www.nationalobserver.com Open in urlscan Pro
2606:4700:10::ac43:1aad Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium...
Effective URL:
https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium...
Submission: On December 09 via api (December 9th 2020, 2:53:46 pm UTC) from DE

Summary HTTP 65 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 10 domains to perform 65 HTTP transactions. The main IP is 2606:4700:10::ac43:1aad, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.nationalobserver.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 3rd 2020. Valid for: a year.

This is the only time www.nationalobserver.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
39	2606:4700:10:... 2606:4700:10::ac43:1aad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.217.18.162 172.217.18.162	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6811:bab1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c02::9c	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:814::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81e::2001	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
65	11

39 2606:4700:10::ac43:1aad (United States)

ASN13335 (CLOUDFLARENET, US)

www.nationalobserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:bab1 (United States)

ASN13335 (CLOUDFLARENET, US)

experience.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
buy.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c02::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

789d7e6933eae34fa23442bda6f5df7e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	nationalobserver.com www.nationalobserver.com	2 MB
6	googlesyndication.com 789d7e6933eae34fa23442bda6f5df7e.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	13 KB
5	tinypass.com experience.tinypass.com cdn.tinypass.com id.tinypass.com buy.tinypass.com	130 KB
4	google-analytics.com www.google-analytics.com	52 KB
3	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net	99 KB
2	facebook.com www.facebook.com	311 B
2	facebook.net connect.facebook.net	92 KB
2	googletagmanager.com www.googletagmanager.com	97 KB
1	google.com adservice.google.com	803 B
1	google.ca adservice.google.ca	803 B
65	10

	Domain	Requested by
39	www.nationalobserver.com	www.nationalobserver.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
2	www.facebook.com	www.nationalobserver.com connect.facebook.net
2	connect.facebook.net	www.nationalobserver.com connect.facebook.net
2	experience.tinypass.com	www.nationalobserver.com cdn.tinypass.com
2	www.googletagmanager.com	www.nationalobserver.com www.googletagmanager.com
2	securepubads.g.doubleclick.net	www.nationalobserver.com securepubads.g.doubleclick.net
1	buy.tinypass.com	cdn.tinypass.com
1	id.tinypass.com	cdn.tinypass.com
1	cdn.tinypass.com	experience.tinypass.com
1	789d7e6933eae34fa23442bda6f5df7e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.ca	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
65	16

This site contains links to these domains. Also see Links.

Domain
static.nationalobserver.com
www.youtube.com
national-observer.myshopify.com
www.vancouverobserver.com
canadianjournalism.ca
www.facebook.com
twitter.com
instagram.com
www.linkedin.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-03` - `2021-08-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.piano.io Sectigo RSA Domain Validation Secure Server CA	`2020-09-17` - `2021-09-17`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-11-02` - `2021-01-30`	3 months	crt.sh
*.google.ca GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
Frame ID: EE6816C53569A9D1D1FF1905CA0FFBA6
Requests: 63 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 1C53E14B38D1CA72338287AA699D02AC
Requests: 1 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/show?displayMode=inline&containerSelector=%23site-broadcast-inner&templateId=OT9X4IMM1QSE&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAI2R0W-CMBDG_5c-26QtBUvf2EaULOrM1DneCpxQA5VBQZNl__uQzC1L9rB7u_t93-Xy3TtSOkMSxX7Sd0_B_WuAJqhWOew0nKMrYYQRTBkmPqYudh3MBHZ8it3q4tgsXO3oeTM3aYw98DyRKEqzLD2AAJ6RAzhKcA4qUSQbFsOlhkaDSWFcHe7FMl7MXmaPUfSLhhdIO6tPZpTRhAvrC1LkmAzFrJ72p6oAo3Kj2qNti0Lnv_xB-m1ui9N5A1VdKgt07m-JeIi3S_eOeYOjUO2NIWmbDibIfvWjebXx9zxaLOj6OUQ_bKcarYy9SkxXlhOUqqpWOjftbdDrVo8c9fjvAB0sgnVxzDvgILxi_9b_J0BdXz-iCJX8ICT1mXQ55VKygXUtNEEOxg6SrEqv99oSSeqRqUcZIeLjE9zi2zLtAQAA&experienceId=EX8NZMGWGKII&tbc=%7Bjzx%7Di4cQEliGphDucRXKRMu_I9lst30YJriZm8Pc68ZYvkrWGrWtrwEFOZdnuVIMV0BUMN21RhEc7hA_XGWDiJey6c1OUuo7aLiCYHGIxEx4hBMGoqTidjcVU4CyBalhs_GUCVG_RXn-uiONfDaQYYJiQw&iframeId=offer-0-v9ZjW&url=https%3A%2F%2Fwww.nationalobserver.com%2F%3Futm_source%3DNational%252BObserver%26utm_campaign%3D2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45%26utm_medium%3Demail%26utm_term%3D0_cacd0f141f-2c21a96285-277178234&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=Z9bvuPACYA&tags=front&zone=public&pageViewId=2020-12-09-15-53-28-391-5mx3tdEOV1wTHncZ-6e668ba11ddcfe8e4d0fe3a844eaba0d&visitId=v-2020-12-09-15-53-28-393-8AQhjgue4e86hXqv-6e668ba11ddcfe8e4d0fe3a844eaba0d&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%22_pc_nat_brief%22%3A%22nosub%22%7D&hasLoginRequiredCallback=true&width=1600&_qh=e1a37f7369
Frame ID: 1DD23F876DDF8DCB0E4A0ED846CDA955
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Drupal (CMS) Expand

