va.v.liveperson.net	cmp.osano.com
2	geo.privacymanager.io	launchpad.privacymanager.io
2	cdn.confiant-integrations.net	cmp.osano.com
2	securepubads.g.doubleclick.net	cmp.osano.com
2	accdn.lpsnmedia.net	cmp.osano.com
2	htlbid.com	cmp.osano.com
2	www.google.it
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	sdk.iad-05.braze.com	www.thenewstribune.com
2	lptag.liveperson.net	cmp.osano.com
2	scissorsstatement.com	flowerstreatment.com
2	www.googletagmanager.com	www.thenewstribune.com www.googletagmanager.com
2	secure-us.imrworldwide.com	1 redirects
2	ml314.com	www.thenewstribune.com ml314.com
2	js.matheranalytics.com	1 redirects www.thenewstribune.com
2	sb.scorecardresearch.com	www.thenewstribune.com
2	cds.connatix.com	cd.connatix.com cds.connatix.com
2	www.mcclatchy-wires.com	www.thenewstribune.com
2	img.connatix.com	www.thenewstribune.com
1	sqs.us-east-1.amazonaws.com	d15kdpgjg3unno.cloudfront.net
1	ams-pageview-public.s3.amazonaws.com
1	d15kdpgjg3unno.cloudfront.net	cmp.osano.com
1	edition.pagesuite-professional.co.uk
1	va.idp.liveperson.net	cmp.osano.com
1	dyv1bugovvq1g.cloudfront.net	htlbid.com
1	launchpad.privacymanager.io	cmp.osano.com
1	launchpad-wrapper.privacymanager.io	cmp.osano.com
1	www.google.com
1	region1.analytics.google.com	www.googletagmanager.com
1	rules.quantcount.com	edge.quantserve.com
1	edge.quantserve.com	www.thenewstribune.com
1	www.i.matheranalytics.com	www.thenewstribune.com
1	static.adsafeprotected.com	www.thenewstribune.com
1	www.mcclatchy-partners.com	www.thenewstribune.com
1	www.theolympian.com	www.thenewstribune.com
1	cd.connatix.com	www.thenewstribune.com
1	flowerstreatment.com	cmp.osano.com
1	mcclatchy-next-apps-prod.s3.amazonaws.com	www.thenewstribune.com
1	thenewstribune.com	1 redirects
1	appllnc.robinhood-account.alsoekr.com	1 redirects
0	tags.fullcontact.com Failed	www.thenewstribune.com
222	53

This site contains links to these domains. Also see Links.

Domain
account.thenewstribune.com
subscribe.thenewstribune.com
liveedition.thenewstribune.com
www.legacy.com
myaccount.thenewstribune.com
thenewstribune.newspapers.com
go.mcclatchy.com
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
tribnet.obituaries.com
placeclassifieds.mcclatchy.com
classifieds.mcclatchy.com
placecelebration.mcclatchy.com
jobs.thenewstribune.com
business.mcclatchy.com
hiring.mcclatchy.com
www.winwithmcclatchy.com
thenewstribune.com
www.mcclatchy.com
privacy-central.securiti.ai
mycheckout.thenewstribune.com

Subject Issuer	Validity	Valid
www.mcclatchydc.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-30` - `2024-09-03`	7 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-03`	9 months	crt.sh
orchestration.mcclatchy.com R3	`2024-01-31` - `2024-04-30`	3 months	crt.sh
*.osano.com Amazon RSA 2048 M03	`2023-10-18` - `2024-11-15`	a year	crt.sh
flowerstreatment.com R3	`2024-02-03` - `2024-05-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
connatix.com GTS CA 1P5	`2024-03-01` - `2024-05-30`	3 months	crt.sh
img.connatix.com GTS CA 1P5	`2024-04-04` - `2024-07-03`	3 months	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2024-01-31` - `2025-03-02`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
*.lab.amplitude.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-11-29` - `2024-12-30`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh
www.i.matheranalytics.com Amazon RSA 2048 M03	`2023-11-15` - `2024-12-14`	a year	crt.sh
event-horizon.gcp.bomm.in GTS CA 1D4	`2024-02-28` - `2024-05-28`	3 months	crt.sh
*.srv.stackadapt.com Amazon RSA 2048 M02	`2023-09-09` - `2024-10-07`	a year	crt.sh
quantserve.com R3	`2024-02-25` - `2024-05-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
scissorsstatement.com R3	`2024-01-30` - `2024-04-29`	3 months	crt.sh
*.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2023-11-28` - `2024-11-27`	a year	crt.sh
sdk.iad-05.braze.com E1	`2024-03-05` - `2024-06-03`	3 months	crt.sh
*.anyword.com Amazon RSA 2048 M01	`2023-06-05` - `2024-07-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.google.it GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
htlbid.com Amazon RSA 2048 M01	`2023-09-21` - `2024-10-18`	a year	crt.sh
*.lpsnmedia.net Sectigo RSA Organization Validation Secure Server CA	`2023-11-15` - `2024-11-14`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
confiant-integrations.net GTS CA 1P5	`2024-03-16` - `2024-06-14`	3 months	crt.sh
*.privacymanager.io Amazon RSA 2048 M01	`2023-07-27` - `2024-08-24`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.idp.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2024-02-26` - `2025-02-25`	a year	crt.sh
edition.pagesuite.com Amazon RSA 2048 M03	`2023-08-17` - `2024-09-13`	a year	crt.sh
*.v.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2023-10-31` - `2024-10-30`	a year	crt.sh
queue.amazonaws.com Amazon RSA 2048 M01	`2024-01-18` - `2024-12-28`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://www.thenewstribune.com/
Frame ID: E2E867EBCAA894622B36DBE4AE8FBE2C
Requests: 160 HTTP requests in this frame

Frame: https://cd.connatix.com/connatix.player.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
Frame ID: 7F683D3AFA56BCD564933F76DA78A891
Requests: 3 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: 1DE48B3CF8EDEFA4DA1D7881643D1B01
Requests: 1 HTTP requests in this frame

Frame: blob://https://www.thenewstribune.com/3e694726-3ef3-4597-adeb-afbee7023c48
Frame ID: 602BBF8640E0A7960EFFF099BCC9A76D
Requests: 3 HTTP requests in this frame

Frame: blob://https://www.thenewstribune.com/adfd5146-3d3f-49c8-a1be-d49957f99686
Frame ID: 9786E779F546E9E73B92B5877CEBC6A7
Requests: 3 HTTP requests in this frame

Frame: blob://https://www.thenewstribune.com/b773e49d-87d0-4904-80c4-cf9557c24593
Frame ID: DE7ED641BAB2B4FFA73F90974DB134EC
Requests: 2 HTTP requests in this frame

Frame: blob://https://www.thenewstribune.com/aadbfc6d-3026-4d22-85f9-383a5a7e93b3
Frame ID: 8319F974DB2C445284F942D7D87473C3
Requests: 3 HTTP requests in this frame

Frame: blob://https://www.thenewstribune.com/7ce930d4-f2d9-4aa1-bfd6-ee60cc7d6091
Frame ID: C9572DB26CEA364FDEE01EC14C35EAF6
Requests: 3 HTTP requests in this frame

Frame: blob://https://www.thenewstribune.com/d16df9ca-0b44-4665-ae0f-67b4f911cf12
Frame ID: D433B0BDA99AA32FFFA5357E2493BDCE
Requests: 5 HTTP requests in this frame

Frame: blob://https://www.thenewstribune.com/1c09c729-5ca2-44c9-9473-936f5566569c
Frame ID: 7E6896415F3D323A99E351E935F5E604
Requests: 2 HTTP requests in this frame

Frame: blob://https://www.thenewstribune.com/a258805d-5559-46dc-92ee-15de88cf1cd6
Frame ID: 53E24271343ACEC22C6E7CB7AEF40C46
Requests: 3 HTTP requests in this frame

Frame: blob://https://www.thenewstribune.com/db414497-fad8-436b-97c4-c07e9f94a7cc
Frame ID: 9FE2909E6EEF376BB1BC4F8ABD0B9713
Requests: 11 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.27.0-release_1222449294/storage.secure.min.html?loc=https%3A%2F%2Fwww.thenewstribune.com&site=2196236&env=prod&isCrossDomain=true&accdn=accdn.lpsnmedia.net
Frame ID: A3F4FFF742CAEFE6E6ED277801BF30F0
Requests: 1 HTTP requests in this frame

Frame: https://va.idp.liveperson.net/postmessage/postmessage.min.html?bust=1712278698693&loc=https%3A%2F%2Fwww.thenewstribune.com
Frame ID: B9AE0AB7707C67ACFE995C4F9B64C9E1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tacoma WA Breaking News, Crime & More | Tacoma News Tribune

Page URL History Show full URLs

http://appllnc.robinhood-account.alsoekr.com/ HTTP 307
https://appllnc.robinhood-account.alsoekr.com/ HTTP 307
https://thenewstribune.com/ HTTP 301
https://www.thenewstribune.com/ Page URL

Detected technologies

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

222
Requests

75 %
HTTPS

0 %
IPv6

37
Domains

53
Subdomains

48
IPs

5
Countries

3252 kB
Transfer

8511 kB
Size

11
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: https://account.thenewstribune.com/auth0
Title: Log In

Search URL Search Domain Scan URL

URL: https://subscribe.thenewstribune.com/beinformed
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://liveedition.thenewstribune.com/
Title: Tacoma Now

Search URL Search Domain Scan URL

URL: https://www.legacy.com/us/obituaries/tribnet/browse
Title: Obituaries

Search URL Search Domain Scan URL

URL: https://myaccount.thenewstribune.com/tac_nt/home
Title: Account Management

Search URL Search Domain Scan URL

URL: https://thenewstribune.newspapers.com/
Title: Archives

Search URL Search Domain Scan URL

URL: https://go.mcclatchy.com/media-capabilities-tacoma/p/1/
Title: Contact McClatchy Advertising

Search URL Search Domain Scan URL

URL: https://www.facebook.com/tacomanewstribune
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/thenewstribune
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/thenewstribune/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/TacomaNewsTribune
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.legacy.com/obituaries/tribnet/
Title: View Obituaries

Search URL Search Domain Scan URL

URL: https://tribnet.obituaries.com/
Title: Place an Obituary

Search URL Search Domain Scan URL

URL: https://placeclassifieds.mcclatchy.com/classifieds/tacoma/index.html
Title: Place a Classified Ad

Search URL Search Domain Scan URL

URL: https://placeclassifieds.mcclatchy.com/classifieds/tacoma/flow.html?action=jump&_flowId=adportal-classified-flow&categoryName=Recruitment&classificationName=Employment
Title: Post a Job

Search URL Search Domain Scan URL

URL: https://classifieds.mcclatchy.com/marketplace/tacoma
Title: Browse Classifieds

Search URL Search Domain Scan URL

URL: https://placecelebration.mcclatchy.com/celebrations/tacoma/index.html
Title: Place an Ad - Celebrations

Search URL Search Domain Scan URL

URL: https://jobs.thenewstribune.com/
Title: Search Jobs

Search URL Search Domain Scan URL

URL: https://business.mcclatchy.com/tacoma
Title: Place an Ad

Search URL Search Domain Scan URL

URL: https://hiring.mcclatchy.com/recruitmentproducts
Title: Staffing Solutions

Search URL Search Domain Scan URL

URL: https://www.winwithmcclatchy.com/political-advocacy
Title: Political | Advocacy Advertising

Search URL Search Domain Scan URL

URL: https://thenewstribune.com/mobile
Title: Tacoma News Tribune App

Search URL Search Domain Scan URL

URL: http://www.youtube.com/user/TacomaNewsTribune

Search URL Search Domain Scan URL

URL: https://www.mcclatchy.com/our-impact/markets/the-news-tribune
Title: About Us

Search URL Search Domain Scan URL

URL: https://go.mcclatchy.com/media-capabilities-tacoma/p/1
Title: McClatchy Advertising

Search URL Search Domain Scan URL

URL: https://www.mcclatchy.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://privacy-central.securiti.ai/#/dsr-universal/0a979fab-900d-4113-aab0-e2bf786400ac
Title: Your Privacy Choices

Search URL Search Domain Scan URL

URL: https://mycheckout.thenewstribune.com/subscribe?ofrgp_id=428&g2i_or_o=OnSite&g2i_or_p=Atribit2&cid=modal_homepage_1-1mo-15.99-attribits-lightbox_202311
Title: SUBSCRIBE NOW

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://appllnc.robinhood-account.alsoekr.com/ HTTP 307
https://appllnc.robinhood-account.alsoekr.com/ HTTP 307
https://thenewstribune.com/ HTTP 301
https://www.thenewstribune.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 96

https://js.matheranalytics.com/s/ma12095/74930801/all/ml.js?cb=1652 HTTP 301
https://js.matheranalytics.com/static/ltm/ma12095/all/11/ml.br.js

Request Chain 125

https://cdn.keywee.co/dist/analytics.min.js HTTP 301
https://cdn.keywee.co/dist/analytics-1.5.12.min.js

Request Chain 127

https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.thenewstribune.com/&rp=&ts=compact&rnd=1712278697342 HTTP 302
https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.thenewstribune.com/&rp=&ts=compact&rnd=1712278697342&ja=1

222 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.thenewstribune.com/
Redirect Chain

http://appllnc.robinhood-account.alsoekr.com/
https://appllnc.robinhood-account.alsoekr.com/
https://thenewstribune.com/
https://www.thenewstribune.com/

188 KB
22 KB

382ms
49ms

Document
text/html

23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 799661126c924c8819eb17ce1da3dc6855bb66060813f2258745b9a98e681b30

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 21108
content-type: text/html;charset=utf-8
date: Fri, 05 Apr 2024 00:58:16 GMT
etag: W/"2ed79-acAW/VMNAhbvM0E05co0jjxfxco"
expires: Fri, 05 Apr 2024 00:58:16 GMT
last-modified: Fri, 05 Apr 2024 00:54:07 GMT
mi-api: WPS
mi-cache: HIT
mi-cache-age: 77
pragma: no-cache
server: MI
server-timing: ak_p; desc="1712278696260_390277156_465669022_1273_9744_9_37_255";dur=1
surrogate-control: varnish=ESI/2.1
vary: Accept-Encoding
x-akamai-transformed: 9 20911 0 pmb=mTOE,4
x-cachebust
x-mi-in-market: 0
x-proxy-forwarding-type: BlackList
x-varnish: 415498302, 985700434 957823599

Redirect headers

Connection: Keep-Alive
Content-Length: 239
Content-Type: text/html; charset=iso-8859-1
Date: Fri, 05 Apr 2024 00:58:15 GMT
Keep-Alive: timeout=5, max=100
Location: https://www.thenewstribune.com/
Server: Apache

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
1 KB 101ms
36ms Stylesheet
text/css 142.250.185.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto+Sans:ital,wght@0,100..900;1,100..900&family=Noto+Serif:ital,wght@0,100..900;1,100..900&display=swap

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f10.1e100.net

Software

ESF /

Resource Hash

5e33790c4c6d5893103a96a4feb3b597173a66b1d9b3a9051071f9e1d5d4487d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 05 Apr 2024 00:58:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 05 Apr 2024 00:55:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 Apr 2024 00:58:16 GMT

GET
H2 200 mi-styles.cb4bf55bf75ceb107a37.css
www.thenewstribune.com/wps/build/webpack/css/ 225 KB
47 KB 86ms
85ms Stylesheet
text/css 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/wps/build/webpack/css/mi-styles.cb4bf55bf75ceb107a37.css
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: dc1cc055cf32d9bde0aaa40010601df5967d4fdfc783c3a08c1b55735ad9d3ab

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:16 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 0
x-cachebust
server-timing: ak_p; desc="1712278696390_390277156_465669132_4028_10392_9_0_255";dur=1
content-length: 48120
last-modified: Thu, 28 Mar 2024 05:16:52 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"38380-18e837d51a0"
vary: Accept-Encoding
mi-cache: MISS
x-varnish: 259462600, 164147220
content-type: text/css;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=485336
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 thenewstribunecore.js Show response
www.thenewstribune.com/yoibns-zol/ 129 KB
38 KB 103ms
103ms Script
application/javascript 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/yoibns-zol/thenewstribunecore.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 83edd69e4ee72c08daf61f8c71942aa328234e3c504c4a56a7f681288dc2e081

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:16 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 51
x-cachebust
server-timing: ak_p; desc="1712278696379_390277156_465669133_3717_9629_9_0_219";dur=1
content-length: 38387
last-modified: Thu, 04 Apr 2024 11:28:33 GMT
server: MI
etag: W/"204c0-61543a3a8ba40"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 899088602 881399930
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=180
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H/1.1 200
OK style.css
mcclatchy-next-apps-prod.s3.amazonaws.com/custom-css/all/ 272 B
665 B 375ms
135ms Stylesheet
text/css 52.216.57.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mcclatchy-next-apps-prod.s3.amazonaws.com/custom-css/all/style.css
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.216.57.89 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d8ec6349a216d77f1f33ed4bf7415efbc85895dabac621905c466e6894647cbb

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 05 Apr 2024 00:58:17 GMT
Last-Modified: Wed, 10 May 2023 23:40:01 GMT
Server: AmazonS3
x-amz-request-id: 4T9HWJM6KDWQYBMM
ETag: "2d39810a5e64f8448f15544f86081077"
x-amz-server-side-encryption: AES256
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 272
x-amz-id-2: WESLiGBFCvHswEB1Rp6mNr5opKjB85f+/FxbXdRMdVspsXi+N2A/FIUb193/iLGPDXk66gR/LLs=

GET
H2 200 776c4db2 Show response
www.thenewstribune.com/akam/13/ 26 KB
10 KB 116ms
116ms Script
application/javascript 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/akam/13/776c4db2
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a16937c0fd3fc17ce0ac92c46b48049fe0b1f90d6560a77fe3df0c636e22a17

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:16 GMT
content-encoding: gzip
x-cachebust
server-timing: ak_p; desc="1712278696632_390277156_465669530_8368_5289_9_0_146";dur=1
content-length: 8779
pragma: no-cache
last-modified: Thu, 22 Feb 2024 19:43:42 GMT
etag: "3d291d8272637ef342d698b12f94bbadad7a934749d2fb53872e6c4ac5006753"
stored-attribute-sha-checksum: 6a16937c0fd3fc17ce0ac92c46b48049fe0b1f90d6560a77fe3df0c636e22a17
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=21600
access-control-allow-credentials: false
access-control-allow-headers: *
expires: Fri, 05 Apr 2024 00:58:16 GMT

GET
H2 200 mastheadPage.bundle-ba4514999c5083eeacf2.js Show response
www.thenewstribune.com/wps/build/webpack/ 187 KB
61 KB 115ms
115ms Script
application/javascript 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/wps/build/webpack/mastheadPage.bundle-ba4514999c5083eeacf2.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 9f44fcd9f7831bb71d00b90300ae65e4d70d966bafb4ca37fc5be5df0d40e1e0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:16 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 33
x-cachebust
server-timing: ak_p; desc="1712278696379_390277156_465669134_3177_9458_9_0_219";dur=1
content-length: 61705
last-modified: Thu, 04 Apr 2024 06:43:04 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"2eca0-18ea7d8c0c0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 405975465, 630839982 636965514
content-type: application/javascript;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=547575
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 videoLoader.bundle-d8869227b1d56f53d0b5.js Show response
www.thenewstribune.com/wps/build/webpack/ 283 KB
87 KB 40ms
40ms Script
application/javascript 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/wps/build/webpack/videoLoader.bundle-d8869227b1d56f53d0b5.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 628c6c3bdd7c2f5ea63e49790c25eaa4c9f9ad9ae8ba810cd82858f456489064

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:16 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 758
x-cachebust
server-timing: ak_p; desc="1712278696745_390277156_465669750_45_12867_9_0_146";dur=1
content-length: 88755
last-modified: Thu, 04 Apr 2024 06:43:38 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"46ad0-18ea7d94590"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 439678172, 70380634 97031968
content-type: application/javascript;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=548217
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

OPTIONS
H2 204 graphql
api.dsp.mcclatchy.com/ Frame 0
0 609ms
406ms Preflight 104.126.37.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dsp.mcclatchy.com/graphql

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.37.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-126-37-152.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization, content-type, x-mcc-identity, x-mcc-session
access-control-allow-methods: GET, PATCH, POST, PUT
access-control-allow-origin: https://www.thenewstribune.com
cache-control: max-age=0, no-cache, no-store
date: Fri, 05 Apr 2024 00:58:17 GMT
expires: Fri, 05 Apr 2024 00:58:17 GMT
pragma: no-cache
server-timing: ak_p; desc="1712278696604_1753097620_77608345_36364_12511_9_97_219";dur=1
strict-transport-security: max-age=63072000
vary: Origin

POST
H2 200 graphql Show response
api.dsp.mcclatchy.com/ 66 B
887 B 174ms
174ms Fetch
application/json 104.126.37.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dsp.mcclatchy.com/graphql

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/yoibns-zol/thenewstribunecore.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.37.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-126-37-152.deploy.static.akamaitechnologies.com

Software

Resource Hash

f60413dd2940de49e26d7c52c0b49339c08cf94393b5d6930e7817cd829703ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
strict-transport-security: max-age=63072000
date: Fri, 05 Apr 2024 00:58:17 GMT
vary: Origin, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server-timing: cdn-cache; desc=MISS, edge; dur=109, origin; dur=11, ak_p; desc="1712278697122_1753097620_77609421_13879_9399_9_0_219";dur=1
content-length: 66
expires: Fri, 05 Apr 2024 00:58:17 GMT

GET
H2 200 osano.js Show response
cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/ 168 KB
46 KB 111ms
37ms Script
application/javascript 18.245.31.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/yoibns-zol/thenewstribunecore.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.31.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-100.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

c268f00342a0c6d07503dd18773ae81fe60375f91387d1e5803c5407adccd2e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 19:52:33 GMT
content-encoding: br
via: 1.1 83f37b03194be210134265ef78592588.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P8
age: 18343
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 46760
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 04 Apr 2024 19:15:41 GMT
server: CloudFront
etag: "9ef572b275b37379ed5c6c5f7263b217"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-id: G-dJH4nqGrysmPRmKZqVQSPXeMEmAgQHcDygFYAL0yndeN8gSmj2Iw==

GET
BLOB 200
OK 2f20faf1-4481-4adc-ac10-2c650b4511ab Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/2f20faf1-4481-4adc-ac10-2c650b4511ab
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/yoibns-zol/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 043344f14664fa74b1744cea3730d52f7ce3b72a717ff386e51773c2fca9aad8

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 22945108-336a-40e7-a879-b710c75333cf Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/22945108-336a-40e7-a879-b710c75333cf
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/yoibns-zol/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20eeb44faf121556f66aa5bda4c3db999a6947f165b904a91d062e95ea0f883b

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H2 200 vendorBundle.08bd31ff850ae0f066e6.js Show response
www.thenewstribune.com/yoibns-zol/ 87 KB
31 KB 38ms
38ms Script
application/javascript 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/yoibns-zol/vendorBundle.08bd31ff850ae0f066e6.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/yoibns-zol/thenewstribunecore.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: dd8928e3b759b487ee4418acab498c05884da2da460fb40b89e83c3fd2814c6c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:16 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 306
x-cachebust
server-timing: ak_p; desc="1712278696500_390277156_465669321_231_9648_9_0_219";dur=1
content-length: 31269
last-modified: Thu, 04 Apr 2024 11:28:25 GMT
server: MI
etag: W/"15d7b-61543a32ea840"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 658805733, 890801054 887101714
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=560559
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
BLOB 200
OK 56f56fbe-9fda-45e0-bb23-a032c171c901 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/56f56fbe-9fda-45e0-bb23-a032c171c901
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/yoibns-zol/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a275930458e5cff6c6205cb1fbd7f1d3b0e2015032356cf230cf4f0b8e26084

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 88497388-89a4-43bf-82f8-1fd1ca4f3f8c Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/88497388-89a4-43bf-82f8-1fd1ca4f3f8c
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/yoibns-zol/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 33be8009498ea1eef7cddac48e0d062fef76ec5a3b1a119fd58fb97be2c135b8

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 0653aed3-2477-4eb4-97a4-30d9042e3147 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/0653aed3-2477-4eb4-97a4-30d9042e3147
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/yoibns-zol/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a092ad0deb0435dd7f254e9bfa95242c2eb8b91796f2326f02087f06248d22be

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 8b219677-6863-4eb7-b608-3c5bde1e803c Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/8b219677-6863-4eb7-b608-3c5bde1e803c
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/yoibns-zol/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 18d0bacf49a666542b8bbb6174ed0040dabe6168a449bfa50a5737c3c5c5d4fc