Overall confidence: 100%
Detected patterns

headers expires /19 Nov 1978/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers expires /19 Nov 1978/i

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

65
Requests

100 %
HTTPS

91 %
IPv6

10
Domains

16
Subdomains

11
IPs

4
Countries

2630 kB
Transfer

4147 kB
Size

9
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://static.nationalobserver.com/digital-fractures?utm_source=website&utm_medium=home_cta&utm_campaign=regular&utm_content=button&utm_term=digital_fractures
Title: Download

Search URL Search Domain Scan URL

URL: https://static.nationalobserver.com/digital-fractures?piano_status=logged_in&utm_source=website&utm_medium=home_cta&utm_campaign=regular&utm_content=button&utm_term=digital_fractures_sub
Title: Download

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=OaFnZ2rt1hw
Title: Watch recording

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=zi6ae6kZNqE
Title: Watch recording

Search URL Search Domain Scan URL

URL: https://national-observer.myshopify.com/
Title: Shop

Search URL Search Domain Scan URL

URL: https://www.vancouverobserver.com/
Title: VO

Search URL Search Domain Scan URL

URL: https://canadianjournalism.ca/
Title: CCJ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/nationalobserver

Search URL Search Domain Scan URL

URL: https://twitter.com/NatObserver

Search URL Search Domain Scan URL

URL: https://www.youtube.com/nationalobserver

Search URL Search Domain Scan URL

URL: https://instagram.com/natobserver/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/national-observer

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

65 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.nationalobserver.com/ 76 KB
16 KB 1199ms
1173ms Document
text/html 2606:4700:10::ac43:1aad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1aad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4033fe125bc4912b399636e14b7ef202fe63b3b5cd50f1c094da1695270d878e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.nationalobserver.com
:scheme: https
:path: /?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 14:53:27 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d96bd36ce18645a941539b42249753e531607525606; expires=Fri, 08-Jan-21 14:53:26 GMT; path=/; domain=.nationalobserver.com; HttpOnly; SameSite=Lax
x-drupal-cache: MISS
x-content-type-options: nosniff
content-language: en
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=edge
x-generator: Drupal 7 (http://drupal.org)
link: <https://www.nationalobserver.com/front>; rel="canonical",<https://www.nationalobserver.com/front>; rel="shortlink",<https://www.nationalobserver.com/profiles/natobs/themes/custom/nat/favicon.ico>; rel="shortcut icon",<https://www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/icons/icon-192x192.png>; rel="icon_192x192",<https://www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/icons/ios-iphone-114x114.png>; rel="apple-touch-icon-precomposed_114x114",<https://www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/icons/ios-ipad-144x144.png>; rel="apple-touch-icon-precomposed_144x144",<https://www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/icons/ios-ipad-152x152.png>; rel="apple-touch-icon-precomposed_152x152",<https://www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/icons/ios-iphone-180x180.png>; rel="apple-touch-icon-precomposed_180x180"
cache-control: public, max-age=300
expires: Sun, 19 Nov 1978 05:00:00 GMT
vary: Cookie,Accept-Encoding
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=63072000
last-modified: Wed, 09 Dec 2020 14:53:26 GMT
x-varnish: 34695898
age: 0
via: 1.1 varnish (Varnish/5.0)
x-varnish-cache: MISS
cf-cache-status: DYNAMIC
cf-request-id: 06e9973b7300001f393ba0c000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5fef8e3f1bad1f39-FRA
content-encoding: br