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H2 200 danelei.08bd31ff850ae0f066e6.js Show response
www.thenewstribune.com/yoibns-zol/ 83 KB
23 KB 61ms
60ms Script
application/javascript 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/yoibns-zol/danelei.08bd31ff850ae0f066e6.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/2f20faf1-4481-4adc-ac10-2c650b4511ab
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 40590b4987c9fd9984baab57acb8a2cfc70f8ec462e58e2c90975d86c30b62c9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:16 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 304
x-cachebust
server-timing: ak_p; desc="1712278696762_390277156_465669763_346_10546_9_0_146";dur=1
content-length: 22515
last-modified: Thu, 04 Apr 2024 11:28:25 GMT
server: MI
etag: W/"14a47-61543a32ea840"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 656745509, 864861700 885855397
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=560663
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 escenic.08bd31ff850ae0f066e6.js Show response
www.thenewstribune.com/yoibns-zol/ 186 KB
50 KB 63ms
62ms Script
application/javascript 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/yoibns-zol/escenic.08bd31ff850ae0f066e6.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/22945108-336a-40e7-a879-b710c75333cf
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 714158968baec7f59fe13f9f42090f4e182e76a5343aebfa037953a80eb72f22

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:16 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 303
x-cachebust
server-timing: ak_p; desc="1712278696763_390277156_465669764_311_10533_9_0_146";dur=1
content-length: 50651
last-modified: Thu, 04 Apr 2024 11:28:33 GMT
server: MI
etag: W/"2e832-61543a3a8ba40"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 653304896 659428007
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=560588
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 netdale.08bd31ff850ae0f066e6.js Show response
www.thenewstribune.com/yoibns-zol/ 43 KB
15 KB 66ms
65ms Script
application/javascript 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/yoibns-zol/netdale.08bd31ff850ae0f066e6.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/56f56fbe-9fda-45e0-bb23-a032c171c901
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 6f7c25f72c00756bccd05b40b0786ac035ebabd3c69b6e67f90ae02a30670e7e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:16 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 302
x-cachebust
server-timing: ak_p; desc="1712278696763_390277156_465669765_296_10897_9_0_146";dur=1
content-length: 14348
last-modified: Thu, 04 Apr 2024 11:28:25 GMT
server: MI
etag: W/"ab53-61543a32ea840"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 651966741, 881697702 896076059
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=560625
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 zones.08bd31ff850ae0f066e6.js Show response
www.thenewstribune.com/yoibns-zol/ 75 KB
21 KB 82ms
82ms Script
application/javascript 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/yoibns-zol/zones.08bd31ff850ae0f066e6.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/88497388-89a4-43bf-82f8-1fd1ca4f3f8c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 6962b66dc626e993060acb3bc1c2ebdc75a90ba20e4d40e94b7e4d6e4ad0c6d4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:16 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 264
x-cachebust
server-timing: ak_p; desc="1712278696773_390277156_465669766_1379_11263_9_0_146";dur=1
content-length: 20492
last-modified: Thu, 04 Apr 2024 11:28:25 GMT
server: MI
etag: W/"12b56-61543a32ea840"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 896468634, 663847132 660439867
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=560682
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 nextCustom.08bd31ff850ae0f066e6.js Show response
www.thenewstribune.com/yoibns-zol/ 22 KB
8 KB 68ms
67ms Script
application/javascript 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/yoibns-zol/nextCustom.08bd31ff850ae0f066e6.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/0653aed3-2477-4eb4-97a4-30d9042e3147
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 049a8a5187a4c95f03cc01d55a6daa270be5b82a711125fdcb1732c84a006f6e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:16 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 294
x-cachebust
server-timing: ak_p; desc="1712278696763_390277156_465669767_300_10483_9_0_146";dur=1
content-length: 7500
last-modified: Thu, 04 Apr 2024 11:28:25 GMT
server: MI
etag: W/"56cf-61543a32ea840"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 652423489 660603628
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=560639
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 woldoni.08bd31ff850ae0f066e6.js Show response
www.thenewstribune.com/yoibns-zol/ 21 KB
7 KB 84ms
84ms Script
application/javascript 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/yoibns-zol/woldoni.08bd31ff850ae0f066e6.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/8b219677-6863-4eb7-b608-3c5bde1e803c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 211dccd9fc71815c1f2a3bf1936f08124aa5e05e3f454837441a55576e3623bb

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:16 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 290
x-cachebust
server-timing: ak_p; desc="1712278696763_390277156_465669768_1583_10311_9_0_146";dur=1
content-length: 5836
last-modified: Thu, 04 Apr 2024 11:28:25 GMT
server: MI
etag: W/"5327-61543a32ea840"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 871576000, 657723785 647154763
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=560649
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
BLOB 200
OK 89248e18-bf14-4d5b-b3c0-3d8d2be41476
https://www.thenewstribune.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/89248e18-bf14-4d5b-b3c0-3d8d2be41476
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 modal-v3.0.2.js Show response
www.thenewstribune.com/yoibns-zol/js/ 7 KB
2 KB 55ms
55ms Script
application/javascript 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/yoibns-zol/js/modal-v3.0.2.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/yoibns-zol/thenewstribunecore.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 8dab392b28d325d42c0365fdf71e1be56f966651b26f27b123246696373a4a7e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:16 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 275
x-cachebust
server-timing: ak_p; desc="1712278696689_390277156_465669642_1543_12224_9_0_219";dur=1
content-length: 2103
last-modified: Thu, 04 Apr 2024 11:28:25 GMT
server: MI
etag: W/"1b3d-61543a32ea840"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 104563819 105775184
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=560611
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 v2fnb2AI392SRgTGMK1fjeEnugWK7uqXHL7oHGZAZL5vdKfN5zLouHbUz Show response
flowerstreatment.com/ 68 KB
25 KB 100ms
40ms Script
text/javascript 34.111.134.78
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://flowerstreatment.com/v2fnb2AI392SRgTGMK1fjeEnugWK7uqXHL7oHGZAZL5vdKfN5zLouHbUz

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.134.78 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

78.134.111.34.bc.googleusercontent.com

Software

Resource Hash

9eeb411ec67a6843976f1f732dbd3e87c3a1eb2c74d0e34352e424913a7e3809

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: zstd
via: 1.1 google
date: Fri, 05 Apr 2024 00:58:16 GMT
x-datacenter: gce-europe-west1
etag: "4d5902113261c77c164283f1d103dfa85a1deb4611fd899b4c7279ab5ebb9908"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-spot-ltqf
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
x-buildnumber: 1205290244
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 logo.svg
www.thenewstribune.com/wps/build/images/newLogos/thenewstribune/ 10 KB
5 KB 88ms
88ms Image
image/svg+xml 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/wps/build/images/newLogos/thenewstribune/logo.svg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: d172d3fa9e3a275a4c24dfa2f6e93f529f8ce5ac88f40cb0b221a4e8da0a0b91

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:16 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 0
x-cachebust
server-timing: ak_p; desc="1712278696807_390277156_465669857_1022_11214_9_0_219";dur=1
content-length: 3725
last-modified: Thu, 28 Mar 2024 05:16:39 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"280d-18e837d1ed8"
mi-cache: MISS
vary: Accept-Encoding
x-varnish: 241267582, 928557121
content-type: image/svg+xml;charset=ISO-8859-1
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=486094
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2
fonts.gstatic.com/s/notosans/v36/ 38 KB
39 KB 94ms
28ms Font
font/woff2 172.217.18.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v36/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans:ital,wght@0,100..900;1,100..900&family=Noto+Serif:ital,wght@0,100..900;1,100..900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f99.1e100.net

Software

sffe /

Resource Hash

91c01ec0de315f973f4c00041b7ae25e1a790cedff79a6fbb56c571bba379142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://www.thenewstribune.com
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 17:14:11 GMT
x-content-type-options: nosniff
age: 287045
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39412
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 22:43:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Apr 2025 17:14:11 GMT

GET
H3 200 connatix.player.js Show response
cd.connatix.com/ Frame 7F68 797 B
612 B 79ms
25ms Script
application/javascript 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cd.connatix.com/connatix.player.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 127f544fea1f2f0dd61c593422b5ecdde316255c84797d594f168a41bb2d68e1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:16 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 86f596bf39e70e9d-MXP
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400

GET
H2 200 ga6daw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTYf6D30.woff2
fonts.gstatic.com/s/notoserif/v23/ 42 KB
42 KB 92ms
60ms Font
font/woff2 172.217.18.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v23/ga6daw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTYf6D30.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans:ital,wght@0,100..900;1,100..900&family=Noto+Serif:ital,wght@0,100..900;1,100..900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f99.1e100.net

Software

sffe /

Resource Hash

9d3959df4ebd84904a1622b6d7c9728f487e0c4d372f9bc2f59d0c480702f9c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://www.thenewstribune.com
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 21:05:25 GMT
x-content-type-options: nosniff
age: 273171
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43212
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 00:59:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Apr 2025 21:05:25 GMT

GET
H2 200 01RustonParkingSignMarketFramed.jpg
www.thenewstribune.com/latest-news/n5q0n3/picture280695830/alternates/LANDSCAPE_768/ 55 KB
55 KB 39ms
38ms Image
image/jpeg 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/latest-news/n5q0n3/picture280695830/alternates/LANDSCAPE_768/01RustonParkingSignMarketFramed.jpg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: b334d307a7f2e0b9d984abf570ca1db9ee9af3eba9b2fea509bb56a4ac8be0af

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:16 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 33436
x-cachebust
server-timing: ak_p; desc="1712278696819_390277156_465669874_39_9718_9_0_146";dur=1
content-length: 55995
last-modified: Mon, 01 Apr 2024 21:37:05 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "cbffd377b503578390df2e7b33704ed7"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 85526291, 915079703 879247344
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=558349
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 1_th.jpg
img.connatix.com/6ffa307f-76b5-4eb3-ada6-09a8e23d972b/ 147 KB
147 KB 156ms
103ms Image
image/webp 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.connatix.com/6ffa307f-76b5-4eb3-ada6-09a8e23d972b/1_th.jpg

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8066df3f075ae86ba09a216ad6bf71a22801537b47cb873449c66178b1f0ddc

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:16 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 150592
cf-resized: internal=ok/h q=0 n=25+0 c=6+190 v=2024.3.2 l=150592
last-modified: Tue, 10 Oct 2023 21:48:14 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfqqi1043i5GSX2mmaJa_JIOeosZ7-Tzt04sSdBa-5DQ:7e63efd2f80496db3ead125ec625929b"
vary: Accept, Accept-Encoding
access-control-allow-methods: *
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 86f596bf6ebe4c52-MXP
access-control-allow-headers: range

GET
H2 200 Burbank.jpg
www.theolympian.com/latest-news/ccyr9/picture287311420/alternates/LANDSCAPE_768/ 57 KB
58 KB 78ms
69ms Image
image/jpeg 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.theolympian.com/latest-news/ccyr9/picture287311420/alternates/LANDSCAPE_768/Burbank.jpg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: c3bd4503ec917616ac4669ca690025384c0236a32eab51e826855177613fc91d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:16 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 199
x-cachebust
server-timing: ak_p; desc="1712278696848_390277156_465669910_1800_10375_9_0_219";dur=1
content-length: 58575
last-modified: Tue, 02 Apr 2024 16:56:09 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "c823f87aecf7b33f04a7c85f57892cee"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 5049129, 798594480 800327265
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=403404
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 fug%20comp.jpg
www.thenewstribune.com/latest-news/ndx467/picture287367225/alternates/LANDSCAPE_768/ 33 KB
33 KB 52ms
50ms Image
image/jpeg 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/latest-news/ndx467/picture287367225/alternates/LANDSCAPE_768/fug%20comp.jpg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 26244febeabcf33b48f5304d38ed2818bac8bec309ed4c64bcd57bac53bd0a87

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:16 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 1415
x-cachebust
server-timing: ak_p; desc="1712278696828_390277156_465669875_753_11529_9_0_219";dur=1
content-length: 33396
last-modified: Wed, 03 Apr 2024 23:45:25 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "da1493a9a65a2488e02011d345a3b396"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 881531272, 75992791 44856303
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=516321
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 Buddys_Lincoln2.jpg
www.thenewstribune.com/latest-news/9nik1d/picture287319935/alternates/LANDSCAPE_768/ 42 KB
43 KB 37ms
36ms Image
image/jpeg 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/latest-news/9nik1d/picture287319935/alternates/LANDSCAPE_768/Buddys_Lincoln2.jpg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 7150e070ea9cffde2556688ca1519d10614a360002cc314e2cf2805e1616bcb7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:16 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 2519
x-cachebust
server-timing: ak_p; desc="1712278696819_390277156_465669876_37_9646_9_0_146";dur=1
content-length: 43109
last-modified: Tue, 02 Apr 2024 19:51:20 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "9148dd5e18d115c12e5a1fac2968a9a8"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 583551947 601260699
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=492686
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 dog%20bite.jpg
www.thenewstribune.com/latest-news/hpxaxi/picture287294095/alternates/LANDSCAPE_768/ 29 KB
30 KB 45ms
44ms Image
image/jpeg 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/latest-news/hpxaxi/picture287294095/alternates/LANDSCAPE_768/dog%20bite.jpg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 0f0bd416de7f6d50df9475de213d4f302fa4a511bbb92ea65648ad0201eca29e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:16 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 178
x-cachebust
server-timing: ak_p; desc="1712278696819_390277156_465669877_37_9545_9_0_146";dur=1
content-length: 29867
last-modified: Mon, 01 Apr 2024 22:58:36 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "3dee99b6c6ffe405f1d290a370f69c09"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 579413401 576927900
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=472047
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 1_th.jpg
img.connatix.com/c1988509-4f6c-4d74-87f6-fc29d289dd68/ 312 KB
313 KB 92ms
39ms Image
image/webp 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.connatix.com/c1988509-4f6c-4d74-87f6-fc29d289dd68/1_th.jpg

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93462df8fa31117c8fba86ca7468f54dd696d93ee8594ee0ea27c8bb608dcdea

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:16 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 319456
cf-resized: internal=ok/h q=0 n=24+0 c=9+300 v=2024.3.2 l=319456
last-modified: Fri, 25 Aug 2023 21:53:57 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cf5sVhe2ePZBj29kTJwfJTDgcZsZ7-Tzt04sSdBa-5DQ:589bebdde3be9f348c78989b9dc54b86"
vary: Accept, Accept-Encoding
access-control-allow-methods: *
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 86f596bf6ebd4c52-MXP
access-control-allow-headers: range

GET
H2 200 5f990611-1cf7-4cf6-96cf-c41f16c39b7a
www.mcclatchy-wires.com/incoming/3a0i6k/picture287406170/alternates/LANDSCAPE_768/ 53 KB
53 KB 78ms
70ms Image
image/jpeg 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mcclatchy-wires.com/incoming/3a0i6k/picture287406170/alternates/LANDSCAPE_768/5f990611-1cf7-4cf6-96cf-c41f16c39b7a
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: b7113fcc4a625bdfc2442cdef2f9b098529638f0b27a067f5dde9b0068c2fe19

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:16 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 367
x-cachebust
server-timing: ak_p; desc="1712278696847_390277156_465669929_772_13060_9_0_146";dur=1
content-length: 53816
last-modified: Fri, 05 Apr 2024 00:49:45 GMT
x-proxy-forwarding-type: WhiteList
server: MI
etag: "07ff2175d22e9f9dda8beec72bee4e82"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 1001554380, 725584141 726468638
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=604729
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 d5ff9646-2886-4fb1-b570-ae3c296a484f
www.mcclatchy-wires.com/incoming/wjsrwd/picture287405350/alternates/LANDSCAPE_768/ 20 KB
20 KB 56ms
49ms Image
image/jpeg 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mcclatchy-wires.com/incoming/wjsrwd/picture287405350/alternates/LANDSCAPE_768/d5ff9646-2886-4fb1-b570-ae3c296a484f
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 70cd7241d20f03e97a6fd7df65d56f5bd1ba507c2f3862ebaf3249f7206e3ecc

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:16 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 88
x-cachebust
server-timing: ak_p; desc="1712278696833_390277156_465669911_157_9894_9_0_146";dur=1
content-length: 20004
last-modified: Fri, 05 Apr 2024 00:06:08 GMT
x-proxy-forwarding-type: WhiteList
server: MI
etag: "0d454382ed155acf07bef5e7c08370b5"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 997523968 993560423
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=601841
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 a7d826d0-cf37-427b-bf19-2992e4a9fb1_fitted%20(1).jpeg
www.mcclatchy-partners.com/incoming/udb1vc/picture287268415/alternates/LANDSCAPE_768/ 43 KB
44 KB 305ms
36ms Image
image/jpeg 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mcclatchy-partners.com/incoming/udb1vc/picture287268415/alternates/LANDSCAPE_768/a7d826d0-cf37-427b-bf19-2992e4a9fb1_fitted%20(1).jpeg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 900bc17f4833e66506b5c6eb81b411b978b7e3bebab10640beda1eda7088f9db

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:17 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 307
x-cachebust
server-timing: ak_p; desc="1712278697087_390277156_465670336_33_10886_9_0_146";dur=1
content-length: 44374
last-modified: Mon, 01 Apr 2024 12:34:08 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "6f27a30c2c795c97b83ac435023e1e1d"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 334216665 344231488
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=303558
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 01CampSeymourKS.jpg
www.thenewstribune.com/latest-news/5x40la/picture287076740/alternates/LANDSCAPE_768/ 45 KB
45 KB 53ms
53ms Image
image/jpeg 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/latest-news/5x40la/picture287076740/alternates/LANDSCAPE_768/01CampSeymourKS.jpg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 2ccf343e4aa7ece32c7e17999731f2e6e85052070c300f11218700365bc1c75a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:16 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 311
x-cachebust
server-timing: ak_p; desc="1712278696833_390277156_465669909_170_9653_9_0_146";dur=1
content-length: 45711
last-modified: Mon, 25 Mar 2024 19:12:47 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "1a8325e074ce23d742d091d992f4f2dc"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 684526728 687704942
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=407157
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 /
cmp.osano.com/ Frame 1DE4 0
0 80ms
27ms Document
text/html 18.245.31.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.31.78 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-78.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thenewstribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: it-IT,it;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 854
alt-svc: h3=":443"; ma=86400
content-encoding: br
content-type: text/html
date: Fri, 05 Apr 2024 00:44:03 GMT
etag: W/"48a0e738f84f45eb10ccd17ff6e09429"
last-modified: Tue, 06 Feb 2024 18:00:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding Origin
via: 1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-id: bBS_pEKccD4-1XEA_3mcSLWYQJqn-eYeuxV-3NQx4DLWjQ0FYmZ2Tg==
x-amz-cf-pop: FRA56-P8
x-amz-server-side-encryption: AES256
x-amz-version-id: POJv8cLnvurN8PIkBGZX7_kfH6.eePMP
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H3 200 it.json
cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/ Frame 0
0 422ms
394ms Preflight 18.245.31.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/it.json

Protocol

Security

QUIC, , AES_128_GCM

Server

18.245.31.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-100.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 05 Apr 2024 00:58:18 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
via: 1.1 851fdca2e1873274a995295ecd94732e.cloudfront.net (CloudFront)
x-amz-cf-id: W4yjyg4tidZCx1uAt1YWOQJXQZe6mI0CecExRnHoOWTsXwQWUnoK9w==
x-amz-cf-pop: FRA56-P8
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 osano-ui.js Show response
cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/ 101 KB
25 KB 30ms
30ms Script
application/javascript 18.245.31.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano-ui.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.31.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-100.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

1c75500024a3c8c767aafcfe7f9855172d55a13fb1abcb1c05d3995be3d49e6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 19:16:07 GMT
x-amz-version-id: Fcch9xgaoaiMgFlOxNzNCFsAIpuSbC7W
content-encoding: br
x-content-type-options: nosniff
via: 1.1 83f37b03194be210134265ef78592588.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P8
age: 20530
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 04 Apr 2024 19:15:37 GMT
server: AmazonS3
etag: W/"ff8096ae05cd6a95a5fe55d5a39057f7"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: max-age=86400, no-transform, public
x-amz-cf-id: cNSVMda3YafqXVmWYgOaBZPBBkkSPCth-bFnZNXf0rpcY7BeQV2zaA==

GET
H3 200 it.json Show response
cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/ 31 KB
10 KB 28ms
28ms XHR
application/json 18.245.31.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/it.json

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

18.245.31.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-100.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

9038c228c1cf1d0662eef64a02510d249efa1c80968c95e98212884feccaccda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://www.thenewstribune.com/
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Thu, 04 Apr 2024 19:16:53 GMT
x-content-type-options: nosniff
x-amz-version-id: tzcs.035ju_N9AupH4YIL0Sf1W2n_fxE
content-encoding: br
via: 1.1 851fdca2e1873274a995295ecd94732e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P8
x-amz-server-side-encryption: AES256
age: 20485
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 04 Apr 2024 19:15:37 GMT
server: AmazonS3
etag: W/"fc1f25e151ebc36469a687fa39975748"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400, no-transform, public
vary: Accept-Encoding
x-amz-cf-id: ejZatb5Cuov0OAL6e4H7BoOtkLDMLM8r6ifPXeBPqlSW_WJuE85vpg==

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 157 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK 303ee4eb-798b-4ffb-9c0e-a8e4cf6858d9 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/303ee4eb-798b-4ffb-9c0e-a8e4cf6858d9
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c64d35bedcee579a5de631e49efcefd908e944a3fc0e937eccb21cdea40f1240

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK b348dae9-21bb-441e-91eb-44922c80c5d8 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/b348dae9-21bb-441e-91eb-44922c80c5d8
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a546948ca66cfdbf989020aa7d713223aea1af40f4f4d1ae93aa519e951e55da

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK db4eedf3-8c33-4c6c-aeaf-f33c1c51456d
https://www.thenewstribune.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/db4eedf3-8c33-4c6c-aeaf-f33c1c51456d
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

OPTIONS
H2 204 graphql
api.dsp.mcclatchy.com/ Frame 0
0 140ms
140ms Preflight 104.126.37.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dsp.mcclatchy.com/graphql

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.37.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-126-37-152.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization, content-type, x-mcc-identity, x-mcc-session
access-control-allow-methods: GET, PATCH, POST, PUT
access-control-allow-origin: https://www.thenewstribune.com
cache-control: max-age=0, no-cache, no-store
date: Fri, 05 Apr 2024 00:58:16 GMT
expires: Fri, 05 Apr 2024 00:58:16 GMT
pragma: no-cache
server-timing: ak_p; desc="1712278696881_1753097620_77608830_10226_11103_9_0_219";dur=1
strict-transport-security: max-age=63072000
vary: Origin

GET
H2 200 suggestedContent.08bd31ff850ae0f066e6.js Show response
www.thenewstribune.com/yoibns-zol/ 15 KB
5 KB 47ms
46ms Script
application/javascript 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/yoibns-zol/suggestedContent.08bd31ff850ae0f066e6.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 9a4a7896a5b785917bbebe663b9317d7fc4a60a71fbffe55146aa0a313699d97

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:16 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 240
x-cachebust
server-timing: ak_p; desc="1712278696879_390277156_465669990_1057_10467_9_0_146";dur=1
content-length: 4878
last-modified: Thu, 04 Apr 2024 11:28:25 GMT
server: MI
etag: W/"3b4f-61543a32ea840"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 662962194 656745565
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=560587
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 domkut.08bd31ff850ae0f066e6.js Show response
www.thenewstribune.com/yoibns-zol/ 7 KB
3 KB 47ms
47ms Script
application/javascript 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/yoibns-zol/domkut.08bd31ff850ae0f066e6.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 4010c084980bf15e2821a537049b206d9d3dc48a5f2805eebff3a9118c55861c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:16 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 300
x-cachebust
server-timing: ak_p; desc="1712278696889_390277156_465670005_115_9900_9_0_146";dur=1
content-length: 2362
last-modified: Thu, 04 Apr 2024 11:28:25 GMT
server: MI
etag: W/"1b30-61543a32ea840"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 640376350, 896043397 896500854
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=560636
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

POST
H2 200 graphql Show response
api.dsp.mcclatchy.com/ 125 B
947 B 168ms
166ms Fetch
application/json 104.126.37.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dsp.mcclatchy.com/graphql

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/yoibns-zol/thenewstribunecore.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.37.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-126-37-152.deploy.static.akamaitechnologies.com

Software

Resource Hash

a084cb4687796fe0d8a337abc919d941c9d9b15841988064d984129078b3a548

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
strict-transport-security: max-age=63072000
date: Fri, 05 Apr 2024 00:58:17 GMT
vary: Origin, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server-timing: cdn-cache; desc=MISS, edge; dur=93, origin; dur=18, ak_p; desc="1712278697031_1753097620_77609214_11366_10841_9_0_219";dur=1
content-length: 125
expires: Fri, 05 Apr 2024 00:58:17 GMT

GET
BLOB 200
OK f15719d4-3d18-4d76-883a-6b9a83895a50 Show response
https://www.thenewstribune.com/ 268 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/f15719d4-3d18-4d76-883a-6b9a83895a50
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bcb050bac407e09068a654b181d8300c257158f0605c818ab9958985cb652c03

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 268
Content-Type: text/javascript

GET
BLOB 200
OK 7a5af16c-8a96-41da-9783-2f616347d444 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/7a5af16c-8a96-41da-9783-2f616347d444
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65e742611f97345f5613686cc9a6380710bdd29088fe42937639b4b2d40057a4

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 51bdcf45-174c-429d-a9be-4d9bd7739ce5 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/51bdcf45-174c-429d-a9be-4d9bd7739ce5
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e7c56225761cba484a505c07320d2814dce443e9c0d77b8dd3f89318d3c9512

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H2 200 videoLoader.bundle-d8869227b1d56f53d0b5.js Show response
www.thenewstribune.com/wps/build/webpack/ 283 KB
87 KB 38ms
38ms Script
application/javascript 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/wps/build/webpack/videoLoader.bundle-d8869227b1d56f53d0b5.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 628c6c3bdd7c2f5ea63e49790c25eaa4c9f9ad9ae8ba810cd82858f456489064

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:16 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 758
x-cachebust
server-timing: ak_p; desc="1712278696949_390277156_465670109_33_10191_9_0_146";dur=1
content-length: 88755
last-modified: Thu, 04 Apr 2024 06:43:38 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"46ad0-18ea7d94590"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 439678172, 70380634 97031968
content-type: application/javascript;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=548217
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 cnx.08bd31ff850ae0f066e6.js Show response
www.thenewstribune.com/yoibns-zol/ 6 KB
2 KB 58ms
58ms Script
application/javascript 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/yoibns-zol/cnx.08bd31ff850ae0f066e6.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: c884197b78f7eaa1658d79d3788b3e0f604b2a31cfac8e48a1408b722e2a87a0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:16 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 300
x-cachebust
server-timing: ak_p; desc="1712278696964_390277156_465670142_1170_10535_9_0_146";dur=1
content-length: 1890
last-modified: Thu, 04 Apr 2024 11:28:25 GMT
server: MI
etag: W/"1682-61543a32ea840"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 90394257, 912984990 917930331
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=560604
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

POST
H2 200 httpapi Show response
api2.amplitude.com/2/ 94 B
308 B 218ms
218ms Fetch
application/json 35.161.181.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/yoibns-zol/escenic.08bd31ff850ae0f066e6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.161.181.150 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-161-181-150.us-west-2.compute.amazonaws.com

Software

Resource Hash

9df45bca75f40361bb4237ecadba9cea31e342d6257b9a2c5909dc3eecd3b5d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Accept: */*
Referer: https://www.thenewstribune.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:17 GMT
strict-transport-security: max-age=15768000
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
trace-id: Root=1-660f4ca9-51340cf406dcde00679daa76
content-length: 94

OPTIONS
H2 200 httpapi
api2.amplitude.com/2/ Frame 0
0 577ms
189ms Preflight 35.161.181.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.161.181.150 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-161-181-150.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
date: Fri, 05 Apr 2024 00:58:17 GMT
strict-transport-security: max-age=15768000

GET
H3 200 elLoader.js Show response
cds.connatix.com/p/461608/ Frame 7F68 3 KB
2 KB 44ms
27ms Script
application/javascript 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/461608/elLoader.js
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa0ba3e329b42ad936e98375c23a70c763bc8a9baedce516500f22c38a13c9bc

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:16 GMT
x-amz-version-id: Hquf01orUdDUbg4ufBV84x95htl9qSt_
content-encoding: br
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 04 Apr 2024 12:30:14 GMT
server: cloudflare
etag: W/"408fa0c0683e8da338e2313d12dd44e8"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
cf-ray: 86f596c01a970e9d-MXP
access-control-allow-headers: range
expires: Sat, 05 Apr 2025 00:58:16 GMT

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
483 B 109ms
26ms Image
image/gif 18.66.112.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?adslot=ad_300x250_400989
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-27.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 20:21:19 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 189418
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: kblEoX7KTzm5tGojTrAjU8ADVG_s7MjdAGTbGTjEpISUPuzv9FGKFA==

GET
H2 200 sponsored.08bd31ff850ae0f066e6.js Show response
www.thenewstribune.com/yoibns-zol/ 5 KB
2 KB 56ms
55ms Script
application/javascript 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/yoibns-zol/sponsored.08bd31ff850ae0f066e6.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: aef12165837b623d13889120b8b3435f600065385fb4bd594721e42db2df57be

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:16 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 275
x-cachebust
server-timing: ak_p; desc="1712278696975_390277156_465670158_1127_10977_9_0_146";dur=1
content-length: 1909
last-modified: Thu, 04 Apr 2024 11:28:25 GMT
server: MI
etag: W/"145e-61543a32ea840"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 93438797, 909221439 916357656
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=560637
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
BLOB 200
OK 1e22797f-d28c-4388-a181-e2ebab7050d9 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/1e22797f-d28c-4388-a181-e2ebab7050d9
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 38304e5c3ca09a804ce4ee00a27b93cd0009e10993a1ab4a42b07b77907695a9

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 742e77b1-d332-462f-aa94-94af7469d81e Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/742e77b1-d332-462f-aa94-94af7469d81e
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 423c13eaf2df3fecc7cda2b2532c8ae530c6db03e7aa2356406461293af9f1bb

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 966f1f5e-749d-4dc0-8ff4-360717574b19 Show response
https://www.thenewstribune.com/ 268 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/966f1f5e-749d-4dc0-8ff4-360717574b19
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e89e0a03ec1205ef9c3d12072b324dbc59023f41c92f99626becf25de46311b1

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 268
Content-Type: text/javascript

GET
BLOB 200
OK dfc63abf-b076-4665-b3ba-f60a6fadd230 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/dfc63abf-b076-4665-b3ba-f60a6fadd230
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc877ff7395eccf9a45bf6dcb638011f15c40b568943f95fccbb4401c80b1a89

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK d14a0ebc-9bba-4ae1-8ad8-cb589eff5565 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/d14a0ebc-9bba-4ae1-8ad8-cb589eff5565
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: add88b7a6c32b312e72bfe9f25c06fd369263f949a7390bc27746d165cdadbc0

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK ebb05c9b-331b-49da-ae1c-b8933c8c1959 Show response
https://www.thenewstribune.com/ 268 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/ebb05c9b-331b-49da-ae1c-b8933c8c1959
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0b7129d7ee51ef87076a357b4879185b775c653742a3548f2b9239bf5702fdd2

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 268
Content-Type: text/javascript

OPTIONS
H2 200 userprofile
profile-api.amplitude.com/v1/ Frame 0
0 569ms
187ms Preflight 52.35.48.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://profile-api.amplitude.com/v1/userprofile?device_id=612140c5-3811-418f-89a7-ce101332c9f2&user_id=&get_amp_props=true&get_cohort_ids=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.35.48.138 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-35-48-138.us-west-2.compute.amazonaws.com

Software

Jetty(9.4.54.v20240208) /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.thenewstribune.com
access-control-max-age: 1800
date: Fri, 05 Apr 2024 00:58:17 GMT
server: Jetty(9.4.54.v20240208)
vary: Origin
x-amzn-trace-id: Root=1-660f4ca9-354e96f6259e09a765363640
x-content-type-options: nosniff

OPTIONS
H2 200 userprofile
profile-api.amplitude.com/v1/ Frame 0
0 568ms
187ms Preflight 52.35.48.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://profile-api.amplitude.com/v1/userprofile?device_id=612140c5-3811-418f-89a7-ce101332c9f2&user_id=&get_amp_props=true&get_cohort_ids=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.35.48.138 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-35-48-138.us-west-2.compute.amazonaws.com

Software

Jetty(9.4.54.v20240208) /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.thenewstribune.com
access-control-max-age: 1800
date: Fri, 05 Apr 2024 00:58:17 GMT
server: Jetty(9.4.54.v20240208)
vary: Origin
x-amzn-trace-id: Root=1-660f4ca9-78f0b4d157e85fb97bb3791c
x-content-type-options: nosniff

OPTIONS
H2 200 vardata
api.lab.amplitude.com/sdk/ Frame 0
0 63ms
16ms Preflight 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.thenewstribune.com
access-control-max-age: 1800
age: 1150
cache-control: no-store
content-length: 0
date: Fri, 05 Apr 2024 00:58:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amzn-trace-id: Root=1-660f482b-26b061db3236419f750636aa
x-cache: HIT
x-cache-hits: 73
x-content-type-options: nosniff
x-served-by: cache-lin2290028-LIN
x-timer: S1712278697.024009,VS0,VE0

OPTIONS
H2 200 userprofile
profile-api.amplitude.com/v1/ Frame 0
0 567ms
187ms Preflight 52.35.48.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://profile-api.amplitude.com/v1/userprofile?device_id=612140c5-3811-418f-89a7-ce101332c9f2&user_id=&get_amp_props=true&get_cohort_ids=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.35.48.138 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-35-48-138.us-west-2.compute.amazonaws.com

Software

Jetty(9.4.54.v20240208) /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.thenewstribune.com
access-control-max-age: 1800
date: Fri, 05 Apr 2024 00:58:17 GMT
server: Jetty(9.4.54.v20240208)
vary: Origin
x-amzn-trace-id: Root=1-660f4ca9-5849ee46723d3cdf7c55e19a
x-content-type-options: nosniff

OPTIONS
H2 200 vardata
api.lab.amplitude.com/sdk/ Frame 0
0 63ms
17ms Preflight 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.thenewstribune.com
access-control-max-age: 1800
age: 1150
cache-control: no-store
content-length: 0
date: Fri, 05 Apr 2024 00:58:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amzn-trace-id: Root=1-660f482b-26b061db3236419f750636aa
x-cache: HIT
x-cache-hits: 75
x-content-type-options: nosniff
x-served-by: cache-lin2290028-LIN
x-timer: S1712278697.024189,VS0,VE0

OPTIONS
H2 200 vardata
api.lab.amplitude.com/sdk/ Frame 0
0 62ms
17ms Preflight 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.thenewstribune.com
access-control-max-age: 1800
age: 1150
cache-control: no-store
content-length: 0
date: Fri, 05 Apr 2024 00:58:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amzn-trace-id: Root=1-660f482b-26b061db3236419f750636aa
x-cache: HIT
x-cache-hits: 76
x-content-type-options: nosniff
x-served-by: cache-lin2290028-LIN
x-timer: S1712278697.024213,VS0,VE0

GET
H2 200 userprofile Show response
profile-api.amplitude.com/v1/ 323 B
523 B 201ms
201ms Fetch
application/json 52.35.48.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://profile-api.amplitude.com/v1/userprofile?device_id=612140c5-3811-418f-89a7-ce101332c9f2&user_id=&get_amp_props=true&get_cohort_ids=true

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/yoibns-zol/thenewstribunecore.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.35.48.138 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-35-48-138.us-west-2.compute.amazonaws.com

Software

Jetty(9.4.54.v20240208) /

Resource Hash

2542418fdbee01b2fdbdd86ac037bffd0975ce82ea4a6b20c77d08327a720b36

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Api-Key 5b9692cfc25dd38c13c7782c17376864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Jetty(9.4.54.v20240208)
x-amzn-trace-id: Root=1-660f4ca9-20414bb26b3a7ccf6714f430
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
access-control-allow-credentials: true

GET
H2 200 userprofile Show response
profile-api.amplitude.com/v1/ 323 B
522 B 198ms
197ms Fetch
application/json 52.35.48.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://profile-api.amplitude.com/v1/userprofile?device_id=612140c5-3811-418f-89a7-ce101332c9f2&user_id=&get_amp_props=true&get_cohort_ids=true

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/yoibns-zol/thenewstribunecore.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.35.48.138 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-35-48-138.us-west-2.compute.amazonaws.com

Software

Jetty(9.4.54.v20240208) /

Resource Hash

2542418fdbee01b2fdbdd86ac037bffd0975ce82ea4a6b20c77d08327a720b36

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Api-Key 5b9692cfc25dd38c13c7782c17376864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Jetty(9.4.54.v20240208)
x-amzn-trace-id: Root=1-660f4ca9-310faea03b5fb7602632c44d
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
access-control-allow-credentials: true

OPTIONS
H2 200 vardata
api.lab.amplitude.com/sdk/ Frame 0
0 61ms
16ms Preflight 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.thenewstribune.com
access-control-max-age: 1800
age: 1150
cache-control: no-store
content-length: 0
date: Fri, 05 Apr 2024 00:58:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amzn-trace-id: Root=1-660f482b-26b061db3236419f750636aa
x-cache: HIT
x-cache-hits: 74
x-content-type-options: nosniff
x-served-by: cache-lin2290028-LIN
x-timer: S1712278697.024162,VS0,VE0

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 2 B
144 B 243ms
243ms Fetch
application/json 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/yoibns-zol/woldoni.08bd31ff850ae0f066e6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Authorization: Api-Key client-G6ik2oCuLtpn6c9TpIT8ZRXe4JHPDDn9
X-Amp-Exp-User: eyJkZXZpY2VfaWQiOiI2MTIxNDBjNS0zODExLTQxOGYtODlhNy1jZTEwMTMzMmM5ZjIiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwibGFuZ3VhZ2UiOiJlbi1VUyIsImxpYnJhcnkiOiJ5ei1leHAtY2xpZW50LzEuMCIsIm9zIjoiQ2hyb21lIDEyMyIsInBsYXRmb3JtIjoiV2ViIiwidXNlcl9pZCI6IiIsInVzZXJfcHJvcGVydGllcyI6eyJidXNpbmVzc191bml0IjoiVE5UIiwiY2Fub25pY2FsX3VybCI6Imh0dHBzOi8vd3d3LnRoZW5ld3N0cmlidW5lLmNvbS8iLCJjbXNfaWQiOiJIb21lcGFnZTo3MTAxIiwiY29udGVudF9zZXJ2aWNlIjoiUHJvZHVjdDogRXNjZW5pYyIsImZ1bGxfdXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsImhhc19mb2N1cyI6InllcyIsImlmcmFtZV9uZXN0aW5nIjoidG9wIiwicGFnZV9sZXZlbCI6IkhvbWUiLCJwYWdlX25hbWUiOiJIb21lOkhvbWVwYWdlIiwicGFnZV9wYXRoIjoiLyIsInB1YmxpY2F0aW9uX25hbWUiOiJUaGUgTmV3cyBUcmlidW5lIiwicmVmZXJyaW5nX2hvc3QiOiJub19yZWZlcnJlciIsInNka19pbml0X3N0YXR1cyI6InN0b3JhZ2UiLCJzZWN0aW9uIjoiSG9tZXBhZ2UiLCJzZXJ2ZXIiOiJ3d3cudGhlbmV3c3RyaWJ1bmUuY29tIiwidGF4b25vbXkiOiJfSG9tZVBhZ2V8fHx8IiwidXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsInZpc2l0X251bWJlciI6MSwiYnJhemVfdXNlcl9hbGlhcyI6IjYxMjE0MGM1LTM4MTEtNDE4Zi04OWE3LWNlMTAxMzMyYzlmMiIsImRldmljZV9wbW9kZSI6IjAiLCJkZXZpY2Vfb3JpZW50YXRpb24iOiJ1bnN1cHBvcnRlZCIsImRldmljZV9zY3JlZW5fc2l6ZSI6IjgwMHg2MDAiLCJkZXZpY2VfdHlwZSI6Im90aGVyIiwibG9nZ2VkX2luIjpmYWxzZSwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjMuMC4wLjAgU2FmYXJpLzUzNy4zNiIsImZsYWdfa2V5IjoiMjRoYXJkLXBheXdhbGwtZXhwZXJpbWVudCIsImRhdGUiOiIyMDI0LTA0LTA1In19
Referer: https://www.thenewstribune.com/
X-Amp-Exp-Flag-Keys: WyIyNGhhcmQtcGF5d2FsbC1leHBlcmltZW50Il0=
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
age: 0
x-cache: MISS
content-length: 2
x-served-by: cache-lin2290028-LIN
x-timer: S1712278697.042358,VS0,VE226
x-amzn-trace-id: Root=1-660f4ca9-062d40ac7784240b3ff0f52b
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 userprofile Show response
profile-api.amplitude.com/v1/ 323 B
523 B 202ms
202ms Fetch
application/json 52.35.48.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://profile-api.amplitude.com/v1/userprofile?device_id=612140c5-3811-418f-89a7-ce101332c9f2&user_id=&get_amp_props=true&get_cohort_ids=true

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/yoibns-zol/thenewstribunecore.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.35.48.138 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-35-48-138.us-west-2.compute.amazonaws.com

Software

Jetty(9.4.54.v20240208) /

Resource Hash

2542418fdbee01b2fdbdd86ac037bffd0975ce82ea4a6b20c77d08327a720b36

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Api-Key 5b9692cfc25dd38c13c7782c17376864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Jetty(9.4.54.v20240208)
x-amzn-trace-id: Root=1-660f4ca9-4b1707877b7724b9004ea4de
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
access-control-allow-credentials: true

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 22 B
195 B 246ms
246ms Fetch
application/json 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/yoibns-zol/woldoni.08bd31ff850ae0f066e6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d35851b6105713ee65d3d0de39a15b81aac4e989ab552d8383fad0618b374e83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Authorization: Api-Key client-G6ik2oCuLtpn6c9TpIT8ZRXe4JHPDDn9
X-Amp-Exp-User: eyJkZXZpY2VfaWQiOiI2MTIxNDBjNS0zODExLTQxOGYtODlhNy1jZTEwMTMzMmM5ZjIiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwibGFuZ3VhZ2UiOiJlbi1VUyIsImxpYnJhcnkiOiJ5ei1leHAtY2xpZW50LzEuMCIsIm9zIjoiQ2hyb21lIDEyMyIsInBsYXRmb3JtIjoiV2ViIiwidXNlcl9pZCI6IiIsInVzZXJfcHJvcGVydGllcyI6eyJidXNpbmVzc191bml0IjoiVE5UIiwiY2Fub25pY2FsX3VybCI6Imh0dHBzOi8vd3d3LnRoZW5ld3N0cmlidW5lLmNvbS8iLCJjbXNfaWQiOiJIb21lcGFnZTo3MTAxIiwiY29udGVudF9zZXJ2aWNlIjoiUHJvZHVjdDogRXNjZW5pYyIsImZ1bGxfdXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsImhhc19mb2N1cyI6InllcyIsImlmcmFtZV9uZXN0aW5nIjoidG9wIiwicGFnZV9sZXZlbCI6IkhvbWUiLCJwYWdlX25hbWUiOiJIb21lOkhvbWVwYWdlIiwicGFnZV9wYXRoIjoiLyIsInB1YmxpY2F0aW9uX25hbWUiOiJUaGUgTmV3cyBUcmlidW5lIiwicmVmZXJyaW5nX2hvc3QiOiJub19yZWZlcnJlciIsInNka19pbml0X3N0YXR1cyI6InN0b3JhZ2UiLCJzZWN0aW9uIjoiSG9tZXBhZ2UiLCJzZXJ2ZXIiOiJ3d3cudGhlbmV3c3RyaWJ1bmUuY29tIiwidGF4b25vbXkiOiJfSG9tZVBhZ2V8fHx8IiwidXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsInZpc2l0X251bWJlciI6MSwiYnJhemVfdXNlcl9hbGlhcyI6IjYxMjE0MGM1LTM4MTEtNDE4Zi04OWE3LWNlMTAxMzMyYzlmMiIsImRldmljZV9wbW9kZSI6IjAiLCJkZXZpY2Vfb3JpZW50YXRpb24iOiJ1bnN1cHBvcnRlZCIsImRldmljZV9zY3JlZW5fc2l6ZSI6IjgwMHg2MDAiLCJkZXZpY2VfdHlwZSI6Im90aGVyIiwibG9nZ2VkX2luIjpmYWxzZSwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjMuMC4wLjAgU2FmYXJpLzUzNy4zNiIsImZsYWdfa2V5IjoidXNhZ2UiLCJkYXRlIjoiMjAyNC0wNC0wNSJ9fQ==
Referer: https://www.thenewstribune.com/
X-Amp-Exp-Flag-Keys: WyJ1c2FnZSJd
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 0
x-cache: HIT
content-length: 42
x-served-by: cache-lin2290028-LIN
x-timer: S1712278697.042575,VS0,VE228
x-amzn-trace-id: Root=1-660f4ca9-7b681d550ebcd8014c1b95f0
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 22 B
140 B 245ms
245ms Fetch
application/json 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/yoibns-zol/woldoni.08bd31ff850ae0f066e6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d35851b6105713ee65d3d0de39a15b81aac4e989ab552d8383fad0618b374e83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Authorization: Api-Key client-G6ik2oCuLtpn6c9TpIT8ZRXe4JHPDDn9
X-Amp-Exp-User: eyJkZXZpY2VfaWQiOiI2MTIxNDBjNS0zODExLTQxOGYtODlhNy1jZTEwMTMzMmM5ZjIiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwibGFuZ3VhZ2UiOiJlbi1VUyIsImxpYnJhcnkiOiJ5ei1leHAtY2xpZW50LzEuMCIsIm9zIjoiQ2hyb21lIDEyMyIsInBsYXRmb3JtIjoiV2ViIiwidXNlcl9pZCI6IiIsInVzZXJfcHJvcGVydGllcyI6eyJidXNpbmVzc191bml0IjoiVE5UIiwiY2Fub25pY2FsX3VybCI6Imh0dHBzOi8vd3d3LnRoZW5ld3N0cmlidW5lLmNvbS8iLCJjbXNfaWQiOiJIb21lcGFnZTo3MTAxIiwiY29udGVudF9zZXJ2aWNlIjoiUHJvZHVjdDogRXNjZW5pYyIsImZ1bGxfdXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsImhhc19mb2N1cyI6InllcyIsImlmcmFtZV9uZXN0aW5nIjoidG9wIiwicGFnZV9sZXZlbCI6IkhvbWUiLCJwYWdlX25hbWUiOiJIb21lOkhvbWVwYWdlIiwicGFnZV9wYXRoIjoiLyIsInB1YmxpY2F0aW9uX25hbWUiOiJUaGUgTmV3cyBUcmlidW5lIiwicmVmZXJyaW5nX2hvc3QiOiJub19yZWZlcnJlciIsInNka19pbml0X3N0YXR1cyI6InN0b3JhZ2UiLCJzZWN0aW9uIjoiSG9tZXBhZ2UiLCJzZXJ2ZXIiOiJ3d3cudGhlbmV3c3RyaWJ1bmUuY29tIiwidGF4b25vbXkiOiJfSG9tZVBhZ2V8fHx8IiwidXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsInZpc2l0X251bWJlciI6MSwiYnJhemVfdXNlcl9hbGlhcyI6IjYxMjE0MGM1LTM4MTEtNDE4Zi04OWE3LWNlMTAxMzMyYzlmMiIsImRldmljZV9wbW9kZSI6IjAiLCJkZXZpY2Vfb3JpZW50YXRpb24iOiJ1bnN1cHBvcnRlZCIsImRldmljZV9zY3JlZW5fc2l6ZSI6IjgwMHg2MDAiLCJkZXZpY2VfdHlwZSI6Im90aGVyIiwibG9nZ2VkX2luIjpmYWxzZSwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjMuMC4wLjAgU2FmYXJpLzUzNy4zNiIsImZsYWdfa2V5IjoidXNhZ2UiLCJkYXRlIjoiMjAyNC0wNC0wNSJ9fQ==
Referer: https://www.thenewstribune.com/
X-Amp-Exp-Flag-Keys: WyJ1c2FnZSJd
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 0
x-cache: MISS
content-length: 42
x-served-by: cache-lin2290028-LIN
x-timer: S1712278697.042559,VS0,VE228
x-amzn-trace-id: Root=1-660f4ca9-7b681d550ebcd8014c1b95f0
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 22 B
111 B 247ms
246ms Fetch
application/json 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/yoibns-zol/woldoni.08bd31ff850ae0f066e6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d35851b6105713ee65d3d0de39a15b81aac4e989ab552d8383fad0618b374e83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Authorization: Api-Key client-G6ik2oCuLtpn6c9TpIT8ZRXe4JHPDDn9
X-Amp-Exp-User: eyJkZXZpY2VfaWQiOiI2MTIxNDBjNS0zODExLTQxOGYtODlhNy1jZTEwMTMzMmM5ZjIiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwibGFuZ3VhZ2UiOiJlbi1VUyIsImxpYnJhcnkiOiJ5ei1leHAtY2xpZW50LzEuMCIsIm9zIjoiQ2hyb21lIDEyMyIsInBsYXRmb3JtIjoiV2ViIiwidXNlcl9pZCI6IiIsInVzZXJfcHJvcGVydGllcyI6eyJidXNpbmVzc191bml0IjoiVE5UIiwiY2Fub25pY2FsX3VybCI6Imh0dHBzOi8vd3d3LnRoZW5ld3N0cmlidW5lLmNvbS8iLCJjbXNfaWQiOiJIb21lcGFnZTo3MTAxIiwiY29udGVudF9zZXJ2aWNlIjoiUHJvZHVjdDogRXNjZW5pYyIsImZ1bGxfdXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsImhhc19mb2N1cyI6InllcyIsImlmcmFtZV9uZXN0aW5nIjoidG9wIiwicGFnZV9sZXZlbCI6IkhvbWUiLCJwYWdlX25hbWUiOiJIb21lOkhvbWVwYWdlIiwicGFnZV9wYXRoIjoiLyIsInB1YmxpY2F0aW9uX25hbWUiOiJUaGUgTmV3cyBUcmlidW5lIiwicmVmZXJyaW5nX2hvc3QiOiJub19yZWZlcnJlciIsInNka19pbml0X3N0YXR1cyI6InN0b3JhZ2UiLCJzZWN0aW9uIjoiSG9tZXBhZ2UiLCJzZXJ2ZXIiOiJ3d3cudGhlbmV3c3RyaWJ1bmUuY29tIiwidGF4b25vbXkiOiJfSG9tZVBhZ2V8fHx8IiwidXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsInZpc2l0X251bWJlciI6MSwiYnJhemVfdXNlcl9hbGlhcyI6IjYxMjE0MGM1LTM4MTEtNDE4Zi04OWE3LWNlMTAxMzMyYzlmMiIsImRldmljZV9wbW9kZSI6IjAiLCJkZXZpY2Vfb3JpZW50YXRpb24iOiJ1bnN1cHBvcnRlZCIsImRldmljZV9zY3JlZW5fc2l6ZSI6IjgwMHg2MDAiLCJkZXZpY2VfdHlwZSI6Im90aGVyIiwibG9nZ2VkX2luIjpmYWxzZSwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjMuMC4wLjAgU2FmYXJpLzUzNy4zNiIsImZsYWdfa2V5IjoidXNhZ2UiLCJkYXRlIjoiMjAyNC0wNC0wNSJ9fQ==
Referer: https://www.thenewstribune.com/
X-Amp-Exp-Flag-Keys: WyJ1c2FnZSJd
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 0
x-cache: HIT
content-length: 42
x-served-by: cache-lin2290028-LIN
x-timer: S1712278697.042591,VS0,VE228
x-amzn-trace-id: Root=1-660f4ca9-7b681d550ebcd8014c1b95f0
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 performance.08bd31ff850ae0f066e6.js Show response
www.thenewstribune.com/yoibns-zol/ 14 KB
5 KB 40ms
40ms Script
application/javascript 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/yoibns-zol/performance.08bd31ff850ae0f066e6.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: b725042d8e83aec9c41bc90a41496bdcac96d450f13fdd011fb866d5c821e701