GET
H2 200 proxima-nova-bold.woff2
www.nationalobserver.com/profiles/natobs/themes/custom/nat/fonts/proxima-nova/font/proxima-nova-bold/ 22 KB
22 KB 729ms
728ms Font
text/plain 2606:4700:10::ac43:1aad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/profiles/natobs/themes/custom/nat/fonts/proxima-nova/font/proxima-nova-bold/proxima-nova-bold.woff2

Requested by

Host: www.nationalobserver.com
URL: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1aad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd0a50b9c36bd8e504951a962763814e3418ef6d5b746e2802d0aec962a474a4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.nationalobserver.com
Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Wed, 09 Dec 2020 14:53:28 GMT
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
strict-transport-security: max-age=63072000
content-length: 22128
cf-request-id: 06e997400c00001f39ef33b000000001
last-modified: Thu, 26 Nov 2020 19:22:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 31011789 14480837
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 5fef8e467ca01f39-FRA
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description

GET
H2 200 proxima-nova-regular.woff2
www.nationalobserver.com/profiles/natobs/themes/custom/nat/fonts/proxima-nova/font/proxima-nova-regular/ 21 KB
21 KB 710ms
709ms Font
text/plain 2606:4700:10::ac43:1aad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/profiles/natobs/themes/custom/nat/fonts/proxima-nova/font/proxima-nova-regular/proxima-nova-regular.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1aad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3e9edd59000085678cdc16c87a70b76b869c7010948cfe01aaf891e8b8d6478

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.nationalobserver.com
Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Wed, 09 Dec 2020 14:53:28 GMT
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
strict-transport-security: max-age=63072000
content-length: 21700
cf-request-id: 06e997400c00001f391c0a2000000001
last-modified: Thu, 26 Nov 2020 19:22:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 29505681 24110464
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 5fef8e467ca51f39-FRA
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description

GET
H2 200 proxima-nova-extrabold.woff2
www.nationalobserver.com/profiles/natobs/themes/custom/nat/fonts/proxima-nova/font/proxima-nova-extrabold/ 22 KB
22 KB 713ms
713ms Font
text/plain 2606:4700:10::ac43:1aad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/profiles/natobs/themes/custom/nat/fonts/proxima-nova/font/proxima-nova-extrabold/proxima-nova-extrabold.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1aad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c10dda92767ee7e5a9018e3085b03074060ca0318b7ea5b5cccd03d06e90f0c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.nationalobserver.com
Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Wed, 09 Dec 2020 14:53:28 GMT
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
strict-transport-security: max-age=63072000
content-length: 22404
cf-request-id: 06e997400c00001f395b80b000000001
last-modified: Thu, 26 Nov 2020 19:22:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 29906689 23950002
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 5fef8e467caa1f39-FRA
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description

GET
H2 200 css__65kM4zlaIyVDYAn2kAGrH4hfsmdne22qW3KPZz1uuzA__HIDE0arriNOGOnN-d84YmzH6Db3nFkIDTtbbGMvjZ-w__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.css
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_css/ 15 KB
4 KB 12ms
12ms Stylesheet
text/css 2606:4700:10::ac43:1aad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_css/css__65kM4zlaIyVDYAn2kAGrH4hfsmdne22qW3KPZz1uuzA__HIDE0arriNOGOnN-d84YmzH6Db3nFkIDTtbbGMvjZ-w__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1aad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcc7fe73b7500d838a58d1b908da476364bb087b453f5f4d0b2c374b849e446e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2962988
cf-ray: 5fef8e467cae1f39-FRA
strict-transport-security: max-age=63072000
content-length: 3972
cf-request-id: 06e997400d00001f39e4915000000001
last-modified: Thu, 15 Oct 2020 08:07:05 GMT
server: cloudflare
date: Wed, 09 Dec 2020 14:53:27 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 20750402 23504547
via: 1.1 varnish (Varnish/5.0)
cache-control: public, max-age=31536000, no-transform, immutable
accept-ranges: bytes
content-type: text/css

GET
H2 200 css__-F-28WDUJfuhSiGMCRLWOtsNrqhOYEPnxe5S_SHxHqE__y-ufwb3uKgCcPsIn_H8UGQTTP2S-VQ9rfi3tf615AK8__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.css
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_css/ 215 KB
30 KB 13ms
13ms Stylesheet
text/css 2606:4700:10::ac43:1aad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_css/css__-F-28WDUJfuhSiGMCRLWOtsNrqhOYEPnxe5S_SHxHqE__y-ufwb3uKgCcPsIn_H8UGQTTP2S-VQ9rfi3tf615AK8__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1aad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88400ee72941490b27858e2378dcfc56b3a2521141bb13e1c65c606c85a51ae4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 63713
cf-ray: 5fef8e467cb01f39-FRA
strict-transport-security: max-age=63072000
content-length: 30097
cf-request-id: 06e997400d00001f3957290000000001
last-modified: Tue, 08 Dec 2020 20:59:20 GMT
server: cloudflare
date: Wed, 09 Dec 2020 14:53:27 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 35322258 42488247
via: 1.1 varnish (Varnish/5.0)
cache-control: public, max-age=31536000, no-transform, immutable
accept-ranges: bytes
content-type: text/css

GET
H2 200 js__6NgjuVoigBzknb8S2rb0ijohEWjJW265Lt3GROCiQRY__Qhea6RDplNJ2pLQvmyQAVJRF1pEtraO0RE_qIilM6Fc__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js Show response
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ 55 KB
19 KB 23ms
23ms Script
application/javascript 2606:4700:10::ac43:1aad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/js__6NgjuVoigBzknb8S2rb0ijohEWjJW265Lt3GROCiQRY__Qhea6RDplNJ2pLQvmyQAVJRF1pEtraO0RE_qIilM6Fc__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1aad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c26421e16e6e09907c2ca663f148367c7d335758ef92ce4fa51a75f5fcd06ca

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 54783
cf-ray: 5fef8e467cb21f39-FRA
strict-transport-security: max-age=63072000
content-length: 18898
cf-request-id: 06e997400e00001f3916bdb000000001
last-modified: Tue, 08 Dec 2020 23:40:05 GMT
server: cloudflare
date: Wed, 09 Dec 2020 14:53:27 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 43816687 43777972
via: 1.1 varnish (Varnish/5.0)
cache-control: public, max-age=31536000, no-transform, immutable
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 js__0HVHSq1HKO0cV1SD0I1hm4EfdUPrikm-yDiwQg8hsMQ__40YrL2aSiZmfap0peqfapAZpogiJynGBflb-zJ7vQQo__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js Show response
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ 6 KB
2 KB 24ms
23ms Script
application/javascript 2606:4700:10::ac43:1aad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/js__0HVHSq1HKO0cV1SD0I1hm4EfdUPrikm-yDiwQg8hsMQ__40YrL2aSiZmfap0peqfapAZpogiJynGBflb-zJ7vQQo__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1aad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7798f3947141f95f35a6890c5e7df7eb25c4097e92a2f8fc813963ce37aa58cd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: MISS
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 547103
cf-ray: 5fef8e48185d1f39-FRA
strict-transport-security: max-age=63072000
content-length: 2234
cf-request-id: 06e997411100001f39f6ae5000000001
last-modified: Thu, 15 Oct 2020 08:07:05 GMT
server: cloudflare
date: Wed, 09 Dec 2020 14:53:27 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 36891543
via: 1.1 varnish (Varnish/5.0)
cache-control: public, max-age=31536000, no-transform, immutable
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 js__HuMlYbe9VM6ioIEqzbLN24SNkjHWISa7rXLvTEol6b0__AdhAFZ5QAk_VrKkFUOCnxJb9ANrhuWlKf15A7QHm14M__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js Show response
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ 3 KB
1 KB 18ms
16ms Script
application/javascript 2606:4700:10::ac43:1aad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/js__HuMlYbe9VM6ioIEqzbLN24SNkjHWISa7rXLvTEol6b0__AdhAFZ5QAk_VrKkFUOCnxJb9ANrhuWlKf15A7QHm14M__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1aad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69b116c12bbdb23eab4b5600fb5e071a12c5d47494c7a600ffacc4ffa4cd44aa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 461466
cf-ray: 5fef8e48185e1f39-FRA
strict-transport-security: max-age=63072000
content-length: 1080
cf-request-id: 06e997411100001f3908183000000001
last-modified: Thu, 15 Oct 2020 08:07:05 GMT
server: cloudflare
date: Wed, 09 Dec 2020 14:53:27 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 39688533 38848692
via: 1.1 varnish (Varnish/5.0)
cache-control: public, max-age=31536000, no-transform, immutable
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 lji_canada.svg
www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/maps/ 103 KB
42 KB 28ms
26ms Image
image/svg+xml 2606:4700:10::ac43:1aad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/maps/lji_canada.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1aad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f60c0a6768f0d5747867595475c0c20f9887ceb69377168f7c55d662b2e8e19