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:16 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 284
x-cachebust
server-timing: ak_p; desc="1712278696987_390277156_465670179_87_9885_9_0_146";dur=1
content-length: 4675
last-modified: Thu, 04 Apr 2024 11:28:25 GMT
server: MI
etag: W/"3879-61543a32ea840"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 656448841, 887722584 897811349
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=560554
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 quarantine.08bd31ff850ae0f066e6.js Show response
www.thenewstribune.com/yoibns-zol/ 30 KB
10 KB 40ms
40ms Script
application/javascript 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/yoibns-zol/quarantine.08bd31ff850ae0f066e6.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ab2dbf9a0ed82a1460ff737492fae60343a46c7a427fa5d947af324a44c03681

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:16 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 283
x-cachebust
server-timing: ak_p; desc="1712278696987_390277156_465670180_267_9922_9_0_146";dur=1
content-length: 10187
last-modified: Thu, 04 Apr 2024 11:28:25 GMT
server: MI
etag: W/"76d2-61543a32ea840"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 654255398, 886644937 876749120
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=560647
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 footerBundle.08bd31ff850ae0f066e6.js Show response
www.thenewstribune.com/yoibns-zol/ 3 KB
1 KB 54ms
54ms Script
application/javascript 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/yoibns-zol/footerBundle.08bd31ff850ae0f066e6.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: df2957d3c22ec130165e61139a6cd1736c70ef7a241e41f4a90fbc3da022099b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:17 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 300
x-cachebust
server-timing: ak_p; desc="1712278696987_390277156_465670181_414_9804_9_0_146";dur=1
content-length: 890
last-modified: Thu, 04 Apr 2024 11:28:25 GMT
server: MI
etag: W/"a75-61543a32ea840"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 661258347, 896043403 882351977
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=560645
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 miFooter.08bd31ff850ae0f066e6.js Show response
www.thenewstribune.com/yoibns-zol/ 12 KB
4 KB 58ms
56ms Script
application/javascript 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/yoibns-zol/miFooter.08bd31ff850ae0f066e6.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: f2a4f275e69e2531611967eca799b51590fdcad36fb0b2f4f1be28806e719c76

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:17 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 265
x-cachebust
server-timing: ak_p; desc="1712278697004_390277156_465670206_407_12253_9_0_146";dur=1
content-length: 3765
last-modified: Thu, 04 Apr 2024 11:28:25 GMT
server: MI
etag: W/"2e3b-61543a32ea840"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 656647198 660439875
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=560626
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H3 200 connatix.player.dc.js Show response
cds.connatix.com/p/461608/ Frame 7F68 587 KB
163 KB 38ms
38ms Script
application/javascript 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/461608/connatix.player.dc.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/461608/elLoader.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed69dc44b5e58d6ac0810c7b45c8b4f8e71c94a983b55ae156a8d036d49e8e4e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:17 GMT
x-amz-version-id: u0drI_2F1Yc44g8nj8Qo1l26mSwNXo6L
content-encoding: br
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 04 Apr 2024 12:30:14 GMT
server: cloudflare
etag: W/"5f0b221ad63c9326e71fd3f948bd3d07"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
cf-ray: 86f596c04ab60e9d-MXP
access-control-allow-headers: range
expires: Sat, 05 Apr 2025 00:58:17 GMT

GET
BLOB 200
OK 0c2f413b-f6c8-4461-8576-e694bcfc904f Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/0c2f413b-f6c8-4461-8576-e694bcfc904f
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: abe3ac72ebc0a423818ca1b707078688fc103b8c591da65e52fbe603fcc941cc

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 1605fb02-a808-4a56-a7a6-c998f8faf625 Show response
https://www.thenewstribune.com/ 382 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/1605fb02-a808-4a56-a7a6-c998f8faf625
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 28289a2f4966ca287709dc7fda448623ca940527d9df5a2723602b522173196f

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 382
Content-Type: [object object]

GET
BLOB 200
OK 3e694726-3ef3-4597-adeb-afbee7023c48 Show response
https://www.thenewstribune.com/ Frame 602B 466 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/3e694726-3ef3-4597-adeb-afbee7023c48
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d10f564111b281963c5fb5366bf9a944c91d141643ea0e711f7a9803d49f1b2a

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 466
Content-Type: text/javascript

GET
BLOB 200
OK adfd5146-3d3f-49c8-a1be-d49957f99686 Show response
https://www.thenewstribune.com/ Frame 9786 555 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/adfd5146-3d3f-49c8-a1be-d49957f99686
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e862bf1e216f81d079dc802b0dae8313937d4857175abb0f4706ec8f8f07cdc

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 555
Content-Type: text/javascript

GET
BLOB 200
OK b773e49d-87d0-4904-80c4-cf9557c24593 Show response
https://www.thenewstribune.com/ Frame DE7E 590 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/b773e49d-87d0-4904-80c4-cf9557c24593
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fbf5a809affc2436edaeec5bf7b723d8feaf4f9e7cbd8ba5f7f0f1e237b17f27

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 590
Content-Type: text/javascript

GET
H2 200 pdp.gif
www.thenewstribune.com/yoibns-zol/ 42 B
460 B 155ms
155ms Image
image/gif 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/yoibns-zol/pdp.gif?k=eyJpZCI6Im1pX3RpX3RudF82MTIxNDBjNS0zODExLTQxOGYtODlhNy1jZTEwMTMzMmM5ZjJfMTcxMjI3ODY5NjkyN18xNzEyMjc4Njk2OTAzIiwiZG9tSW50ZXJhY3RpdmUiOjIyMTksInJlcXVlc3RTdGFydCI6MTY5N30=
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:17 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 44486
x-cachebust
server-timing: ak_p; desc="1712278697052_390277156_465670278_11842_11397_9_0_146";dur=1
content-length: 42
last-modified: Thu, 04 Apr 2024 11:28:25 GMT
server: MI
etag: "2a-61543a32ea840"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 103515811, 987565348 907683601
content-type: image/gif
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=86400
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame 602B 4 KB
2 KB 139ms
40ms Script
application/javascript 65.9.95.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/3e694726-3ef3-4597-adeb-afbee7023c48
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-111.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 04:58:04 GMT
content-encoding: gzip
via: 1.1 7bb80b5d9f75710222feac15033d6af0.cloudfront.net (CloudFront)
last-modified: Thu, 07 Dec 2023 12:13:41 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 72265
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: -4yqyx6i2fx1blPmwFofFZYgmITt-L1kftwwNfqD-MJ2fDr1lgOCyg==

GET
H2

200

ml.br.js Show response
js.matheranalytics.com/static/ltm/ma12095/all/11/ Frame 9786
Redirect Chain

https://js.matheranalytics.com/s/ma12095/74930801/all/ml.js?cb=1652
https://js.matheranalytics.com/static/ltm/ma12095/all/11/ml.br.js

148 KB
43 KB

18ms
17ms

Script
application/x-javascript

107.178.250.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.matheranalytics.com/static/ltm/ma12095/all/11/ml.br.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Server: 107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.250.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8856cb0a8fb9615673fae7be84a0bac4128660b2eac4492c648dd38e19746bd8

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Thu, 04 Apr 2024 21:43:54 GMT
content-encoding: br
via: 1.1 google
last-modified: Fri, 17 Nov 2023 15:14:59 GMT
server: nginx
age: 11663
etag: "7c7b83c1a7aee9d99fa9f7b5fa2e2f6c"
vary: Accept-Encoding
x-cache: HIT Fri, 17 Nov 2023 15:29:13 GMT
content-type: application/x-javascript
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43804

Redirect headers

date: Fri, 05 Apr 2024 00:58:17 GMT
via: 1.1 google
server: nginx
vary: Accept-Encoding
location: https://js.matheranalytics.com/static/ltm/ma12095/all/11/ml.br.js
cache-control: public, max-age=269200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-served-by: 1-gc-europe-west6-8j341034

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 22 B
135 B 221ms
221ms Fetch
application/json 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/yoibns-zol/woldoni.08bd31ff850ae0f066e6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d35851b6105713ee65d3d0de39a15b81aac4e989ab552d8383fad0618b374e83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Authorization: Api-Key client-G6ik2oCuLtpn6c9TpIT8ZRXe4JHPDDn9
X-Amp-Exp-User: eyJkZXZpY2VfaWQiOiI2MTIxNDBjNS0zODExLTQxOGYtODlhNy1jZTEwMTMzMmM5ZjIiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwibGFuZ3VhZ2UiOiJlbi1VUyIsImxpYnJhcnkiOiJ5ei1leHAtY2xpZW50LzEuMCIsIm9zIjoiQ2hyb21lIDEyMyIsInBsYXRmb3JtIjoiV2ViIiwidXNlcl9pZCI6IiIsInVzZXJfcHJvcGVydGllcyI6eyJidXNpbmVzc191bml0IjoiVE5UIiwiY2Fub25pY2FsX3VybCI6Imh0dHBzOi8vd3d3LnRoZW5ld3N0cmlidW5lLmNvbS8iLCJjbXNfaWQiOiJIb21lcGFnZTo3MTAxIiwiY29udGVudF9zZXJ2aWNlIjoiUHJvZHVjdDogRXNjZW5pYyIsImZ1bGxfdXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsImhhc19mb2N1cyI6InllcyIsImlmcmFtZV9uZXN0aW5nIjoidG9wIiwicGFnZV9sZXZlbCI6IkhvbWUiLCJwYWdlX25hbWUiOiJIb21lOkhvbWVwYWdlIiwicGFnZV9wYXRoIjoiLyIsInB1YmxpY2F0aW9uX25hbWUiOiJUaGUgTmV3cyBUcmlidW5lIiwicmVmZXJyaW5nX2hvc3QiOiJub19yZWZlcnJlciIsInNka19pbml0X3N0YXR1cyI6InN0b3JhZ2UiLCJzZWN0aW9uIjoiSG9tZXBhZ2UiLCJzZXJ2ZXIiOiJ3d3cudGhlbmV3c3RyaWJ1bmUuY29tIiwidGF4b25vbXkiOiJfSG9tZVBhZ2V8fHx8IiwidXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsInZpc2l0X251bWJlciI6MSwiYnJhemVfdXNlcl9hbGlhcyI6IjYxMjE0MGM1LTM4MTEtNDE4Zi04OWE3LWNlMTAxMzMyYzlmMiIsImRldmljZV9wbW9kZSI6IjAiLCJkZXZpY2Vfb3JpZW50YXRpb24iOiJ1bnN1cHBvcnRlZCIsImRldmljZV9zY3JlZW5fc2l6ZSI6IjgwMHg2MDAiLCJkZXZpY2VfdHlwZSI6Im90aGVyIiwibG9nZ2VkX2luIjpmYWxzZSwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjMuMC4wLjAgU2FmYXJpLzUzNy4zNiIsImZsYWdfa2V5IjoidXNhZ2UiLCJkYXRlIjoiMjAyNC0wNC0wNSJ9fQ==
Referer: https://www.thenewstribune.com/
X-Amp-Exp-Flag-Keys: WyJ1c2FnZSJd
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 0
x-cache: HIT
content-length: 42
x-served-by: cache-lin2290028-LIN
x-timer: S1712278697.066188,VS0,VE204
x-amzn-trace-id: Root=1-660f4ca9-7b681d550ebcd8014c1b95f0
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 2

OPTIONS
H2 200 vardata
api.lab.amplitude.com/sdk/ Frame 0
0 17ms
16ms Preflight 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.thenewstribune.com
access-control-max-age: 1800
age: 1150
cache-control: no-store
content-length: 0
date: Fri, 05 Apr 2024 00:58:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amzn-trace-id: Root=1-660f482b-26b061db3236419f750636aa
x-cache: HIT
x-cache-hits: 77
x-content-type-options: nosniff
x-served-by: cache-lin2290028-LIN
x-timer: S1712278697.049244,VS0,VE0

GET fullcontact.js
tags.fullcontact.com/anon/ Frame DE7E 0
0

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ Frame 9786 43 B
245 B 474ms
114ms Image
image/gif 54.166.51.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pv&page=ml&hier=_HomePage&ptype=homepage&pubname=The%20News%20Tribune&sec=Homepage&tv=js-3.0.165&tna=Mather&aid=v1&p=web&tz=Europe%2FRome&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=800x600&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=11&tvcfg=all&tid=366855c8-f47d-4b6d-9139-f401cb4dedec&pid=af247b01-f5cf-4470-b13a-018f67e5295a&dtm=1712278697162&qnm=_matherq&visible=1&tabid=ef1b3808-c520-48f3-a05b-4ae054e87def&refr=https%3A%2F%2Fwww.thenewstribune.com%2F&url=https%3A%2F%2Fwww.thenewstribune.com%2F&vrefr=https%3A%2F%2Fwww.thenewstribune.com%2F&vp=0x0&ds=0x0&tofa=1712278697&vid=1&lvidt=1712278697&duid=ecfa0915-ce14-4555-a0f4-3909cfccb94e&fp=2783822544&cid=ma12095&mrk=74930801&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTcxMjI3ODY5NDU4NSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIyMC4xNTM2MTNtYiIsImhlYXBUIjoiMjYuODEyMzQ5bWIiLCJmc3RQYWludCI6IjIxNzgiLCJmZXRjaFMiOiIxMzYzIiwiZG9tYWluUyI6IjE2MzUiLCJkb21haW5FIjoiMTYzNSIsImNvbm5TIjoiMTYzNSIsImNvbm5FIjoiMTY5NiIsInNzbFMiOiIxNjUwIiwicmVxdVMiOiIxNjk2IiwicmVzcFMiOiIxNzQ1IiwicmVzcEUiOiIxNzUzIiwiZG9tTG9hZCI6IjE3NDgiLCJkb21JbnRlciI6IjIyMTgiLCJkb21Mb2FkUyI6IjIyNDciLCJkb21Mb2FkRSI6IjIyNTAifX0
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.166.51.141 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-166-51-141.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date: Fri, 05 Apr 2024 00:58:17 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
BLOB 200
OK ca25a36a-b83b-4a6b-99ae-ca4f3ab54e1a Show response
https://www.thenewstribune.com/ 268 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/ca25a36a-b83b-4a6b-99ae-ca4f3ab54e1a
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99fdec747b2329d95e5a1eddfa8923d19884f623c531a026ea58a4cdc62747b2

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 268
Content-Type: text/javascript

GET
H2 200 naeliya.08bd31ff850ae0f066e6.js Show response
www.thenewstribune.com/yoibns-zol/ 8 KB
3 KB 37ms
37ms Script
application/javascript 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/yoibns-zol/naeliya.08bd31ff850ae0f066e6.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 4113ffe4bc912a18cc3f528d9d030fd011d99a0bb0109fc5f606e5c90d61420f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:17 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 283
x-cachebust
server-timing: ak_p; desc="1712278697194_390277156_465670518_125_10434_9_0_146";dur=1
content-length: 2602
last-modified: Thu, 04 Apr 2024 11:28:25 GMT
server: MI
etag: W/"2034-61543a32ea840"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 659358541, 900038762 894632673
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=560620
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 204 b
sb.scorecardresearch.com/ Frame 602B 0
225 B 54ms
54ms Image
text/plain 65.9.95.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6035363&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1712278697178&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fwww.thenewstribune.com%2F&c8=Tacoma%20WA%20Breaking%20News%2C%20Crime%20%26%20More%20%7C%20Tacoma%20News%20Tribune&c9=https%3A%2F%2Fwww.thenewstribune.com%2F
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-111.prg50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:17 GMT
via: 1.1 7bb80b5d9f75710222feac15033d6af0.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: _ravPzy_RT65tYilPw9ShMkFsWF5wuRjQdiaxiKq-XoKhSFWRGctEQ==
x-cache: Miss from cloudfront

GET
BLOB 200
OK 08247283-215f-4caf-ad8a-aa5fb130793b Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/08247283-215f-4caf-ad8a-aa5fb130793b
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b58b8ca6976b60a8e73fa71bb28b16937f5690209b9c936c6db7bd01cb1cb3b4

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 8efbb7bd-6a2c-4cc3-8029-f7349e1875dd Show response
https://www.thenewstribune.com/ 268 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/8efbb7bd-6a2c-4cc3-8029-f7349e1875dd
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57afe71ac655314241050d36be66fba3f3b5baa4f47c41132a6f12603ee0d305

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 268
Content-Type: text/javascript

GET
BLOB 200
OK 040df77d-daf4-4f9d-a0ee-8ac78caf32e5 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/040df77d-daf4-4f9d-a0ee-8ac78caf32e5
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3fad3989db4364e84fa3adc76cf002739f4c4fdba066eb3c8227bbfcfd736111

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 86f9d377-df6b-4080-91ab-2ba5ef4e0933 Show response
https://www.thenewstribune.com/ 354 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/86f9d377-df6b-4080-91ab-2ba5ef4e0933
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cff127a97aa223e1d9817b69c60c9f981d518821e22e229ab20ef825bc04ff3b

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 354
Content-Type: [object object]

GET
BLOB 200
OK aadbfc6d-3026-4d22-85f9-383a5a7e93b3 Show response
https://www.thenewstribune.com/ Frame 8319 594 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/aadbfc6d-3026-4d22-85f9-383a5a7e93b3
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c941903fd0e0008296070d47ca240561a8006e92a7af4281afdc0057940cc2b0

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 594
Content-Type: text/javascript

GET
BLOB 200
OK 7ce930d4-f2d9-4aa1-bfd6-ee60cc7d6091 Show response
https://www.thenewstribune.com/ Frame C957 512 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/7ce930d4-f2d9-4aa1-bfd6-ee60cc7d6091
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aeefaae7e90680816ec89d5a80f2e8e9f07ef6a56a1d66fa2f8dc07a8a92b820

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 512
Content-Type: text/javascript

GET
BLOB 200
OK d16df9ca-0b44-4665-ae0f-67b4f911cf12 Show response
https://www.thenewstribune.com/ Frame D433 724 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/d16df9ca-0b44-4665-ae0f-67b4f911cf12
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7eefee06bdc64fa60ef5e0752071498970f1f5a8d76832bffe09b4f6ce5e1767

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 724
Content-Type: text/javascript

GET
BLOB 200
OK 1c09c729-5ca2-44c9-9473-936f5566569c Show response
https://www.thenewstribune.com/ Frame 7E68 510 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/1c09c729-5ca2-44c9-9473-936f5566569c
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d722b262f280460d6f3092516abf3ad852bf0f5082e9a9727470be6e8dfef07b

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 510
Content-Type: text/javascript

GET
BLOB 200
OK a258805d-5559-46dc-92ee-15de88cf1cd6 Show response
https://www.thenewstribune.com/ Frame 53E2 464 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/a258805d-5559-46dc-92ee-15de88cf1cd6
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6e4be20312e2b84c81275836c74764a61075c14fc7c58073c778e61efd19428

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 464
Content-Type: text/javascript

GET
BLOB 200
OK db414497-fad8-436b-97c4-c07e9f94a7cc Show response
https://www.thenewstribune.com/ Frame 9FE2 893 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/db414497-fad8-436b-97c4-c07e9f94a7cc
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 33560c1b3cdb0f0066d12bc667eaffaeadae008628e5d945d8e8758c0d7859a2

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 893
Content-Type: text/javascript

POST
H2 200 pixel_776c4db2 Show response
www.thenewstribune.com/akam/13/ 0
819 B 47ms
47ms XHR
text/html 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/akam/13/pixel_776c4db2
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/akam/13/776c4db2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 05 Apr 2024 00:58:17 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=0, no-cache
access-control-allow-credentials: false
x-cachebust
server-timing: ak_p; desc="1712278697352_390277156_465670769_1493_6335_9_0_219";dur=1
access-control-allow-headers: *
content-length: 0
expires: Fri, 05 Apr 2024 00:58:17 GMT

GET
H2 200 pageLoad.08bd31ff850ae0f066e6.js Show response
www.thenewstribune.com/yoibns-zol/ 4 KB
2 KB 51ms
51ms Script
application/javascript 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/yoibns-zol/pageLoad.08bd31ff850ae0f066e6.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: d33fe436efda4387ab1cc80a99689b7b504775b2aa828d3e6c48d04ac2369648

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:17 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 282
x-cachebust
server-timing: ak_p; desc="1712278697363_390277156_465670785_527_12971_9_0_146";dur=1
content-length: 1569
last-modified: Thu, 04 Apr 2024 11:28:25 GMT
server: MI
etag: W/"f0c-61543a32ea840"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 887101981 877045532
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=560558
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 hanealneh.08bd31ff850ae0f066e6.js Show response
www.thenewstribune.com/yoibns-zol/ 173 KB
48 KB 48ms
48ms Script
application/javascript 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/yoibns-zol/hanealneh.08bd31ff850ae0f066e6.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 7ccd32d3fde65cf4e7cfa1713cf95eaa7a64b270ba67c053cd8c735870862835

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:17 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 298
x-cachebust
server-timing: ak_p; desc="1712278697360_390277156_465670786_315_9724_9_0_146";dur=1
content-length: 48695
last-modified: Thu, 04 Apr 2024 11:28:25 GMT
server: MI
etag: W/"2b3b1-61543a32ea840"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 656220021 657528623
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=560574
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 chatbot.08bd31ff850ae0f066e6.js Show response
www.thenewstribune.com/yoibns-zol/ 4 KB
2 KB 49ms
49ms Script
application/javascript 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/yoibns-zol/chatbot.08bd31ff850ae0f066e6.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: d7bdbba4c2d51d9824f4aefd5897876241e37d083442db4bafc5b1795760f1e3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:17 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 302
x-cachebust
server-timing: ak_p; desc="1712278697360_390277156_465670787_719_9677_9_0_146";dur=1
content-length: 1776
last-modified: Thu, 04 Apr 2024 11:28:25 GMT
server: MI
etag: W/"10db-61543a32ea840"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 915966368 913443308
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=560604
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 pdp.gif
www.thenewstribune.com/yoibns-zol/ 42 B
460 B 168ms
168ms Image
image/gif 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/yoibns-zol/pdp.gif?k=eyJpZCI6Im1pX3RpX3RudF82MTIxNDBjNS0zODExLTQxOGYtODlhNy1jZTEwMTMzMmM5ZjJfMTcxMjI3ODY5NjkyN18xNzEyMjc4Njk2OTAzIiwibG9hZEV2ZW50U3RhcnQiOjI2MzN9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:17 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 44486
x-cachebust
server-timing: ak_p; desc="1712278697361_390277156_465670788_12436_11718_9_0_146";dur=1
content-length: 42
last-modified: Thu, 04 Apr 2024 11:28:25 GMT
server: MI
etag: "2a-61543a32ea840"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 103515811, 987565349 907683601
content-type: image/gif
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=86342
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 favicon-32.png
www.thenewstribune.com/wps/build/images/thenewstribune/ 411 B
872 B 43ms
43ms Other
image/png 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/wps/build/images/thenewstribune/favicon-32.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: a1a850fd1774ef1f9ad3314570b39867b72669a78e9dc00c7dbae09e3e81a010

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:17 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 137046
x-cachebust
server-timing: ak_p; desc="1712278697360_390277156_465670789_84_9671_9_0_219";dur=1
content-length: 411
last-modified: Thu, 28 Mar 2024 05:16:38 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"19b-18e837d1af0"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 333253020, 769361634 529140766
content-type: image/png;charset=ISO-8859-1
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=475495
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 tag.aspx Show response
ml314.com/ Frame 8319 33 KB
11 KB 79ms
18ms Script
application/javascript 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?53
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/aadbfc6d-3026-4d22-85f9-383a5a7e93b3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c613bd0434cd5a0f6d1db345a5b36c8bdc6339e96ffde9695340aa1094399f43

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:29:25 GMT
via: 1.1 google
content-encoding: br
age: 1732
x-guploader-uploadid: ABPtcPrfw9jZlkijhp4uKWq3qlGXj0pKCe4Chr8DNUsEmOdMre5hxKzfqESkQ-d8CWnFkp1qMA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10617
last-modified: Tue, 19 Mar 2024 18:01:29 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1710871289439515
x-goog-hash: crc32c=HinCJA==, md5=x4MOkeS+jF0j70aOQ9M5fQ==
content-type: application/javascript
cache-id: MIL-43570e0b
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 34224
accept-ranges: bytes

OPTIONS
H2 200 userprofile
profile-api.amplitude.com/v1/ Frame 0
0 194ms
187ms Preflight 52.35.48.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://profile-api.amplitude.com/v1/userprofile?device_id=612140c5-3811-418f-89a7-ce101332c9f2&user_id=&comp_id=apflrqef

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.35.48.138 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-35-48-138.us-west-2.compute.amazonaws.com

Software

Jetty(9.4.54.v20240208) /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.thenewstribune.com
access-control-max-age: 1800
date: Fri, 05 Apr 2024 00:58:17 GMT
server: Jetty(9.4.54.v20240208)
vary: Origin
x-amzn-trace-id: Root=1-660f4ca9-1f96395f171d34b33073e980
x-content-type-options: nosniff

GET
H2 400 userprofile Show response
profile-api.amplitude.com/v1/ 331 B
600 B 200ms
200ms Fetch
application/json 52.35.48.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://profile-api.amplitude.com/v1/userprofile?device_id=612140c5-3811-418f-89a7-ce101332c9f2&user_id=&comp_id=apflrqef

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/yoibns-zol/thenewstribunecore.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.35.48.138 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-35-48-138.us-west-2.compute.amazonaws.com

Software

Jetty(9.4.54.v20240208) /

Resource Hash

1dc6e7262014dd38edeba28d24bfd58d9f6cf602d492af2f4728fdab09074892

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Api-Key 5b9692cfc25dd38c13c7782c17376864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:17 GMT
x-content-type-options: nosniff
server: Jetty(9.4.54.v20240208)
x-amzn-trace-id: Root=1-660f4ca9-0f528b4a6b692a60787e830b
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
access-control-allow-credentials: true
content-length: 331

OPTIONS
H2 200 vardata
api.lab.amplitude.com/sdk/ Frame 0
0 16ms
16ms Preflight 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.thenewstribune.com
access-control-max-age: 1800
age: 1150
cache-control: no-store
content-length: 0
date: Fri, 05 Apr 2024 00:58:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amzn-trace-id: Root=1-660f482b-26b061db3236419f750636aa
x-cache: HIT
x-cache-hits: 78
x-content-type-options: nosniff
x-served-by: cache-lin2290028-LIN
x-timer: S1712278697.351160,VS0,VE0

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 374 B
356 B 207ms
206ms Fetch
application/json 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/yoibns-zol/woldoni.08bd31ff850ae0f066e6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

096d737de4e9d2ccaf1e6b46be90c8d4cc8e5186e13eb2a0d3936509c3512040

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Authorization: Api-Key client-G6ik2oCuLtpn6c9TpIT8ZRXe4JHPDDn9
X-Amp-Exp-User: eyJkZXZpY2VfaWQiOiI2MTIxNDBjNS0zODExLTQxOGYtODlhNy1jZTEwMTMzMmM5ZjIiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwibGFuZ3VhZ2UiOiJlbi1VUyIsImxpYnJhcnkiOiJ5ei1leHAtY2xpZW50LzEuMCIsIm9zIjoiQ2hyb21lIDEyMyIsInBsYXRmb3JtIjoiV2ViIiwidXNlcl9pZCI6IiIsInVzZXJfcHJvcGVydGllcyI6eyJidXNpbmVzc191bml0IjoiVE5UIiwiY2Fub25pY2FsX3VybCI6Imh0dHBzOi8vd3d3LnRoZW5ld3N0cmlidW5lLmNvbS8iLCJjbXNfaWQiOiJIb21lcGFnZTo3MTAxIiwiY29udGVudF9zZXJ2aWNlIjoiUHJvZHVjdDogRXNjZW5pYyIsImZ1bGxfdXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsImhhc19mb2N1cyI6InllcyIsImlmcmFtZV9uZXN0aW5nIjoidG9wIiwicGFnZV9sZXZlbCI6IkhvbWUiLCJwYWdlX25hbWUiOiJIb21lOkhvbWVwYWdlIiwicGFnZV9wYXRoIjoiLyIsInB1YmxpY2F0aW9uX25hbWUiOiJUaGUgTmV3cyBUcmlidW5lIiwicmVmZXJyaW5nX2hvc3QiOiJub19yZWZlcnJlciIsInNka19pbml0X3N0YXR1cyI6InN0b3JhZ2UiLCJzZWN0aW9uIjoiSG9tZXBhZ2UiLCJzZXJ2ZXIiOiJ3d3cudGhlbmV3c3RyaWJ1bmUuY29tIiwidGF4b25vbXkiOiJfSG9tZVBhZ2V8fHx8IiwidXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsInZpc2l0X251bWJlciI6MSwiYnJhemVfdXNlcl9hbGlhcyI6IjYxMjE0MGM1LTM4MTEtNDE4Zi04OWE3LWNlMTAxMzMyYzlmMiIsImRldmljZV9wbW9kZSI6IjAiLCJkZXZpY2Vfb3JpZW50YXRpb24iOiJ1bnN1cHBvcnRlZCIsImRldmljZV9zY3JlZW5fc2l6ZSI6IjgwMHg2MDAiLCJkZXZpY2VfdHlwZSI6Im90aGVyIiwibG9nZ2VkX2luIjpmYWxzZSwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjMuMC4wLjAgU2FmYXJpLzUzNy4zNiIsImZsYWdfa2V5Ijoic29waGktdGVzdC1ncm91cC10aWVyLTIiLCJkYXRlIjoiMjAyNC0wNC0wNSJ9fQ==
Referer: https://www.thenewstribune.com/
X-Amp-Exp-Flag-Keys: WyJzb3BoaS10ZXN0LWdyb3VwLXRpZXItMiJd
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 0
x-cache: MISS
content-length: 260
x-served-by: cache-lin2290028-LIN
x-timer: S1712278697.368078,VS0,VE190
x-amzn-trace-id: Root=1-660f4ca9-0dbc03ad1254d9f809a5177b
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2

200

analytics-1.5.12.min.js Show response
cdn.keywee.co/dist/ Frame C957
Redirect Chain

https://cdn.keywee.co/dist/analytics.min.js
https://cdn.keywee.co/dist/analytics-1.5.12.min.js

22 KB
8 KB

40ms
40ms

Script
application/javascript

65.9.95.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.keywee.co/dist/analytics-1.5.12.min.js
Protocol: H2
Server: 65.9.95.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-52.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d29d84e698eb10452f97d8a6f249b73496beb844cef58e920e3832bd321d64a2

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Tue, 02 Apr 2024 05:01:44 GMT
content-encoding: gzip
via: 1.1 32f35b6a71829a460d6fdae31f270164.cloudfront.net (CloudFront)
last-modified: Mon, 28 Dec 2020 09:55:56 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 244594
etag: W/"13a05c433850fad0455e2ee1a1707eb0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=259200,public
x-amz-cf-id: a0hroRUvKhx01aQo7tpnx2LnyiU7_kZgRBpZoRtT65lw0lKDn4C2Uw==

Redirect headers

date: Fri, 05 Apr 2024 00:41:02 GMT
via: 1.1 32f35b6a71829a460d6fdae31f270164.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 1036
x-cache: Hit from cloudfront
location: /dist/analytics-1.5.12.min.js
content-length: 0
x-amz-cf-id: PMsPfsShae5ZG21xAbqTRarXhnkMzDpI42M5XcfN92qMuHuym7b9rQ==

GET
H2 200 events.js Show response
tags.srv.stackadapt.com/ Frame D433 18 KB
7 KB 180ms
118ms Script
text/javascript 3.73.232.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/d16df9ca-0b44-4665-ae0f-67b4f911cf12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.73.232.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-232-59.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: d8b4c5dd1d5c48f607331cc629d2cdf72311778309e8ff759d0cda3211fb5408

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Fri, 05 Apr 2024 00:58:17 GMT
cache-control: max-age=5
content-encoding: gzip
content-type: text/javascript

GET
H2

200

m
secure-us.imrworldwide.com/cgi-bin/ Frame 7E68
Redirect Chain

https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.thenewstribune.com/&rp=&ts=compact&rnd=1712278697342
https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.thenewstribune.com/&rp=&ts=compact&rnd=1712278697342&ja=1

44 B
424 B

56ms
56ms

Image
image/gif

52.213.253.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.thenewstribune.com/&rp=&ts=compact&rnd=1712278697342&ja=1
Protocol: H2
Server: 52.213.253.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-253-4.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Apr 2024 00:58:17 GMT
server: nginx
accept-ch: Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-us.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 05 Apr 2024 00:58:17 GMT
server: nginx
accept-ch: Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-us.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
location: https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.thenewstribune.com/&rp=&ts=compact&rnd=1712278697342&ja=1
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-length: 0
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 quant.js Show response
edge.quantserve.com/ Frame 53E2 23 KB
9 KB 96ms
29ms Script
application/javascript 91.228.74.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.quantserve.com/quant.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/a258805d-5559-46dc-92ee-15de88cf1cd6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.159 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:17 GMT
content-encoding: gzip
etag: "bvEECQq4Zy6gU9J/qv1O6Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Fri, 12 Apr 2024 00:58:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 9FE2 197 KB
72 KB 101ms
42ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-48278079-1

Requested by

Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/db414497-fad8-436b-97c4-c07e9f94a7cc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

52aaa1abe9c4f150936f6bafd00d5679c57c0d8e23d55a0e085cdc94231ce03c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73182
x-xss-protection: 0
last-modified: Fri, 05 Apr 2024 00:09:03 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 05 Apr 2024 00:58:17 GMT

POST
H2 200 051cb28e00903b5f1a33c76e30da8c25b47c569e Show response
scissorsstatement.com/0/824f8be0e463/ 303 B
816 B 104ms
44ms Fetch
application/json 34.160.169.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://scissorsstatement.com/0/824f8be0e463/051cb28e00903b5f1a33c76e30da8c25b47c569e

Requested by

Host: flowerstreatment.com
URL: https://flowerstreatment.com/v2fnb2AI392SRgTGMK1fjeEnugWK7uqXHL7oHGZAZL5vdKfN5zLouHbUz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.160.169.226 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

226.169.160.34.bc.googleusercontent.com

Software

Resource Hash

16d5275c40737437fb8673e2e76508537d2e890ccf93b793bc8ef439b42bb9ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Fri, 05 Apr 2024 00:58:17 GMT
via: 1.1 google
x-buildnumber: 1205290244
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 303
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
x-hostname: fen-hoothoot-europe-west1-spot-ltqf
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Fri, 05 Apr 2024 00:58:16 GMT

GET
H2 200 tag.js Show response
lptag.liveperson.net/tag/ 26 KB
10 KB 188ms
42ms Script
application/javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/tag/tag.js?site=2196236

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

f9a5649d70f74cde04ab0c3f8a8f41810772e9970befa7fee8e339bcf4dd3b08

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 18:56:18 GMT
server: ws
etag: "65414dd2-24b8"
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length: 9400

OPTIONS
H2 200 /
sdk.iad-05.braze.com/api/v3/data/ Frame 0
0 369ms
313ms Preflight 104.18.33.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-05.braze.com/api/v3/data/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.33.216 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-triggersrequest,x-requested-with
Access-Control-Request-Method: POST
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-triggersrequest,x-requested-with
access-control-allow-methods: POST, GET
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
cf-cache-status: DYNAMIC
cf-ray: 86f596c32acd0dc6-MXP
content-encoding: gzip
date: Fri, 05 Apr 2024 00:58:17 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

POST
H2 201 / Show response
sdk.iad-05.braze.com/api/v3/data/ 402 B
594 B 535ms
535ms XHR
application/json 104.18.33.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-05.braze.com/api/v3/data/

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/yoibns-zol/hanealneh.08bd31ff850ae0f066e6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.33.216 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e580b0d91f4818660e047e862fea67a19d3015d719c54a4dba25123c06b2f9da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
X-Braze-Api-Key: 83d75cce-ff55-432f-b0b6-78b7ba1ad6a8
X-Braze-TriggersRequest: true
X-Braze-DataRequest: true
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type: application/json
X-Braze-Last-Req-Ms-Ago: 7200000
Referer: https://www.thenewstribune.com/
X-Requested-With: XMLHttpRequest
accept-language: it-IT,it;q=0.9
X-Braze-Req-Attempt: 1
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:18 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: b9ead7fb-9aae-4f95-b370-a2cb67c9c1b5
x-runtime: 0.152287
server: cloudflare
etag: W/"e580b0d91f4818660e047e862fea67a1"
vary: Origin,Accept-Encoding
access-control-allow-methods: POST, GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
x-ratelimit-reset: 1712278701
access-control-max-age: 7200
x-ratelimit-limit: 500.0
cf-ray: 86f596c51c970dc6-MXP
x-ratelimit-remaining: 497.0

GET
H2 200 webpush_desktop_en.svg Show response
www.thenewstribune.com/yoibns-zol/messaging/ 62 KB
24 KB 48ms
48ms XHR
image/svg+xml 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/yoibns-zol/messaging/webpush_desktop_en.svg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/yoibns-zol/thenewstribunecore.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 0bb3754e5ea2f7bc2ee48c5dd9511630fd8440667c48040c7f7b1ae2cbec4d55

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:17 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 258
x-cachebust
server-timing: ak_p; desc="1712278697412_390277156_465670895_1257_10204_9_0_219";dur=1
content-length: 23970
last-modified: Thu, 04 Apr 2024 11:28:25 GMT
server: MI
etag: "f802-61543a32ea840"
mi-cache: HIT
vary: Accept-Encoding
x-varnish: 95239908, 906143253 913574398
content-type: image/svg+xml
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=560555
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 rules-p-50B2Fi6bBqYto.js Show response
rules.quantcount.com/ Frame 53E2 1 KB
1 KB 88ms
27ms Script
application/javascript 18.66.102.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-50B2Fi6bBqYto.js
Requested by: Host: edge.quantserve.com
URL: https://edge.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.102.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-15.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 75d9d212e2811afea51e1b0d425566c5b3f2be843066b5a8f91f9df7c328cda6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:30:59 GMT
content-encoding: gzip
via: 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1661
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 13 Oct 2022 22:15:13 GMT
server: AmazonS3
etag: W/"52f4ba3839d01c1dbb310f6ef96bde89"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: WvFk_B8mHtysadPKS4zWZpTNnoNpkvLTX72PpOGfTfLVsOuDspWDFA==

GET
H2 200 favicon-196.png
www.thenewstribune.com/wps/build/images/thenewstribune/ 1 KB
2 KB 36ms
35ms Image
image/png 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/wps/build/images/thenewstribune/favicon-196.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: df966430d36d0f9a0c25cb72a40a5f24a4c82d3eebb4a9f51ad563d328487eaf

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:17 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 90530
x-cachebust
server-timing: ak_p; desc="1712278697466_390277156_465670996_33_9995_9_0_146";dur=1
content-length: 1104
last-modified: Thu, 28 Mar 2024 05:16:38 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"450-18e837d1af0"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 305657278, 83957631 987498811
content-type: image/png;charset=ISO-8859-1
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=93640
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

POST
H2 200 c7c0b233cfef175acc9673490cbe76c895c1143e11feec Show response
scissorsstatement.com/5faab1/ 3 B
66 B 37ms
37ms Fetch
application/json 34.160.169.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://scissorsstatement.com/5faab1/c7c0b233cfef175acc9673490cbe76c895c1143e11feec

Requested by

Host: flowerstreatment.com
URL: https://flowerstreatment.com/v2fnb2AI392SRgTGMK1fjeEnugWK7uqXHL7oHGZAZL5vdKfN5zLouHbUz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.160.169.226 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

226.169.160.34.bc.googleusercontent.com

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Fri, 05 Apr 2024 00:58:17 GMT
via: 1.1 google
x-buildnumber: 1205290244
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
x-hostname: fen-hoothoot-europe-west1-spot-ltqf
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Fri, 05 Apr 2024 00:58:16 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 9FE2 254 KB
89 KB 47ms
47ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WMTZ88VSK5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-48278079-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

01ad26e5a1b53ef98cc866f1adba993e70b0b9e8c0c95b5fc7c8272c499f71bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90632
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 05 Apr 2024 00:58:17 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 9FE2 52 KB
21 KB 93ms
29ms Script
text/javascript 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-48278079-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 04 Apr 2024 23:48:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4209
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 05 Apr 2024 01:48:08 GMT

GET
H2 200 sa.css
tags.srv.stackadapt.com/ Frame D433 65 B
203 B 117ms
117ms Stylesheet
text/css 3.73.232.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.73.232.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-232-59.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: ca365f2768229edf4b53e7a7123dc8a9b45bf8edaa0ac04c3c33d858e601abdf

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Fri, 05 Apr 2024 00:58:17 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 65
content-type: text/css

GET
H2 200 sa.jpeg Show response
tags.srv.stackadapt.com/ Frame D433 0
2 KB 175ms
118ms Fetch
image/jpeg 3.73.232.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.73.232.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-232-59.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Fri, 05 Apr 2024 00:58:17 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 651
content-type: image/jpeg

GET
H2 200 3010.js Show response
cdn.keywee.co/config/ Frame C957 233 B
573 B 56ms
55ms Script
application/javascript 65.9.95.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.keywee.co/config/3010.js
Requested by: Host: cdn.keywee.co
URL: https://cdn.keywee.co/dist/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-52.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5f3013245f4ee591e331364ee5044664a65048925168bfee28037bb16082f5b2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 21:45:31 GMT
via: 1.1 32f35b6a71829a460d6fdae31f270164.cloudfront.net (CloudFront)
last-modified: Fri, 25 Feb 2022 21:45:07 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 11566
etag: "81210c02155f33808ec1fb7ec890dfee"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
content-length: 233
x-amz-cf-id: EukM-UP2_7i9AAevGtOYFf-sWCzWwo6hnNmkMPJBmrz9fXPWfio3Aw==

OPTIONS
H2 200 httpapi
api2.amplitude.com/2/ Frame 0
0 190ms
190ms Preflight 35.161.181.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.161.181.150 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-161-181-150.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
date: Fri, 05 Apr 2024 00:58:17 GMT
strict-transport-security: max-age=15768000

POST
H2 200 httpapi Show response
api2.amplitude.com/2/ 94 B
308 B 219ms
219ms Fetch
application/json 35.161.181.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/yoibns-zol/escenic.08bd31ff850ae0f066e6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.161.181.150 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-161-181-150.us-west-2.compute.amazonaws.com

Software

Resource Hash

6f28aaf1531a9eaf16758dc039f16a49e9e8c8d19a32c28a92b751604fd11fc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Accept: */*
Referer: https://www.thenewstribune.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:17 GMT
strict-transport-security: max-age=15768000
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
trace-id: Root=1-660f4ca9-113e32691314805634909a14
content-length: 94

GET
H2 200 .jsonp Show response
lptag.liveperson.net/lptag/api/account/2196236/configuration/applications/taglets/ 341 KB
120 KB 80ms
80ms Script
application/x-javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/lptag/api/account/2196236/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

86a57504cf0c4719335f01a1eb3403b7c55f06ebcb38428e7368868c843411dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: ws
x-cache-status: HIT
access-control-allow-methods: GET, POST, PATCH
content-type: application/x-javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 saq_pxl Show response
tags.srv.stackadapt.com/ Frame D433 238 B
437 B 123ms
123ms XHR
text/plain 3.73.232.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=XDbR9bgzYgamKCe5q8YQuw,%20hXFHelqg_0qGLqDaoIkgLQ,%20GHZN9LleKWz0uNsDtvQTcQ&is_js=true&landing_url=https%3A%2F%2Fwww.thenewstribune.com%2F&t=sapx&tip=OnHTTW-EO1qnx2iW-kdL2Q3X6xvaoiT-kI2eZmPo7zA&host=https%3A%2F%2Fwww.thenewstribune.com&sa_conv_data_css_value=%270-91262720-6c8e-576a-680e-d94059283e91%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9912627206c8e576a680ed94059283e919566ed4c&sa-user-id-v3=s%253AAQAKIKsx2MSpbOdCLEjbLqrfRInuAsuB8mp2RdOS61xhJWnmEHwYBCCpmb2wBjABOgT7-sM6QgS0r0cu.KCv%252B%252FtErJ%252BRvFClNIiu8fIiyvZ9hnrpr5qXUvaeiPnk&sa-user-id-v2=s%253AkSYnIGyOV2poDtlAWSg-kZVm7Uw.rYQmAtHlzqlkJVHUyEC1PXqD%252B3mhA9O%252BwlzfeQQy%252B2U&sa-user-id=s%253A0-91262720-6c8e-576a-680e-d94059283e91.uMwK3hxcyVJq8H90RU0NaNsEdEfSURLUmo%252F73ENO8oQ
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.73.232.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-232-59.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68b8e71982e93fa7dd2f406283c640fa9e5cb2bcae72669d20f54012c428da3d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://www.thenewstribune.com
date: Fri, 05 Apr 2024 00:58:17 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 238
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8

OPTIONS
H2 200 vardata
api.lab.amplitude.com/sdk/ Frame 0
0 16ms
16ms Preflight 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-user
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.thenewstribune.com
access-control-max-age: 1800
age: 1151
cache-control: no-store
content-length: 0
date: Fri, 05 Apr 2024 00:58:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amzn-trace-id: Root=1-660f482b-26b061db3236419f750636aa
x-cache: HIT
x-cache-hits: 79
x-content-type-options: nosniff
x-served-by: cache-lin2290028-LIN
x-timer: S1712278698.759153,VS0,VE0

GET
BLOB 200
OK 686f9d16-055c-417c-ba1a-639110b4b618 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/686f9d16-055c-417c-ba1a-639110b4b618
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4717431cac23d7c95597a40834a132a468724d802c89781c4be11457b2061eca

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 540ff7f7-28e5-421d-a782-71354044986b Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/540ff7f7-28e5-421d-a782-71354044986b
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7537174223ffff67e8692a645e6161170f0dda4abaa7cde03063070e8a8fedac

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

POST
H2 200 collect Show response
www.google-analytics.com/j/ Frame 9FE2 2 B
212 B 34ms
32ms XHR
text/plain 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1836985859&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thenewstribune.com%2F&dr=&dp=%2F&dh=www.thenewstribune.com&ul=en-us&de=UTF-8&dt=Home%3AHomepage&sd=24-bit&sr=800x600&vp=&je=0&_u=aEBAAUABAAAAACgDIC~&jid=1987773042&gjid=871297105&cid=1177528412.1712278698&tid=UA-48278079-1&_gid=713462795.1712278698&_r=1&gtm=457e4430za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tcfd=10001&cg1=The%20News%20Tribune&cg2=Homepage&cd1=TNT&cd2=The%20News%20Tribune&cd3=Home&cd4=_HomePage%7C%7C%7C%7C&cd6=Homepage&cd7=Product%3A%20Escenic&cd8=&cd9=&cd10=&cd13=&cd14=&cd15=&npa=1&z=890246900

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Apr 2024 00:58:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ Frame 9FE2 0
259 B 88ms
33ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-WMTZ88VSK5&_ono=1&gtm=45je4430v9134454662za200&_p=1712278697343&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tcfd=10001&cid=1177528412.1712278698&ul=en-us&sr=800x600&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=EAAI&_s=1&dl=https%3A%2F%2Fwww.thenewstribune.com%2F&dp=%2F&dr=&dt=Home%3AHomepage&sid=1712278697&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.content_group1=The%20News%20Tribune&ep.content_group2=Homepage&ep.dimension1=TNT&ep.dimension2=The%20News%20Tribune&ep.dimension3=Home&ep.dimension4=_HomePage%7C%7C%7C%7C&ep.dimension6=Homepage&ep.dimension7=Product%3A%20Escenic&ep.dimension8=&ep.dimension9=&ep.dimension10=&ep.dimension13=&ep.dimension14=&ep.dimension15=&ep.page_hostname=www.thenewstribune.com&tfd=421
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WMTZ88VSK5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 05 Apr 2024 00:58:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ Frame 9FE2 0
47 B 104ms
33ms Ping
text/plain 173.194.76.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-WMTZ88VSK5&cid=1177528412.1712278698&gtm=45je4430v9134454662za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WMTZ88VSK5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.194.76.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ws-in-f157.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 05 Apr 2024 00:58:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.it/ads/ Frame 9FE2 42 B
408 B 99ms
36ms Image
image/gif 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.it/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ono=1&tid=G-WMTZ88VSK5&cid=1177528412.1712278698&gtm=45je4430v9134454662za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=648193498