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Wed, 09 Dec 2020 14:53:27 GMT
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2742
cf-ray: 5fef8e48185f1f39-FRA
strict-transport-security: max-age=63072000
content-encoding: br
cf-request-id: 06e997411100001f39ff92e000000001
last-modified: Thu, 26 Nov 2020 19:22:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 31011794
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
content-type: image/svg+xml
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description

GET
H2 200 js__9Dyd-fwxZ7oMH5MbaoCOKCADnhvouFdMwSw8XaZPpzw__8UaUa8dH70EmVutbPdVpk05Bd1Paov93TS0FM81CAZU__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js Show response
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ 167 KB
57 KB 21ms
19ms Script
application/javascript 2606:4700:10::ac43:1aad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/js__9Dyd-fwxZ7oMH5MbaoCOKCADnhvouFdMwSw8XaZPpzw__8UaUa8dH70EmVutbPdVpk05Bd1Paov93TS0FM81CAZU__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1aad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44e56ef0e5dd6e0abfe0af2bd8463e1ce174576747f7a71980b4559fea97fa50

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1091064
cf-ray: 5fef8e4818551f39-FRA
strict-transport-security: max-age=63072000
content-length: 58590
cf-request-id: 06e997410f00001f394e176000000001
last-modified: Thu, 26 Nov 2020 23:29:21 GMT
server: cloudflare
date: Wed, 09 Dec 2020 14:53:27 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 31235036 31268442
via: 1.1 varnish (Varnish/5.0)
cache-control: public, max-age=31536000, no-transform, immutable
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 js__Jq-OeEoSxwKKsa6agvxFoVf16cmQ4O2SuyHioLSRnug__ii4xEx2h8Bux_I1upuUOV2JBiJOGW8RJV0TLQaT70DA__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js Show response
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ 79 KB
22 KB 14ms
12ms Script
application/javascript 2606:4700:10::ac43:1aad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/js__Jq-OeEoSxwKKsa6agvxFoVf16cmQ4O2SuyHioLSRnug__ii4xEx2h8Bux_I1upuUOV2JBiJOGW8RJV0TLQaT70DA__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1aad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

beda2da2b2330d393ebe11f55360dfdc1fde838ab3a8f63b0cd540752d80f9a4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1091064
cf-ray: 5fef8e4818571f39-FRA
strict-transport-security: max-age=63072000
content-length: 22203
cf-request-id: 06e997411000001f39e386b000000001
last-modified: Thu, 26 Nov 2020 23:29:20 GMT
server: cloudflare
date: Wed, 09 Dec 2020 14:53:27 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 29906692 23949604
via: 1.1 varnish (Varnish/5.0)
cache-control: public, max-age=31536000, no-transform, immutable
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 js__drBntGipoEDHhAASZjSa3VmJSsxTjXyTzp58fKGniPo__mFnendQQxsmJHufyCu_ODVQkaSoA8zl-DRJ-O1AasAE__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js Show response
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ 8 KB
3 KB 20ms
18ms Script
application/javascript 2606:4700:10::ac43:1aad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/js__drBntGipoEDHhAASZjSa3VmJSsxTjXyTzp58fKGniPo__mFnendQQxsmJHufyCu_ODVQkaSoA8zl-DRJ-O1AasAE__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1aad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3fc334e19b3509707d7676c747ef6f0cd0842e9b485189d13eb3512fdd53fe0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1091064
cf-ray: 5fef8e4818581f39-FRA
strict-transport-security: max-age=63072000
content-length: 2871
cf-request-id: 06e997411000001f392535c000000001
last-modified: Thu, 26 Nov 2020 23:29:20 GMT
server: cloudflare
date: Wed, 09 Dec 2020 14:53:27 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 31235038 24110414
via: 1.1 varnish (Varnish/5.0)
cache-control: public, max-age=31536000, no-transform, immutable
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 js__c_-bq4LKl0Z9t_k2kzeOw_YN4hUHeBZq9qjx7iC7uTI__zvBArVrAHvw2FfFmKP0epOKR6omrBA1dazT-SXbyEoE__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js Show response
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ 24 KB
7 KB 14ms
13ms Script
application/javascript 2606:4700:10::ac43:1aad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/js__c_-bq4LKl0Z9t_k2kzeOw_YN4hUHeBZq9qjx7iC7uTI__zvBArVrAHvw2FfFmKP0epOKR6omrBA1dazT-SXbyEoE__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1aad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef6b730887f786f8ddcc05814d30d04c8f7f1606975be3f408e497963986efd1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1091064
cf-ray: 5fef8e4818591f39-FRA
strict-transport-security: max-age=63072000
content-length: 7105
cf-request-id: 06e997411000001f395729c000000001
last-modified: Thu, 26 Nov 2020 23:29:20 GMT
server: cloudflare
date: Wed, 09 Dec 2020 14:53:27 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 20149087 23949976
via: 1.1 varnish (Varnish/5.0)
cache-control: public, max-age=31536000, no-transform, immutable
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 js__sMS63duh3VzRUILRtqOmW35WVeDp-TxtPGhPQPTYP1g__JYl3-wE51W3FC9lSWf2TCTIoMk-HfEMSI4N-C3ptwo4__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js Show response
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ 31 KB
9 KB 15ms
14ms Script
application/javascript 2606:4700:10::ac43:1aad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/js__sMS63duh3VzRUILRtqOmW35WVeDp-TxtPGhPQPTYP1g__JYl3-wE51W3FC9lSWf2TCTIoMk-HfEMSI4N-C3ptwo4__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1aad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e516b37314d7d5e77025c54027e4d966584ed7333d6332cbbfa6d187b9ff9e9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: MISS
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 461466
cf-ray: 5fef8e48185b1f39-FRA
strict-transport-security: max-age=63072000
content-length: 8727
cf-request-id: 06e997411000001f390214a000000001
last-modified: Fri, 27 Nov 2020 02:10:44 GMT
server: cloudflare
date: Wed, 09 Dec 2020 14:53:27 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 39946045
via: 1.1 varnish (Varnish/5.0)
cache-control: public, max-age=31536000, no-transform, immutable
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 pubads_impl_2020120201.js Show response
securepubads.g.doubleclick.net/gpt/ 278 KB
98 KB 124ms
60ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js