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 05 Apr 2024 00:58:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 5 KB
2 KB 224ms
224ms Fetch
application/json 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/yoibns-zol/woldoni.08bd31ff850ae0f066e6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ba362a55b7c5e5a729e631006c70f811f9815df6fed10a8bef33616d8a678fa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
X-Amp-Exp-User: eyJkZXZpY2VfaWQiOiI2MTIxNDBjNS0zODExLTQxOGYtODlhNy1jZTEwMTMzMmM5ZjIiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwibGFuZ3VhZ2UiOiJlbi1VUyIsImxpYnJhcnkiOiJ5ei1leHAtY2xpZW50LzEuMCIsIm9zIjoiQ2hyb21lIDEyMyIsInBsYXRmb3JtIjoiV2ViIiwidXNlcl9pZCI6IiIsInVzZXJfcHJvcGVydGllcyI6eyJidXNpbmVzc191bml0IjoiVE5UIiwiY2Fub25pY2FsX3VybCI6Imh0dHBzOi8vd3d3LnRoZW5ld3N0cmlidW5lLmNvbS8iLCJjbXNfaWQiOiJIb21lcGFnZTo3MTAxIiwiY29udGVudF9zZXJ2aWNlIjoiUHJvZHVjdDogRXNjZW5pYyIsImZ1bGxfdXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsImhhc19mb2N1cyI6InllcyIsImlmcmFtZV9uZXN0aW5nIjoidG9wIiwicGFnZV9sZXZlbCI6IkhvbWUiLCJwYWdlX25hbWUiOiJIb21lOkhvbWVwYWdlIiwicGFnZV9wYXRoIjoiLyIsInB1YmxpY2F0aW9uX25hbWUiOiJUaGUgTmV3cyBUcmlidW5lIiwicmVmZXJyaW5nX2hvc3QiOiJub19yZWZlcnJlciIsInNka19pbml0X3N0YXR1cyI6InN0b3JhZ2UiLCJzZWN0aW9uIjoiSG9tZXBhZ2UiLCJzZXJ2ZXIiOiJ3d3cudGhlbmV3c3RyaWJ1bmUuY29tIiwidGF4b25vbXkiOiJfSG9tZVBhZ2V8fHx8IiwidXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsImJyYXplX3VzZXJfYWxpYXMiOiI2MTIxNDBjNS0zODExLTQxOGYtODlhNy1jZTEwMTMzMmM5ZjIiLCJkZXZpY2VfcG1vZGUiOiIwIiwiZGV2aWNlX29yaWVudGF0aW9uIjoidW5zdXBwb3J0ZWQiLCJkZXZpY2Vfc2NyZWVuX3NpemUiOiI4MDB4NjAwIiwiZGV2aWNlX3R5cGUiOiJvdGhlciIsImxvZ2dlZF9pbiI6ZmFsc2UsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIzLjAuMC4wIFNhZmFyaS81MzcuMzYiLCJzb3BoaV90ZXN0cyI6W3sidGVzdElkIjoicHc6YXJ0aWNsZTp0ZXN0NF9hYmMiLCJ0ZXN0R3JvdXAiOiJ2YXJpYW50In1dLCJkYXRlIjoiMjAyNC0wNC0wNSJ9fQ==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Authorization: Api-Key client-G6ik2oCuLtpn6c9TpIT8ZRXe4JHPDDn9
Referer: https://www.thenewstribune.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 0
x-cache: MISS
content-length: 1759
x-served-by: cache-lin2290028-LIN
x-timer: S1712278698.775825,VS0,VE208
x-amzn-trace-id: Root=1-660f4ca9-5334580e6e2ae6a53848a60c
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

OPTIONS
H2 200 httpapi
api2.amplitude.com/2/ Frame 0
0 190ms
190ms Preflight 35.161.181.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.161.181.150 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-161-181-150.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
date: Fri, 05 Apr 2024 00:58:17 GMT
strict-transport-security: max-age=15768000

POST
H2 200 httpapi Show response
api2.amplitude.com/2/ 94 B
308 B 223ms
223ms Fetch
application/json 35.161.181.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/yoibns-zol/escenic.08bd31ff850ae0f066e6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.161.181.150 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-161-181-150.us-west-2.compute.amazonaws.com

Software

Resource Hash

08f989ee17cc05199ac13d01a734953dbfec9d20afcf881c9f2fe1b516cfcc2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Accept: */*
Referer: https://www.thenewstribune.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:18 GMT
strict-transport-security: max-age=15768000
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
trace-id: Root=1-660f4caa-2e15563b722834f05cb08c9c
content-length: 94

GET
H2 200 parsely.08bd31ff850ae0f066e6.js Show response
www.thenewstribune.com/yoibns-zol/ 5 KB
2 KB 56ms
56ms Script
application/javascript 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/yoibns-zol/parsely.08bd31ff850ae0f066e6.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ea86b9cd949cd84e852b061861ce571baeaed905cadeae107e28b13250333af9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:17 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 285
x-cachebust
server-timing: ak_p; desc="1712278697767_390277156_465671490_333_11234_9_0_146";dur=1
content-length: 1863
last-modified: Thu, 04 Apr 2024 11:28:25 GMT
server: MI
etag: W/"13d3-61543a32ea840"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 655792823 656448844
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=560629
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 tehi.08bd31ff850ae0f066e6.js Show response
www.thenewstribune.com/yoibns-zol/ 6 KB
3 KB 57ms
57ms Script
application/javascript 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/yoibns-zol/tehi.08bd31ff850ae0f066e6.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: e02e8bd723bb1f723e0d18042a136c9be7dfa3f40ec42279a2bff7fc047550e1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:17 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 269
x-cachebust
server-timing: ak_p; desc="1712278697782_390277156_465671508_345_10466_9_0_146";dur=1
content-length: 2189
last-modified: Thu, 04 Apr 2024 11:28:25 GMT
server: MI
etag: W/"1758-61543a32ea840"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 650845564 656481658
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=560577
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 homepage.json Show response
www.thenewstribune.com/static/hi/zones/ 1 KB
1 KB 190ms
190ms Fetch
application/json 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/static/hi/zones/homepage.json
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/yoibns-zol/zones.08bd31ff850ae0f066e6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: bf381b88aa02e17e8b64a656f06deeda746cf28295e53834f008e02ad07ee5d5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:17 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 309
x-cachebust
server-timing: ak_p; desc="1712278697782_390277156_465671509_14108_10676_9_0_219";dur=1
content-length: 402
last-modified: Thu, 04 Apr 2024 03:19:51 GMT
server: MI
etag: "488-6153ccfee83c0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 643861517, 857933686 858819457
content-type: application/json
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=291
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 htlbid.css
htlbid.com/v3/thenewstribune.com/ 3 KB
669 B 535ms
469ms Stylesheet
text/css 13.32.27.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/thenewstribune.com/htlbid.css
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-47.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 74b1c9d0e9a310c68a2437a307ddc5f8c58ab3dd1ef63299c2982961837abe5d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:19 GMT
content-encoding: br
via: 1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
last-modified: Fri, 08 Mar 2024 14:27:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: W/"6079441ba3e393b1ed99fc06f4fd2fea"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
cache-control: max-age=600
x-amz-cf-id: KerlLu5L39DjlWMPYOkocepwbrfssdohgn895gmoqB9n7E1_6Oy9Aw==

GET
H2 200 htlbid.js Show response
htlbid.com/v3/thenewstribune.com/ 521 KB
136 KB 493ms
427ms Script
application/javascript 13.32.27.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/thenewstribune.com/htlbid.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-47.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 20d4c3ced8ad401bc94a381d56881e6d44b4c417fcc3947e6df45a66d27feb0b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:19 GMT
content-encoding: br
via: 1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
last-modified: Fri, 08 Mar 2024 14:27:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
etag: W/"5310fa3751bd419ab931f69f0fca9cee"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=600
x-amz-cf-id: jCD0FsjAE54767GZpvQNfl9Z0MdCZHJPxEWtHN12RE-Nxn95zl-Daw==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ Frame 9FE2 4 B
354 B 72ms
33ms XHR
text/plain 173.194.76.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-48278079-1&cid=1177528412.1712278698&jid=1987773042&gjid=871297105&_gid=713462795.1712278698&npa=1&_u=aEBAAUAAAAAAACgDIC~&z=2102749297

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

b4cd4f889e2c7dd71da12d2b0a29aa6346de2e5d8b3c882d7700d64c700f661d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 05 Apr 2024 00:58:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
accdn.lpsnmedia.net/api/account/2196236/configuration/setting/accountproperties/ 7 KB
2 KB 223ms
70ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/2196236/configuration/setting/accountproperties/?cb=accountSettingsCB

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

c073b660c35f54f8d5dabdf1bbc7914fbdc02680a6bab2ca243cf0b6ae12eed7

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:17 GMT
x-envoy-decorator-operation: lp-accdn-app.default.svc.lokube01.int.liveperson.net:8080/*
x-content-type-options: nosniff
strict-transport-security: max-age=99999999999; includeSubDomains
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Fri, 05 Apr 2024 00:59:17 GMT

GET
H2 200 zones Show response
accdn.lpsnmedia.net/api/account/2196236/configuration/le-campaigns/ 2 KB
1 KB 282ms
135ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/2196236/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

5d0ba219cd1d0a9120a5ba71640a1a056df13752f136476d4058fb55fab809cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:18 GMT
x-envoy-decorator-operation: lp-accdn-app.default.svc.lokube01.int.liveperson.net:8080/*
x-content-type-options: nosniff
strict-transport-security: max-age=99999999999; includeSubDomains
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time: 42
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Fri, 05 Apr 2024 00:59:18 GMT

GET
BLOB 200
OK 997ed179-ea73-4e4b-937f-2921bf30f403
https://www.thenewstribune.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/997ed179-ea73-4e4b-937f-2921bf30f403
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK a4122646-eb7a-4dc4-98e7-2703bd2cf1d9
https://www.thenewstribune.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/a4122646-eb7a-4dc4-98e7-2703bd2cf1d9
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 922affd9-edff-49c1-8a81-96489b9789b6 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/922affd9-edff-49c1-8a81-96489b9789b6
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf365b359114dcf46d0d5900d6496f6d03d86444f4a72bb8c9d9a48225e53891

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H2 200 ui-framework.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.35.0-release_1225844943/ 40 KB
12 KB 148ms
18ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_unified_window/10.35.0-release_1225844943/ui-framework.js?version=10.35.0-release_1225844943
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 05:13:25 GMT
content-encoding: br
age: 848692
x-guploader-uploadid: ABPtcPrvjIjy0N_4bczHVfccAhAounFMgx2MxenpBFv5sPY5UXt-g2J8AP97T2qVNNWHTdSC7vE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12465
last-modified: Tue, 26 Mar 2024 05:03:00 GMT
server: UploadServer
etag: W/"0dfc7fa7d2051d776d5937b7a3a7c4dd"
vary: Accept-Encoding
x-goog-generation: 1711429380024620
x-goog-hash: crc32c=wefPQw==, md5=Dfx/p9IFHXdtWTe3o6fE3Q==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: public,max-age=31536000
x-goog-stored-content-length: 40455
accept-ranges: none
content-type: application/javascript

GET
H2 200 surveylogicinstance.min.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.35.0-release_1225844943/ 8 KB
3 KB 146ms
17ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_unified_window/10.35.0-release_1225844943/surveylogicinstance.min.js?version=10.35.0-release_1225844943
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 05:13:25 GMT
content-encoding: br
age: 848692
x-guploader-uploadid: ABPtcPoSlyCQgZYrLM56C9pNraClGRj9JBs5NYydPThxCW9dYcqwM8tCVZGHiz0OU-WEwF6SyIM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2378
last-modified: Tue, 26 Mar 2024 05:03:00 GMT
server: UploadServer
etag: W/"d53092c1d6e0a7a3d1bb802c67a6e1e9"
vary: Accept-Encoding
x-goog-generation: 1711429380018576
x-goog-hash: crc32c=GIGCsg==, md5=1TCSwdbgp6PRu4AsZ6bh6Q==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: public,max-age=31536000
x-goog-stored-content-length: 7866
accept-ranges: none
content-type: application/javascript

GET
H3 200 ga-audiences
www.google.com/ads/ Frame 9FE2 42 B
63 B 89ms
36ms Image
image/gif 142.250.185.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-48278079-1&cid=1177528412.1712278698&jid=1987773042&npa=1&_u=aEBAAUAAAAAAACgDIC~&z=919856112

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 05 Apr 2024 00:58:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.it/ads/ Frame 9FE2 42 B
107 B 36ms
36ms Image
image/gif 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.it/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-48278079-1&cid=1177528412.1712278698&jid=1987773042&npa=1&_u=aEBAAUAAAAAAACgDIC~&z=919856112

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 05 Apr 2024 00:58:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 29 B
144 B 209ms
209ms Fetch
application/json 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/yoibns-zol/woldoni.08bd31ff850ae0f066e6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

18f35c576aabd3eb7c3386c0467cd6f87bc054a669e66f6181152a46f397d63a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Authorization: Api-Key client-G6ik2oCuLtpn6c9TpIT8ZRXe4JHPDDn9
X-Amp-Exp-User: eyJkZXZpY2VfaWQiOiI2MTIxNDBjNS0zODExLTQxOGYtODlhNy1jZTEwMTMzMmM5ZjIiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwibGFuZ3VhZ2UiOiJlbi1VUyIsImxpYnJhcnkiOiJ5ei1leHAtY2xpZW50LzEuMCIsIm9zIjoiQ2hyb21lIDEyMyIsInBsYXRmb3JtIjoiV2ViIiwidXNlcl9pZCI6IiIsInVzZXJfcHJvcGVydGllcyI6eyJidXNpbmVzc191bml0IjoiVE5UIiwiY2Fub25pY2FsX3VybCI6Imh0dHBzOi8vd3d3LnRoZW5ld3N0cmlidW5lLmNvbS8iLCJjbXNfaWQiOiJIb21lcGFnZTo3MTAxIiwiY29udGVudF9zZXJ2aWNlIjoiUHJvZHVjdDogRXNjZW5pYyIsImZ1bGxfdXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsImhhc19mb2N1cyI6InllcyIsImlmcmFtZV9uZXN0aW5nIjoidG9wIiwicGFnZV9sZXZlbCI6IkhvbWUiLCJwYWdlX25hbWUiOiJIb21lOkhvbWVwYWdlIiwicGFnZV9wYXRoIjoiLyIsInB1YmxpY2F0aW9uX25hbWUiOiJUaGUgTmV3cyBUcmlidW5lIiwicmVmZXJyaW5nX2hvc3QiOiJub19yZWZlcnJlciIsInNka19pbml0X3N0YXR1cyI6InN0b3JhZ2UiLCJzZWN0aW9uIjoiSG9tZXBhZ2UiLCJzZXJ2ZXIiOiJ3d3cudGhlbmV3c3RyaWJ1bmUuY29tIiwidGF4b25vbXkiOiJfSG9tZVBhZ2V8fHx8IiwidXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsImJyYXplX3VzZXJfYWxpYXMiOiI2MTIxNDBjNS0zODExLTQxOGYtODlhNy1jZTEwMTMzMmM5ZjIiLCJkZXZpY2VfcG1vZGUiOiIwIiwiZGV2aWNlX29yaWVudGF0aW9uIjoidW5zdXBwb3J0ZWQiLCJkZXZpY2Vfc2NyZWVuX3NpemUiOiI4MDB4NjAwIiwiZGV2aWNlX3R5cGUiOiJvdGhlciIsImxvZ2dlZF9pbiI6ZmFsc2UsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIzLjAuMC4wIFNhZmFyaS81MzcuMzYiLCJzb3BoaV90ZXN0cyI6W3sidGVzdElkIjoicHc6YXJ0aWNsZTp0ZXN0NF9hYmMiLCJ0ZXN0R3JvdXAiOiJ2YXJpYW50In1dLCJmbGFnX2tleSI6InpvbmUtY29udGVudCIsImRhdGUiOiIyMDI0LTA0LTA1In19
Referer: https://www.thenewstribune.com/
X-Amp-Exp-Flag-Keys: WyJ6b25lLWNvbnRlbnQiXQ==
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 0
x-cache: MISS
content-length: 49
x-served-by: cache-lin2290028-LIN
x-timer: S1712278698.972384,VS0,VE193
x-amzn-trace-id: Root=1-660f4caa-555d35270eab2e735fd038cd
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

OPTIONS
H2 200 vardata
api.lab.amplitude.com/sdk/ Frame 0
0 17ms
16ms Preflight 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.thenewstribune.com
access-control-max-age: 1800
age: 1151
cache-control: no-store
content-length: 0
date: Fri, 05 Apr 2024 00:58:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amzn-trace-id: Root=1-660f482b-26b061db3236419f750636aa
x-cache: HIT
x-cache-hits: 80
x-content-type-options: nosniff
x-served-by: cache-lin2290028-LIN
x-timer: S1712278698.955363,VS0,VE0

GET
H2 200 284301473 Show response
www.thenewstribune.com/webapi-public/v2/content/ 862 B
1 KB 402ms
402ms Fetch
application/json 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/webapi-public/v2/content/284301473
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/yoibns-zol/zones.08bd31ff850ae0f066e6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: dcece8f7df774b4b978e8cb0bfa09da8ea8de2dd9cdc4deabbf691594ca0ee4e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:18 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 213
x-cachebust
server-timing: ak_p; desc="1712278697970_390277156_465671811_36246_12593_9_0_219";dur=1
content-length: 420
mi-api: true
last-modified: Fri, 05 Apr 2024 00:54:45 GMT
x-proxy-forwarding-type: WebAPI
server: MI
etag: W/"f3036b10-ed18-4df4-9a4b-5c04564e7f7c"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 991102189 979637449
content-type: application/json;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=283
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
BLOB 200
OK 2c9ccca4-94d7-43d9-97e3-8c2760ec8634 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/2c9ccca4-94d7-43d9-97e3-8c2760ec8634
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e524b2f3e3e11c7fe8fa9a7fd7975113a32693c05b2b0223ab27aa24f17270d2

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK b806424c-4461-4d61-bc68-8da1c715978d Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/b806424c-4461-4d61-bc68-8da1c715978d
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fff364aa1827b5ddbba93ef79f83b3f0495e28329d5d44e5e8c57b237ba65a3f

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H2 200 iterate.08bd31ff850ae0f066e6.js Show response
www.thenewstribune.com/yoibns-zol/ 2 KB
1 KB 60ms
60ms Script
application/javascript 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/yoibns-zol/iterate.08bd31ff850ae0f066e6.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 6b40a82f9c863bb6ebcdeffa9f6b9bb1e546639173a6683e7ca79e5eeef90736

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:18 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 285
x-cachebust
server-timing: ak_p; desc="1712278698014_390277156_465671879_367_13819_9_0_146";dur=1
content-length: 1057
last-modified: Thu, 04 Apr 2024 11:28:25 GMT
server: MI
etag: W/"6d1-61543a32ea840"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 890345209, 631527603 655889241
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=560628
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 talidgo.08bd31ff850ae0f066e6.js Show response
www.thenewstribune.com/yoibns-zol/ 22 KB
7 KB 63ms
63ms Script
application/javascript 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/yoibns-zol/talidgo.08bd31ff850ae0f066e6.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 4a2081804c54778c00a9a7ff954c27f278aa9b6d2883d63974d671a0686171ed

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:18 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 83
x-cachebust
server-timing: ak_p; desc="1712278698032_390277156_465671917_496_13682_9_0_146";dur=1
content-length: 6797
last-modified: Thu, 04 Apr 2024 11:28:25 GMT
server: MI
etag: W/"56a9-61543a32ea840"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 887787190, 656612046 659818066
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=560538
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
BLOB 200
OK b29928f5-5b3c-4213-8b1e-53e67e7bb274
https://www.thenewstribune.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/b29928f5-5b3c-4213-8b1e-53e67e7bb274
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 desktopEmbedded.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.35.0-release_1225844943/ 1 MB
253 KB 18ms
18ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_unified_window/10.35.0-release_1225844943/desktopEmbedded.js?version=10.35.0-release_1225844943
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: a1bbf311a97d745ee2ad293388c94c5582d1b8b81060548aed6608436f23b9ee

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 05:18:22 GMT
content-encoding: br
age: 848396
x-guploader-uploadid: ABPtcPq0azl6_XI85EL3CTLINBSd-EPDiwOvYbnt6UhDOl6EdmAEmY6HANAIh6dwnoW9SqRnrv1SHC6saw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 258876
last-modified: Tue, 26 Mar 2024 05:02:59 GMT
server: UploadServer
etag: W/"ac151b8756287379c9f0e53a03efe2ab"
vary: Accept-Encoding
x-goog-generation: 1711429379446300
x-goog-hash: crc32c=QEjmJA==, md5=rBUbh1Yoc3nJ8OU6A+/iqw==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: public,max-age=31536000
x-goog-stored-content-length: 1069155
accept-ranges: none
content-type: application/javascript

GET
H2 200 storage.secure.min.html
lpcdn.lpsnmedia.net/le_secure_storage/3.27.0-release_1222449294/ Frame A3F4 0
0 70ms
18ms Document
text/html 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.27.0-release_1222449294/storage.secure.min.html?loc=https%3A%2F%2Fwww.thenewstribune.com&site=2196236&env=prod&isCrossDomain=true&accdn=accdn.lpsnmedia.net
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash

Request headers

Referer: https://www.thenewstribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: it-IT,it;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: none
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
age: 848693
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=31536000
content-encoding: br
content-length: 16163
content-type: text/html
date: Tue, 26 Mar 2024 05:13:25 GMT
etag: W/"e1d4283d1ec63da6717ad933736f885d"
last-modified: Tue, 26 Mar 2024 05:07:38 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1711429658471740
x-goog-hash: crc32c=SmP1wg== md5=4dQoPR7GPaZxetkzc2+IXQ==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 47953
x-guploader-uploadid: ABPtcPrQDYUCyr-nI6QLYIzm_Y8-HMl9sOqrhD4KowQsyIdwSkYlz6uM1YukTGlmAnnLWMjmSNk

GET
H2 200 storage.secure.min.js Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.27.0-release_1222449294/ 43 KB
15 KB 29ms
29ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.27.0-release_1222449294/storage.secure.min.js?loc=https%3A%2F%2Fwww.thenewstribune.com&site=2196236&force=1&env=prod&isCrossDomain=true&accdn=accdn.lpsnmedia.net
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 97d000fed506d0fc61c967af53068ca8d303d2399d067aae318c3996e09bcbba

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 05:13:26 GMT
content-encoding: br
age: 848692
x-guploader-uploadid: ABPtcPrb6Z4sOghkRyhE_rrn4_SZZEPJS2IOz3F2bA4CMc8knQSy8f3Yyj7NRChv7DMIUTsJF8s
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15019
last-modified: Tue, 26 Mar 2024 05:07:38 GMT
server: UploadServer
etag: W/"ed8f5a6737497f0f1f08d08ccabb18e0"
vary: Accept-Encoding
x-goog-generation: 1711429658451644
x-goog-hash: crc32c=x1nX+Q==, md5=7Y9aZzdJfw8fCNCMyrsY4A==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: public,max-age=31536000
x-goog-stored-content-length: 44172
accept-ranges: none
content-type: application/javascript

GET
H2 200 thenewstribune.json Show response
www.thenewstribune.com/yoibns-zol/data/datawall/ 126 B
891 B 175ms
175ms XHR
application/json 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/yoibns-zol/data/datawall/thenewstribune.json
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/yoibns-zol/thenewstribunecore.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 817875cd68037c353805b105c90fbf96f433f0f26d2d5acbe408eecbe5f7e0ab

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:18 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 262
x-cachebust
server-timing: ak_p; desc="1712278698081_390277156_465672013_13834_11143_9_0_219";dur=1
content-length: 124
last-modified: Thu, 04 Apr 2024 11:28:25 GMT
server: MI
etag: W/"7e-61543a32ea840"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 890213149, 659559107 646625906
content-type: application/json
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=180
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 markup3s_v4.html Show response
www.thenewstribune.com/yoibns-zol/data/datawall/ 27 KB
5 KB 399ms
399ms XHR
text/html 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/yoibns-zol/data/datawall/markup3s_v4.html
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/yoibns-zol/thenewstribunecore.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 9a5e1bdbea96f3c5d3c726b22fe2950b290fb6725acfdfc73a2c5a863a018a8a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:18 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 288
x-cachebust
server-timing: ak_p; desc="1712278698081_390277156_465672014_34908_11209_9_0_219";dur=1
content-length: 4531
server: MI
etag: W/"6d11-61543a32ea840"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html
access-control-allow-origin: *
x-varnish: 92549459, 114196816 113672232
vary: Accept-Encoding
access-control-allow-credentials: false
cache-control: max-age=180
mi-cache: HIT
access-control-allow-headers: *

OPTIONS
H2 200 vardata
api.lab.amplitude.com/sdk/ Frame 0
0 18ms
18ms Preflight 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-user
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.thenewstribune.com
access-control-max-age: 1800
age: 1151
cache-control: no-store
content-length: 0
date: Fri, 05 Apr 2024 00:58:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amzn-trace-id: Root=1-660f482b-26b061db3236419f750636aa
x-cache: HIT
x-cache-hits: 81
x-content-type-options: nosniff
x-served-by: cache-lin2290028-LIN
x-timer: S1712278698.075527,VS0,VE0

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 775 B
410 B 227ms
226ms Fetch
application/json 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/yoibns-zol/woldoni.08bd31ff850ae0f066e6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c7064bdcd04183dae27f707e6805423ccbc56f8ad72df39c63b9019a10a91c8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
X-Amp-Exp-User: eyJkZXZpY2VfaWQiOiI2MTIxNDBjNS0zODExLTQxOGYtODlhNy1jZTEwMTMzMmM5ZjIiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwibGFuZ3VhZ2UiOiJlbi1VUyIsImxpYnJhcnkiOiJ5ei1leHAtY2xpZW50LzEuMCIsIm9zIjoiQ2hyb21lIDEyMyIsInBsYXRmb3JtIjoiV2ViIiwidXNlcl9pZCI6IiIsInVzZXJfcHJvcGVydGllcyI6eyJidXNpbmVzc191bml0IjoiVE5UIiwiY2Fub25pY2FsX3VybCI6Imh0dHBzOi8vd3d3LnRoZW5ld3N0cmlidW5lLmNvbS8iLCJjbXNfaWQiOiJIb21lcGFnZTo3MTAxIiwiY29udGVudF9zZXJ2aWNlIjoiUHJvZHVjdDogRXNjZW5pYyIsImZ1bGxfdXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsImhhc19mb2N1cyI6InllcyIsImlmcmFtZV9uZXN0aW5nIjoidG9wIiwicGFnZV9sZXZlbCI6IkhvbWUiLCJwYWdlX25hbWUiOiJIb21lOkhvbWVwYWdlIiwicGFnZV9wYXRoIjoiLyIsInB1YmxpY2F0aW9uX25hbWUiOiJUaGUgTmV3cyBUcmlidW5lIiwicmVmZXJyaW5nX2hvc3QiOiJub19yZWZlcnJlciIsInNka19pbml0X3N0YXR1cyI6InN0b3JhZ2UiLCJzZWN0aW9uIjoiSG9tZXBhZ2UiLCJzZXJ2ZXIiOiJ3d3cudGhlbmV3c3RyaWJ1bmUuY29tIiwidGF4b25vbXkiOiJfSG9tZVBhZ2V8fHx8IiwidXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsImJyYXplX3VzZXJfYWxpYXMiOiI2MTIxNDBjNS0zODExLTQxOGYtODlhNy1jZTEwMTMzMmM5ZjIiLCJkZXZpY2VfcG1vZGUiOiIwIiwiZGV2aWNlX29yaWVudGF0aW9uIjoidW5zdXBwb3J0ZWQiLCJkZXZpY2Vfc2NyZWVuX3NpemUiOiI4MDB4NjAwIiwiZGV2aWNlX3R5cGUiOiJvdGhlciIsImxvZ2dlZF9pbiI6ZmFsc2UsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIzLjAuMC4wIFNhZmFyaS81MzcuMzYiLCJzb3BoaV90ZXN0cyI6W3sidGVzdElkIjoicHc6YXJ0aWNsZTp0ZXN0NF9hYmMiLCJ0ZXN0R3JvdXAiOiJ2YXJpYW50In1dLCJkYXRlIjoiMjAyNC0wNC0wNSJ9fQ==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Authorization: Api-Key client-WXkdEms1kcNV81IeB1qqTRJToktXL0r2
Referer: https://www.thenewstribune.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 0
x-cache: MISS
content-length: 316
x-served-by: cache-lin2290028-LIN
x-timer: S1712278698.094991,VS0,VE210
x-amzn-trace-id: Root=1-660f4caa-7657ec4e518dfbde1ee2f854
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 91 KB
29 KB 125ms
46ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

f9113f0b050ab064eea7a54ae3275c58826b11ad63ec77bbf97b47f6d44db977

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29447
x-xss-protection: 0
server: cafe
etag: 149 / 19818 / 31082448 / config-hash: 976839025151660149
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 05 Apr 2024 00:58:18 GMT

GET
H3 200 config.js Show response
cdn.confiant-integrations.net/awMxVZLpNW6K6EG6WC5S8oR_a68/gpt_and_prebid/ 157 KB
34 KB 69ms
29ms Script
text/javascript 172.64.144.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/awMxVZLpNW6K6EG6WC5S8oR_a68/gpt_and_prebid/config.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 370a6a20341c851395f82d70b1d217e2c0c43a786da9586a2e0698dcf358d21a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 Apr 2024 23:54:08 GMT
server: cloudflare
x-amz-request-id: ZMSKW707X7VPBTQ4
age: 716
etag: W/"4404c225d26c6fa78741e08e4344bbf7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 86f596c8cd1cbaed-MXP
alt-svc: h3=":443"; ma=86400
x-amz-id-2: nNeXA7x8NYaQ2f94kJh/fbde5xtfB49yLMLlZHT10XDepuchSQPGwKNBBnTC36Un/R1RVtczvec=

GET
H2 200 launchpad-liveramp.js Show response
launchpad-wrapper.privacymanager.io/11d88664-2cc9-41ec-b61a-fc789bcde449/ 7 KB
2 KB 90ms
26ms Script
text/javascript 3.160.150.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad-wrapper.privacymanager.io/11d88664-2cc9-41ec-b61a-fc789bcde449/launchpad-liveramp.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-11.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 551af58c2ce33c58ebc151a61b8d1d28e54ab9ce177d4fac749f0ebc50054cb9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: twZfULaLCuSu6sSf4IfyYxlioNp6VjIQ
content-encoding: gzip
via: 1.1 69114e4ea0aa4e532a5be63a75c51e2c.cloudfront.net (CloudFront)
date: Thu, 04 Apr 2024 01:47:20 GMT
x-amz-cf-pop: FRA60-P7
age: 83470
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: attachment; filename="launchpad-liveramp.js"
last-modified: Mon, 07 Aug 2023 19:00:29 GMT
server: AmazonS3
etag: W/"61173248aacab39adcbf53d6edf6a13d"
vary: Accept-Encoding
content-type: text/javascript
x-amz-cf-id: kGOfIK910fhq8hkEVNgVqTgwlGhMMjnRi1vFNhHAEa2pfYJTiI4HfA==

GET
H2 200 eedition-promo-games.js Show response
www.thenewstribune.com/static/hi/cards/v1/eedition-promo/ 11 KB
4 KB 382ms
382ms Script
application/javascript 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/static/hi/cards/v1/eedition-promo/eedition-promo-games.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: c2705632879b9e4cf84ca44ec56248c4e6a28f23f6776f5c442f893c2afc3d66

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
Origin: https://www.thenewstribune.com
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:18 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 289
x-cachebust
server-timing: ak_p; desc="1712278698373_390277156_465672416_34343_9965_9_0_219";dur=1
content-length: 3439
last-modified: Thu, 28 Mar 2024 19:38:56 GMT
server: MI
etag: W/"2cdd-614bdac89dad0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 474386480 474089855
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=281
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
BLOB 200
OK d616aaa7-7036-492a-8ad6-c51a92220439
https://www.thenewstribune.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/d616aaa7-7036-492a-8ad6-c51a92220439
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 launchpad.bundle.js Show response
launchpad.privacymanager.io/latest/ 126 KB
26 KB 109ms
33ms Script
application/x-javascript 13.32.27.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-122.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5fe4b16f14fbab784667a876b5b687b1278e692b64a5e5b04e2da18bbd3de52

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: .0smH5v3yC0Mj5CY0Yn4_OXkkced__tN
content-encoding: br
via: 1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
date: Fri, 05 Apr 2024 00:53:08 GMT
last-modified: Mon, 26 Feb 2024 08:21:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 311
x-amz-server-side-encryption: AES256
etag: W/"a92f9ecbaf5821d1d35c439a0dc33104"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: must-revalidate,public,max-age=3600
x-amz-cf-id: mARs1_Pda-iVXZy0Q2CO-7y3fXd18Xrsq6Z9S_fuir7v_WRyroroBA==

GET
BLOB 200
OK 988ca821-10bb-4d50-b128-aea4ad855b0f
https://www.thenewstribune.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/988ca821-10bb-4d50-b128-aea4ad855b0f
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H3 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202403121239/ 284 KB
87 KB 45ms
45ms Script
application/javascript 172.64.144.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202403121239/wrap.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70b914de15dd75628895223bfe09012e3687598bca4dbaa34a97234f6a8826e9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 12 Mar 2024 16:41:24 GMT
server: cloudflare
x-amz-request-id: CPJPC3Z85NWD1T2R
age: 105820
etag: W/"c1e08625d829bb0007d3c12ed83ad1cb"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 86f596c93d92baed-MXP
alt-svc: h3=":443"; ma=86400
x-amz-id-2: sqsU/8aGIt6BPLDgl6LXDcAa0J3XkTdsyRdVfEa5n77gJEyUHRgLEjA9LFZ2gVFqw4uZ6e1TviNn8vQg2/RYE0vESwZOOExT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403270101/ 441 KB
138 KB 26ms
26ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403270101/pubads_impl.js?cb=31082448

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ccf37446ea1ee83a3fce3f04bd63d69bb12d619e8e4c359540df4b94638daf74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 19:01:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21438
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141434
x-xss-protection: 0
server: cafe
etag: 5731712271330627757
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 04 Apr 2025 19:01:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
904 B 35ms
35ms Stylesheet
text/css 142.250.185.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:400,500,600,700

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f10.1e100.net

Software

ESF /

Resource Hash

e33d4565bdbaf2ffd0d9fc9964475d388d74012e261f01975b18705df8041cd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 05 Apr 2024 00:58:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 05 Apr 2024 00:41:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 Apr 2024 00:58:18 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
775 B 34ms
34ms Stylesheet
text/css 142.250.185.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Serif:400,700

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f10.1e100.net

Software

ESF /

Resource Hash

f3f8d02a7a7b9fc07dcc70c897787cc409719570b458412f476e9ccd97c7d2d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 05 Apr 2024 00:58:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 04 Apr 2024 23:52:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 Apr 2024 00:58:18 GMT

GET
H2 200 thenewstribune-black.png
www.thenewstribune.com/yoibns-zol//images/logos/ 10 KB
10 KB 45ms
44ms Image
image/png 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/yoibns-zol//images/logos/thenewstribune-black.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 0f183d0f4e84ac50c22fe0b6299ec2ca8c664eff2f3c2b13b02a58c0c1bfae2e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:18 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 185
x-cachebust
server-timing: ak_p; desc="1712278698484_390277156_465672621_836_10592_9_0_146";dur=1
content-length: 9785
last-modified: Thu, 04 Apr 2024 11:28:25 GMT
server: MI
etag: "2639-61543a32ea840"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 106103208 89442535
content-type: image/png
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=560537
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

OPTIONS
H2 200 httpapi
api2.amplitude.com/2/ Frame 0
0 190ms
190ms Preflight 35.161.181.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.161.181.150 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-161-181-150.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
date: Fri, 05 Apr 2024 00:58:18 GMT
strict-transport-security: max-age=15768000

POST
H2 200 httpapi Show response
api2.amplitude.com/2/ 94 B
309 B 218ms
217ms Fetch
application/json 35.161.181.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/yoibns-zol/escenic.08bd31ff850ae0f066e6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.161.181.150 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-161-181-150.us-west-2.compute.amazonaws.com

Software

Resource Hash

05a2d655ee232563b85387b94ff3afd5caaf74d798d8ade812403145850efdae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Accept: */*
Referer: https://www.thenewstribune.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:18 GMT
strict-transport-security: max-age=15768000
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
trace-id: Root=1-660f4caa-1d1641ef7438974013972db5
content-length: 94

GET
H2 200 o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2
fonts.gstatic.com/s/notosans/v36/ 38 KB
39 KB 26ms
25ms Font
font/woff2 172.217.18.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v36/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f99.1e100.net

Software

sffe /

Resource Hash

91c01ec0de315f973f4c00041b7ae25e1a790cedff79a6fbb56c571bba379142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://www.thenewstribune.com
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 17:14:11 GMT
x-content-type-options: nosniff
age: 287047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39412
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 22:43:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Apr 2025 17:14:11 GMT

GET
H2 200 o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2
fonts.gstatic.com/s/notosans/v36/ 38 KB
39 KB 31ms
31ms Font
font/woff2 172.217.18.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v36/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f99.1e100.net

Software

sffe /

Resource Hash

91c01ec0de315f973f4c00041b7ae25e1a790cedff79a6fbb56c571bba379142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://www.thenewstribune.com
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 17:14:11 GMT
x-content-type-options: nosniff
age: 287047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39412
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 22:43:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Apr 2025 17:14:11 GMT

GET
H2 200 ga6daw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTYf6D30.woff2
fonts.gstatic.com/s/notoserif/v23/ 42 KB
42 KB 34ms
34ms Font
font/woff2 172.217.18.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v23/ga6daw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTYf6D30.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f99.1e100.net

Software

sffe /

Resource Hash

9d3959df4ebd84904a1622b6d7c9728f487e0c4d372f9bc2f59d0c480702f9c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://www.thenewstribune.com
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 21:05:25 GMT
x-content-type-options: nosniff
age: 273173
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43212
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 00:59:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Apr 2025 21:05:25 GMT

GET
H2 200 ga6daw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTYf6D30.woff2
fonts.gstatic.com/s/notoserif/v23/ 42 KB
42 KB 42ms
42ms Font
font/woff2 172.217.18.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v23/ga6daw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTYf6D30.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f99.1e100.net

Software

sffe /

Resource Hash

9d3959df4ebd84904a1622b6d7c9728f487e0c4d372f9bc2f59d0c480702f9c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://www.thenewstribune.com
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 21:05:25 GMT
x-content-type-options: nosniff
age: 273173
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43212
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 00:59:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Apr 2025 21:05:25 GMT

GET
H2 200 .js Show response
dyv1bugovvq1g.cloudfront.net/11/www.thenewstribune.com/ 22 KB
3 KB 606ms
512ms Fetch
application/json 65.9.94.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dyv1bugovvq1g.cloudfront.net/11/www.thenewstribune.com/.js
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/thenewstribune.com/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.94.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-94-57.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4eed07e8e09e78e67df53181fe755df6dbfa4a57bc2bbd899e8d6a8b7e2d036a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 05 Apr 2024 00:58:20 GMT
content-encoding: gzip
via: 1.1 bb390afd921c223e0fe4921fbc23bbe8.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 2116
x-amz-expiration: expiry-date="Wed, 05 Jun 2024 00:00:00 GMT", rule-id="cleanup"
last-modified: Fri, 05 Apr 2024 00:56:56 GMT
server: AmazonS3
etag: "0c5c353482a861221196c484d720b4f0"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: max-age=300
access-control-allow-credentials: true
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: u4TJQH2CT-Ivj3l1BM6Ql37o1PxTCy_yuF0I1pe0MqOJVq_NiEZbBg==

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
623 B 42ms
41ms Fetch
application/json 65.9.95.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-107.prg50.r.cloudfront.net
Software: /
Resource Hash: b10e232b00994b00b71355e84abd64fccf608d5e25df448708f2ef3b430ac7f8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://www.thenewstribune.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 02:54:20 GMT
via: 1.1 d9523e44e96d2539081596bb1d268d44.cloudfront.net (CloudFront), 1.1 9ed2eeec8748ea461af0d1cbf998da0e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, PRG50-C1
age: 79438
x-amzn-requestid: 35ac1b5b-23d6-42c5-a98a-b3b5e31fe304
x-amzn-trace-id: Root=1-660e165c-26d1a6f43f838f2a2a91b557;Parent=02a12c22b278ce0a;Sampled=0;lineage=06620786:0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: VrhubGuSDoEEC_A=
content-length: 30
x-amz-cf-id: sFth4jIStmba1UD86HfKN1dABUigMw7-kbMY-Hrx5_2eLXLx7K8bFA==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

OPTIONS
H2 200 /
geo.privacymanager.io/ Frame 0
0 249ms
153ms Preflight
application/json 65.9.95.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-107.prg50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Fri, 05 Apr 2024 00:58:18 GMT
via: 1.1 d05dc840d6cf3901928326ad8b6d38c2.cloudfront.net (CloudFront), 1.1 9ed2eeec8748ea461af0d1cbf998da0e.cloudfront.net (CloudFront)
x-amz-apigw-id: VujqvGBlDoEEfKA=
x-amz-cf-id: JbteeLVb5V1g6GruZ1l-wnlbfcLTqH8R7x9VMJaatbQNk6a0DxW6jw==
x-amz-cf-pop: PRG50-C1 PRG50-C1
x-amzn-requestid: 52165d33-a260-4ed9-88fd-089c8c82c6fb
x-cache: Miss from cloudfront

GET
H2 200 postmessage.min.html
va.idp.liveperson.net/postmessage/ Frame B9AE 0
0 433ms
111ms Document
text/html 208.89.15.170
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.idp.liveperson.net/postmessage/postmessage.min.html?bust=1712278698693&loc=https%3A%2F%2Fwww.thenewstribune.com

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.15.170 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.idp.liveperson.net

Software

ws /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thenewstribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: it-IT,it;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-allow-methods: GET, POST, PATCH
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
content-encoding: gzip
content-type: text/html
date: Fri, 05 Apr 2024 00:58:19 GMT
etag: W/"5f2ff440-2a51"
last-modified: Sun, 09 Aug 2020 13:04:00 GMT
server: ws
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 get_image.aspx
edition.pagesuite-professional.co.uk/ 35 KB
36 KB 285ms
175ms Image
image/jpeg 65.9.95.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://edition.pagesuite-professional.co.uk/get_image.aspx?w=200&pbid=dafd1f4e-1b23-4f7e-9a04-8933e0208fae
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-9.prg50.r.cloudfront.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 933c7572dff33c3ce87605d13e82587604d8f438c907a983a6f0f42758260e60

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:18 GMT
via: 1.1 a1c66294cb416b399374a845b97656d2.cloudfront.net (CloudFront)
last-modified: Thu, 04 Apr 2024 13:05:25 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-amz-cf-pop: PRG50-C1
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
cache-control: private
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: IuOCtxu0RYs_aHEAPciACb7DRNwEhHQezUyS8h0uXNO_EnRCt-l0pA==

GET
H2 200 oPS.js Show response
d15kdpgjg3unno.cloudfront.net/ 116 KB
25 KB 139ms
43ms Script
text/javascript 65.9.94.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=11
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.94.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-94-19.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 583c5ab94616caf932d4a62e8a1cd08b41131e2214f54b76ff282246ec880de1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: knQmKqKWzL22_nUQzypljSzZJdbAesMu
content-encoding: gzip
via: 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
date: Thu, 04 Apr 2024 22:13:18 GMT
last-modified: Thu, 28 Mar 2024 14:37:23 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 9902
x-amz-server-side-encryption: AES256
etag: W/"6b9a1ccd970b35475881587b35f424d8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=84600
x-amz-cf-id: KnFzdS7wQQpQBew-oG4LH1EufQ1BFYcPTWWiUBeB-rzDbR_ct3Gnwg==

GET
H/1.1 200
OK 1x1-pixel.png
ams-pageview-public.s3.amazonaws.com/ 68 B
448 B 359ms
127ms Image
image/png 54.231.229.201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ams-pageview-public.s3.amazonaws.com/1x1-pixel.png?id=1d5c59e663ea
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.229.201 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 05 Apr 2024 00:58:20 GMT
Last-Modified: Mon, 26 Oct 2020 16:52:19 GMT
Server: AmazonS3
x-amz-request-id: ABS24JHWAVEN2XF7
ETag: "91e42db1c66c0b276abf6234dc50b2eb"
Content-Type: image/png
Cache-Control: no-store
Accept-Ranges: bytes
Content-Length: 68
x-amz-id-2: 5e3465wuse9CYDu0m4lgciKtWRvuJkdP3sE2QJYNN6b+hOmfcYL/wyfDubm/wsxi9Zak9Ixet8s=

GET
H2 200 2196236 Show response
va.v.liveperson.net/api/js/ 243 B
1 KB 607ms
253ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.v.liveperson.net/api/js/2196236?&cb=lpCb44628x28351&t=sp&ts=1712278698688&pid=2279869997&tid=6635569868&pt=Tacoma%20WA%20Breaking%20News%2C%20Crime%20%26%20More%20%7C%20Tacoma%20News%20Tribune&u=https%3A%2F%2Fwww.thenewstribune.com%2F&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%2C%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%2C%22sub%22%3A%225977c456-70d1-4eca-b7c4-5670d15eca54%22%2C%22account%22%3A%222196236%22%7D%5D

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.v.liveperson.net

Software

ws /

Resource Hash

fcb19003d668881c82fe13d804046d5fd2e3cdb820219a7d787296f592ca266c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

POST
H/1.1 200
OK Test_oPS_Script_Loads Show response
sqs.us-east-1.amazonaws.com/397719490216/ 378 B
682 B 469ms
119ms XHR
text/xml 3.239.232.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sqs.us-east-1.amazonaws.com/397719490216/Test_oPS_Script_Loads?Action=SendMessage&MessageBody=cid%3D11%26bt%3Dnull
Requested by: Host: d15kdpgjg3unno.cloudfront.net
URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=11
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.239.232.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-239-232-237.compute-1.amazonaws.com
Software: /
Resource Hash: 67d662cd25558ba673b54a6af757bde8c939661afcd7d2d489ec910920bcd084

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
Date: Fri, 05 Apr 2024 00:58:19 GMT
connection: keep-alive
x-amzn-RequestId: 00053820-2d57-596f-86db-66a963bc9c6d
Content-Length: 378
Content-Type: text/xml

GET
H2 200 2196236 Show response
va.v.liveperson.net/api/js/ 111 B
900 B 114ms
114ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.v.liveperson.net/api/js/2196236?sid=GYKzHajkTNuOZU7MVgRq6A&cb=lpCb44576x36592&t=pl&ts=1712278699513&pid=2279869997&tid=6635569868&vid=YwZjJhODk3OGM0YzcwOWM1

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.v.liveperson.net

Software

ws /

Resource Hash

2474a52af6156d70ad7515c8adeac75505b2d635ee81e35a1062db12671fda1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 utsync.ashx Show response
ml314.com/ Frame 8319 62 B
254 B 46ms
45ms Script
application/javascript 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=88280&ct=js&pi=&fp=612140c5-3811-418f-89a7-ce101332c9f2&clid=&if=1&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.thenewstribune.com%2F&pv=1712278697425_65724t2g8&bl=en-us&cb=7162509&return=&ht=&d=&dc=&si=1712278697425_65724t2g8&cid=mi_ti_tnt_612140c5-3811-418f-89a7-ce101332c9f2_1712278696927_1712278696903&s=800x600&rp=https%3A%2F%2Fwww.thenewstribune.com%2F&v=2.7.1.157
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?53
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 05 Apr 2024 00:58:20 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/javascript
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
BLOB 200
OK b5967627-953f-49ae-9d27-7bf286badadc Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/b5967627-953f-49ae-9d27-7bf286badadc
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44594cae08fc82c90fe3b90cc4ced65626debe72cd5c72afb4871989146d65d1

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 848617d1-5adf-42bc-a79f-6e4a92f1317a Show response
https://www.thenewstribune.com/ 268 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/848617d1-5adf-42bc-a79f-6e4a92f1317a
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1352d9f19f38565a5a7d98042146852ddc8b5a794e792e56fb1fa75a99e1af63

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 268
Content-Type: text/javascript

GET
H2 200 variantTopBarModal.08bd31ff850ae0f066e6.js Show response
www.thenewstribune.com/yoibns-zol/ 67 KB
11 KB 37ms
37ms Script
application/javascript 23.41.180.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/yoibns-zol/variantTopBarModal.08bd31ff850ae0f066e6.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-11.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: b77c6b9260d230f8517e9f83d146697faa8954c1c0d14c40986e377f58e0da94

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.thenewstribune.com/
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 00:58:23 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 225
x-cachebust
server-timing: ak_p; desc="1712278703015_390277156_465679330_76_10609_9_0_146";dur=1
content-length: 10673
last-modified: Thu, 04 Apr 2024 11:28:25 GMT
server: MI
etag: W/"10c4a-61543a32ea840"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 903495304 905325328
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=560665
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET css
fonts.googleapis.com/ 0
0

GET o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2
fonts.gstatic.com/s/notosans/v36/ 0
0

OPTIONS httpapi
api2.amplitude.com/2/ Frame 0
0

POST httpapi
api2.amplitude.com/2/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tags.fullcontact.com
URL: https://tags.fullcontact.com/anon/fullcontact.js

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:100,200,300,400,500,600,700

Domain: fonts.gstatic.com
URL: https://fonts.gstatic.com/s/notosans/v36/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2

Domain: api2.amplitude.com
URL: https://api2.amplitude.com/2/httpapi

Domain: api2.amplitude.com
URL: https://api2.amplitude.com/2/httpapi

Verdicts & Comments Add Verdict or Comment

228 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
appllnc.robinhood-account.alsoekr.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 5dd612aae404af567a86e4aec14ac7e7
.thenewstribune.com/	1970-01-20 19:38:05	Name: ak_bmsc Value: E88E3040803B60DAA4A555BD878F9389~000000000000000000000000000000~YAAQJChDF+5qW5eOAQAAnnXDqxfFId3p6heTuCXXL7SpYXVhqhtDI4baIY5+AjxmgwhRz5GTJ9TjYGq4K3e2qUR9oTSWa+4S3UCJr/htjbyph/OATuF7cIm8fW9JdvI7kenSz5EASwi+OQ5gwkwgVBxibNxsouy6Punxyu4ni1DxItrMiPpsT+g9Vxzw8SabQ8fPyBVgM1Q7IPwwGnXdoxGaobE2gVD1O4pmTIAl42jL6N/g/e/wqt3LcAjOU8/Sxv1HaItdL9Z2Rh9m512XGXeZXuCN9bcV0a5PX/Vky29vXDym8ZFjXhWXtl0tF+gM+jNSfee6mlJRQ1ZKs72lwMznTPaxhcN1yQ87z44iegAAuUohh2PGE02DodynmQcYLLvGoeB4XdRualpskvYpqumNcTlsGI6N4xvuK4os0rmuUrg6UaEnERuJuLk6aEi6T1O+2IfViGB12qVafwIg0HkwqKVN1w==
.thenewstribune.com/	1970-01-21 05:06:46	Name: _awl Value: 2.1712278697.5-fe7711e583aee8bdff2041d5d94a6032-6763652d6575726f70652d7765737431-0
.imrworldwide.com/	1970-01-21 04:59:34	Name: IMRID Value: 96b426a0-f2e7-11ee-b1e6-bbcbe738d9c6
tags.srv.stackadapt.com/	1970-01-21 04:23:34	Name: sa-user-id Value: s%3A0-91262720-6c8e-576a-680e-d94059283e91.uMwK3hxcyVJq8H90RU0NaNsEdEfSURLUmo%2F73ENO8oQ
.srv.stackadapt.com/	1970-01-21 04:23:34	Name: sa-user-id Value: s%3A0-91262720-6c8e-576a-680e-d94059283e91.uMwK3hxcyVJq8H90RU0NaNsEdEfSURLUmo%2F73ENO8oQ
tags.srv.stackadapt.com/	1970-01-21 04:23:34	Name: sa-user-id-v2 Value: s%3AkSYnIGyOV2poDtlAWSg-kZVm7Uw.rYQmAtHlzqlkJVHUyEC1PXqD%2B3mhA9O%2BwlzfeQQy%2B2U
.srv.stackadapt.com/	1970-01-21 04:23:34	Name: sa-user-id-v2 Value: s%3AkSYnIGyOV2poDtlAWSg-kZVm7Uw.rYQmAtHlzqlkJVHUyEC1PXqD%2B3mhA9O%2BwlzfeQQy%2B2U
tags.srv.stackadapt.com/	1970-01-21 04:23:34	Name: sa-user-id-v3 Value: s%3AAQAKIKsx2MSpbOdCLEjbLqrfRInuAsuB8mp2RdOS61xhJWnmEHwYBCCpmb2wBjABOgT7-sM6QgS0r0cu.KCv%2B%2FtErJ%2BRvFClNIiu8fIiyvZ9hnrpr5qXUvaeiPnk
.srv.stackadapt.com/	1970-01-21 04:23:34	Name: sa-user-id-v3 Value: s%3AAQAKIKsx2MSpbOdCLEjbLqrfRInuAsuB8mp2RdOS61xhJWnmEHwYBCCpmb2wBjABOgT7-sM6QgS0r0cu.KCv%2B%2FtErJ%2BRvFClNIiu8fIiyvZ9hnrpr5qXUvaeiPnk
.thenewstribune.com/	1970-01-20 19:38:05	Name: bm_sv Value: D28627980062400DBB0A814188246D9E~YAAQJChDFwFrW5eOAQAA13nDqxflMb+XVmCHZmfevI18eRNtSxHQcufSt2ghOVlXMqbTcJjqRXWN6BKadDrzHL0adX98PdyqCfoI9WIIh/YaLmXEcmKnDzD9vnJvVfPvtKZ7Nv/3FcTpW0wCd7WFChtv20ps8N8HLMFmqgolAfa9DQoI5ZMoofutbcxK2Qnko2jy44diN6Y3bKPolLItFVsT+AECilzwPbsfd5cvNIh4T6rY66jpi5eAB/m7ouepaLhgeNwJn2w=~1

35 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	error	URL: https://www.thenewstribune.com/ Message: Custom state pseudo classes are changing from ":--webkit-scrollbar-track" to ":state(webkit-scrollbar-track)" soon. See more here: https://github.com/w3c/csswg-drafts/issues/4805
javascript	warning	URL: https://www.thenewstribune.com/yoibns-zol/thenewstribunecore.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.thenewstribune.com/yoibns-zol/thenewstribunecore.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	warning	URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://profile-api.amplitude.com/v1/userprofile?device_id=612140c5-3811-418f-89a7-ce101332c9f2&user_id=&comp_id=apflrqef Message: Failed to load resource: the server responded with a status of 400 ()
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accdn.lpsnmedia.net
ams-pageview-public.s3.amazonaws.com
api.dsp.mcclatchy.com
api.lab.amplitude.com
api2.amplitude.com
appllnc.robinhood-account.alsoekr.com
cd.connatix.com
cdn.confiant-integrations.net
cdn.keywee.co
cds.connatix.com
cmp.osano.com
d15kdpgjg3unno.cloudfront.net
dyv1bugovvq1g.cloudfront.net
edge.quantserve.com
edition.pagesuite-professional.co.uk
flowerstreatment.com
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
htlbid.com
img.connatix.com
js.matheranalytics.com
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
lpcdn.lpsnmedia.net
lptag.liveperson.net
mcclatchy-next-apps-prod.s3.amazonaws.com
ml314.com
profile-api.amplitude.com
region1.analytics.google.com
rules.quantcount.com
sb.scorecardresearch.com
scissorsstatement.com
sdk.iad-05.braze.com
secure-us.imrworldwide.com
securepubads.g.doubleclick.net
sqs.us-east-1.amazonaws.com
static.adsafeprotected.com
stats.g.doubleclick.net
tags.fullcontact.com
tags.srv.stackadapt.com
thenewstribune.com
va.idp.liveperson.net
va.v.liveperson.net
www.google-analytics.com
www.google.com
www.google.it
www.googletagmanager.com
www.i.matheranalytics.com
www.mcclatchy-partners.com
www.mcclatchy-wires.com
www.thenewstribune.com
www.theolympian.com
api2.amplitude.com
fonts.googleapis.com
fonts.gstatic.com
tags.fullcontact.com
104.126.37.152
104.18.33.216
104.18.41.104
107.178.250.234
13.32.27.122
13.32.27.47
142.250.184.200
142.250.185.138
142.250.185.163
142.250.185.196
142.250.185.98
142.250.74.206
151.101.66.132
166.108.36.245
172.217.18.99
172.64.144.166
172.64.146.152
173.194.76.157
178.249.97.23
178.249.97.99
18.245.31.100
18.245.31.78
18.66.102.15
18.66.112.27
208.89.12.87
208.89.15.170
216.239.32.36
23.41.180.11
3.160.150.11
3.239.232.237
3.73.232.59
34.111.134.78
34.117.77.79
34.120.154.120
34.160.169.226
35.161.181.150
52.213.253.4
52.216.57.89
52.35.48.138
54.166.51.141
54.231.229.201
65.9.94.19
65.9.94.57
65.9.95.107
65.9.95.111
65.9.95.52
65.9.95.9
89.117.146.210
91.228.74.159
01ad26e5a1b53ef98cc866f1adba993e70b0b9e8c0c95b5fc7c8272c499f71bd
043344f14664fa74b1744cea3730d52f7ce3b72a717ff386e51773c2fca9aad8
049a8a5187a4c95f03cc01d55a6daa270be5b82a711125fdcb1732c84a006f6e
05a2d655ee232563b85387b94ff3afd5caaf74d798d8ade812403145850efdae
087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd
08f989ee17cc05199ac13d01a734953dbfec9d20afcf881c9f2fe1b516cfcc2f
096d737de4e9d2ccaf1e6b46be90c8d4cc8e5186e13eb2a0d3936509c3512040
0b7129d7ee51ef87076a357b4879185b775c653742a3548f2b9239bf5702fdd2
0bb3754e5ea2f7bc2ee48c5dd9511630fd8440667c48040c7f7b1ae2cbec4d55
0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438
0f0bd416de7f6d50df9475de213d4f302fa4a511bbb92ea65648ad0201eca29e
0f183d0f4e84ac50c22fe0b6299ec2ca8c664eff2f3c2b13b02a58c0c1bfae2e
127f544fea1f2f0dd61c593422b5ecdde316255c84797d594f168a41bb2d68e1
1352d9f19f38565a5a7d98042146852ddc8b5a794e792e56fb1fa75a99e1af63
16d5275c40737437fb8673e2e76508537d2e890ccf93b793bc8ef439b42bb9ff
18d0bacf49a666542b8bbb6174ed0040dabe6168a449bfa50a5737c3c5c5d4fc
18f35c576aabd3eb7c3386c0467cd6f87bc054a669e66f6181152a46f397d63a
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1c75500024a3c8c767aafcfe7f9855172d55a13fb1abcb1c05d3995be3d49e6d
1dc6e7262014dd38edeba28d24bfd58d9f6cf602d492af2f4728fdab09074892
1e862bf1e216f81d079dc802b0dae8313937d4857175abb0f4706ec8f8f07cdc
20d4c3ced8ad401bc94a381d56881e6d44b4c417fcc3947e6df45a66d27feb0b
20eeb44faf121556f66aa5bda4c3db999a6947f165b904a91d062e95ea0f883b
211dccd9fc71815c1f2a3bf1936f08124aa5e05e3f454837441a55576e3623bb
2474a52af6156d70ad7515c8adeac75505b2d635ee81e35a1062db12671fda1b
2542418fdbee01b2fdbdd86ac037bffd0975ce82ea4a6b20c77d08327a720b36
26244febeabcf33b48f5304d38ed2818bac8bec309ed4c64bcd57bac53bd0a87
28289a2f4966ca287709dc7fda448623ca940527d9df5a2723602b522173196f
2ccf343e4aa7ece32c7e17999731f2e6e85052070c300f11218700365bc1c75a
33560c1b3cdb0f0066d12bc667eaffaeadae008628e5d945d8e8758c0d7859a2
33be8009498ea1eef7cddac48e0d062fef76ec5a3b1a119fd58fb97be2c135b8
370a6a20341c851395f82d70b1d217e2c0c43a786da9586a2e0698dcf358d21a
38304e5c3ca09a804ce4ee00a27b93cd0009e10993a1ab4a42b07b77907695a9
3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983
3fad3989db4364e84fa3adc76cf002739f4c4fdba066eb3c8227bbfcfd736111
4010c084980bf15e2821a537049b206d9d3dc48a5f2805eebff3a9118c55861c
40590b4987c9fd9984baab57acb8a2cfc70f8ec462e58e2c90975d86c30b62c9
4113ffe4bc912a18cc3f528d9d030fd011d99a0bb0109fc5f606e5c90d61420f
423c13eaf2df3fecc7cda2b2532c8ae530c6db03e7aa2356406461293af9f1bb
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44594cae08fc82c90fe3b90cc4ced65626debe72cd5c72afb4871989146d65d1
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
4717431cac23d7c95597a40834a132a468724d802c89781c4be11457b2061eca
4a2081804c54778c00a9a7ff954c27f278aa9b6d2883d63974d671a0686171ed
4eed07e8e09e78e67df53181fe755df6dbfa4a57bc2bbd899e8d6a8b7e2d036a
52aaa1abe9c4f150936f6bafd00d5679c57c0d8e23d55a0e085cdc94231ce03c
551af58c2ce33c58ebc151a61b8d1d28e54ab9ce177d4fac749f0ebc50054cb9
57afe71ac655314241050d36be66fba3f3b5baa4f47c41132a6f12603ee0d305
583c5ab94616caf932d4a62e8a1cd08b41131e2214f54b76ff282246ec880de1
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5d0ba219cd1d0a9120a5ba71640a1a056df13752f136476d4058fb55fab809cb
5e33790c4c6d5893103a96a4feb3b597173a66b1d9b3a9051071f9e1d5d4487d
5e7c56225761cba484a505c07320d2814dce443e9c0d77b8dd3f89318d3c9512
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5f3013245f4ee591e331364ee5044664a65048925168bfee28037bb16082f5b2
628c6c3bdd7c2f5ea63e49790c25eaa4c9f9ad9ae8ba810cd82858f456489064
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
65e742611f97345f5613686cc9a6380710bdd29088fe42937639b4b2d40057a4
67d662cd25558ba673b54a6af757bde8c939661afcd7d2d489ec910920bcd084
68b8e71982e93fa7dd2f406283c640fa9e5cb2bcae72669d20f54012c428da3d
6962b66dc626e993060acb3bc1c2ebdc75a90ba20e4d40e94b7e4d6e4ad0c6d4
6a16937c0fd3fc17ce0ac92c46b48049fe0b1f90d6560a77fe3df0c636e22a17
6b40a82f9c863bb6ebcdeffa9f6b9bb1e546639173a6683e7ca79e5eeef90736
6f28aaf1531a9eaf16758dc039f16a49e9e8c8d19a32c28a92b751604fd11fc6
6f7c25f72c00756bccd05b40b0786ac035ebabd3c69b6e67f90ae02a30670e7e
70b914de15dd75628895223bfe09012e3687598bca4dbaa34a97234f6a8826e9
70cd7241d20f03e97a6fd7df65d56f5bd1ba507c2f3862ebaf3249f7206e3ecc
714158968baec7f59fe13f9f42090f4e182e76a5343aebfa037953a80eb72f22
7150e070ea9cffde2556688ca1519d10614a360002cc314e2cf2805e1616bcb7
74b1c9d0e9a310c68a2437a307ddc5f8c58ab3dd1ef63299c2982961837abe5d
7537174223ffff67e8692a645e6161170f0dda4abaa7cde03063070e8a8fedac
75d9d212e2811afea51e1b0d425566c5b3f2be843066b5a8f91f9df7c328cda6
799661126c924c8819eb17ce1da3dc6855bb66060813f2258745b9a98e681b30
7a275930458e5cff6c6205cb1fbd7f1d3b0e2015032356cf230cf4f0b8e26084
7ccd32d3fde65cf4e7cfa1713cf95eaa7a64b270ba67c053cd8c735870862835
7eefee06bdc64fa60ef5e0752071498970f1f5a8d76832bffe09b4f6ce5e1767
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
817875cd68037c353805b105c90fbf96f433f0f26d2d5acbe408eecbe5f7e0ab
83edd69e4ee72c08daf61f8c71942aa328234e3c504c4a56a7f681288dc2e081
86a57504cf0c4719335f01a1eb3403b7c55f06ebcb38428e7368868c843411dd
8856cb0a8fb9615673fae7be84a0bac4128660b2eac4492c648dd38e19746bd8
8dab392b28d325d42c0365fdf71e1be56f966651b26f27b123246696373a4a7e
900bc17f4833e66506b5c6eb81b411b978b7e3bebab10640beda1eda7088f9db
9038c228c1cf1d0662eef64a02510d249efa1c80968c95e98212884feccaccda
91c01ec0de315f973f4c00041b7ae25e1a790cedff79a6fbb56c571bba379142
933c7572dff33c3ce87605d13e82587604d8f438c907a983a6f0f42758260e60
93462df8fa31117c8fba86ca7468f54dd696d93ee8594ee0ea27c8bb608dcdea
97d000fed506d0fc61c967af53068ca8d303d2399d067aae318c3996e09bcbba
99fdec747b2329d95e5a1eddfa8923d19884f623c531a026ea58a4cdc62747b2
9a4a7896a5b785917bbebe663b9317d7fc4a60a71fbffe55146aa0a313699d97
9a5e1bdbea96f3c5d3c726b22fe2950b290fb6725acfdfc73a2c5a863a018a8a
9d3959df4ebd84904a1622b6d7c9728f487e0c4d372f9bc2f59d0c480702f9c5
9df45bca75f40361bb4237ecadba9cea31e342d6257b9a2c5909dc3eecd3b5d2
9eeb411ec67a6843976f1f732dbd3e87c3a1eb2c74d0e34352e424913a7e3809
9f44fcd9f7831bb71d00b90300ae65e4d70d966bafb4ca37fc5be5df0d40e1e0
a084cb4687796fe0d8a337abc919d941c9d9b15841988064d984129078b3a548
a092ad0deb0435dd7f254e9bfa95242c2eb8b91796f2326f02087f06248d22be
a1a850fd1774ef1f9ad3314570b39867b72669a78e9dc00c7dbae09e3e81a010
a1bbf311a97d745ee2ad293388c94c5582d1b8b81060548aed6608436f23b9ee
a546948ca66cfdbf989020aa7d713223aea1af40f4f4d1ae93aa519e951e55da
aa0ba3e329b42ad936e98375c23a70c763bc8a9baedce516500f22c38a13c9bc
ab2dbf9a0ed82a1460ff737492fae60343a46c7a427fa5d947af324a44c03681
abe3ac72ebc0a423818ca1b707078688fc103b8c591da65e52fbe603fcc941cc
add88b7a6c32b312e72bfe9f25c06fd369263f949a7390bc27746d165cdadbc0
aeefaae7e90680816ec89d5a80f2e8e9f07ef6a56a1d66fa2f8dc07a8a92b820
aef12165837b623d13889120b8b3435f600065385fb4bd594721e42db2df57be
b10e232b00994b00b71355e84abd64fccf608d5e25df448708f2ef3b430ac7f8
b334d307a7f2e0b9d984abf570ca1db9ee9af3eba9b2fea509bb56a4ac8be0af
b4cd4f889e2c7dd71da12d2b0a29aa6346de2e5d8b3c882d7700d64c700f661d
b58b8ca6976b60a8e73fa71bb28b16937f5690209b9c936c6db7bd01cb1cb3b4
b7113fcc4a625bdfc2442cdef2f9b098529638f0b27a067f5dde9b0068c2fe19
b725042d8e83aec9c41bc90a41496bdcac96d450f13fdd011fb866d5c821e701
b77c6b9260d230f8517e9f83d146697faa8954c1c0d14c40986e377f58e0da94
ba362a55b7c5e5a729e631006c70f811f9815df6fed10a8bef33616d8a678fa4
bcb050bac407e09068a654b181d8300c257158f0605c818ab9958985cb652c03
bf381b88aa02e17e8b64a656f06deeda746cf28295e53834f008e02ad07ee5d5
c073b660c35f54f8d5dabdf1bbc7914fbdc02680a6bab2ca243cf0b6ae12eed7
c268f00342a0c6d07503dd18773ae81fe60375f91387d1e5803c5407adccd2e9
c2705632879b9e4cf84ca44ec56248c4e6a28f23f6776f5c442f893c2afc3d66
c3bd4503ec917616ac4669ca690025384c0236a32eab51e826855177613fc91d
c5fe4b16f14fbab784667a876b5b687b1278e692b64a5e5b04e2da18bbd3de52
c613bd0434cd5a0f6d1db345a5b36c8bdc6339e96ffde9695340aa1094399f43
c64d35bedcee579a5de631e49efcefd908e944a3fc0e937eccb21cdea40f1240
c7064bdcd04183dae27f707e6805423ccbc56f8ad72df39c63b9019a10a91c8f
c884197b78f7eaa1658d79d3788b3e0f604b2a31cfac8e48a1408b722e2a87a0
c941903fd0e0008296070d47ca240561a8006e92a7af4281afdc0057940cc2b0
ca365f2768229edf4b53e7a7123dc8a9b45bf8edaa0ac04c3c33d858e601abdf
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ccf37446ea1ee83a3fce3f04bd63d69bb12d619e8e4c359540df4b94638daf74
cf365b359114dcf46d0d5900d6496f6d03d86444f4a72bb8c9d9a48225e53891
cff127a97aa223e1d9817b69c60c9f981d518821e22e229ab20ef825bc04ff3b
d10f564111b281963c5fb5366bf9a944c91d141643ea0e711f7a9803d49f1b2a
d172d3fa9e3a275a4c24dfa2f6e93f529f8ce5ac88f40cb0b221a4e8da0a0b91
d29d84e698eb10452f97d8a6f249b73496beb844cef58e920e3832bd321d64a2
d33fe436efda4387ab1cc80a99689b7b504775b2aa828d3e6c48d04ac2369648
d35851b6105713ee65d3d0de39a15b81aac4e989ab552d8383fad0618b374e83
d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d722b262f280460d6f3092516abf3ad852bf0f5082e9a9727470be6e8dfef07b
d7bdbba4c2d51d9824f4aefd5897876241e37d083442db4bafc5b1795760f1e3
d8066df3f075ae86ba09a216ad6bf71a22801537b47cb873449c66178b1f0ddc
d8b4c5dd1d5c48f607331cc629d2cdf72311778309e8ff759d0cda3211fb5408
d8ec6349a216d77f1f33ed4bf7415efbc85895dabac621905c466e6894647cbb
dc1cc055cf32d9bde0aaa40010601df5967d4fdfc783c3a08c1b55735ad9d3ab
dcece8f7df774b4b978e8cb0bfa09da8ea8de2dd9cdc4deabbf691594ca0ee4e
dd8928e3b759b487ee4418acab498c05884da2da460fb40b89e83c3fd2814c6c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df2957d3c22ec130165e61139a6cd1736c70ef7a241e41f4a90fbc3da022099b
df966430d36d0f9a0c25cb72a40a5f24a4c82d3eebb4a9f51ad563d328487eaf
e02e8bd723bb1f723e0d18042a136c9be7dfa3f40ec42279a2bff7fc047550e1
e33d4565bdbaf2ffd0d9fc9964475d388d74012e261f01975b18705df8041cd9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e524b2f3e3e11c7fe8fa9a7fd7975113a32693c05b2b0223ab27aa24f17270d2
e580b0d91f4818660e047e862fea67a19d3015d719c54a4dba25123c06b2f9da
e89e0a03ec1205ef9c3d12072b324dbc59023f41c92f99626becf25de46311b1
ea86b9cd949cd84e852b061861ce571baeaed905cadeae107e28b13250333af9
ed69dc44b5e58d6ac0810c7b45c8b4f8e71c94a983b55ae156a8d036d49e8e4e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2a4f275e69e2531611967eca799b51590fdcad36fb0b2f4f1be28806e719c76
f3f8d02a7a7b9fc07dcc70c897787cc409719570b458412f476e9ccd97c7d2d6
f60413dd2940de49e26d7c52c0b49339c08cf94393b5d6930e7817cd829703ab
f6e4be20312e2b84c81275836c74764a61075c14fc7c58073c778e61efd19428
f9113f0b050ab064eea7a54ae3275c58826b11ad63ec77bbf97b47f6d44db977
f9a5649d70f74cde04ab0c3f8a8f41810772e9970befa7fee8e339bcf4dd3b08
fbf5a809affc2436edaeec5bf7b723d8feaf4f9e7cbd8ba5f7f0f1e237b17f27
fc877ff7395eccf9a45bf6dcb638011f15c40b568943f95fccbb4401c80b1a89
fcb19003d668881c82fe13d804046d5fd2e3cdb820219a7d787296f592ca266c
fff364aa1827b5ddbba93ef79f83b3f0495e28329d5d44e5e8c57b237ba65a3f

www.thenewstribune.com Open in urlscan Pro 23.41.180.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

222 Requests

75 %HTTPS

0 %IPv6

37 Domains

53 Subdomains

48 IPs

5 Countries

3252 kBTransfer

8511 kBSize

11 Cookies

28 Outgoing links

Page URL History

Redirected requests

222 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.thenewstribune.com Open in urlscan Pro
23.41.180.11 Public Scan

Screenshot
Live screenshot

Full Image

222
Requests

75 %
HTTPS

0 %
IPv6

37
Domains

53
Subdomains

48
IPs

5
Countries

3252 kB
Transfer

8511 kB
Size

11
Cookies

222 HTTP transactions
2 data transactions