Requested by

Host: www.nationalobserver.com
URL: https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/js__6NgjuVoigBzknb8S2rb0ijohEWjJW265Lt3GROCiQRY__Qhea6RDplNJ2pLQvmyQAVJRF1pEtraO0RE_qIilM6Fc__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

sffe /

Resource Hash

05512d815f46a3dd0e9aaa163dad6808ea2c7d43c89fe74b821c879c4b1b5046

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 09 Dec 2020 14:53:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 02 Dec 2020 09:38:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100031
x-xss-protection: 0
expires: Wed, 09 Dec 2020 14:53:27 GMT

GET
H2 200 logo_header.svg
www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/no_logos/ 6 KB
3 KB 731ms
731ms Image
image/svg+xml 2606:4700:10::ac43:1aad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/no_logos/logo_header.svg

Requested by

Host: www.nationalobserver.com
URL: https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_css/css__-F-28WDUJfuhSiGMCRLWOtsNrqhOYEPnxe5S_SHxHqE__y-ufwb3uKgCcPsIn_H8UGQTTP2S-VQ9rfi3tf615AK8__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1aad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd075ce8eb48032630ecb10e2c78b95803ff8f2b63b83841f14115180001cfeb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_css/css__-F-28WDUJfuhSiGMCRLWOtsNrqhOYEPnxe5S_SHxHqE__y-ufwb3uKgCcPsIn_H8UGQTTP2S-VQ9rfi3tf615AK8__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Wed, 09 Dec 2020 14:53:28 GMT
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-ray: 5fef8e4828731f39-FRA
strict-transport-security: max-age=63072000
content-encoding: br
cf-request-id: 06e997411500001f39fd3a8000000001
last-modified: Thu, 26 Nov 2020 19:22:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 20149092 28765569
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
content-type: image/svg+xml
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description

GET
H2 200 129899323_1816723351825205_5622438120029183812_o.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_header_full_size/public/img/2020/12/08/ 489 KB
490 KB 1128ms
1126ms Image
image/jpeg 2606:4700:10::ac43:1aad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_header_full_size/public/img/2020/12/08/129899323_1816723351825205_5622438120029183812_o.jpg?itok=gVOK_mtk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1aad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3591b9c5a03ac3bb721111a4ec2ccdbfb2e576359cf30a40ac290c6534a6f359

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: MISS
content-type: image/jpeg
strict-transport-security: max-age=63072000
content-length: 500728
cf-request-id: 06e997417300001f39e4326000000001
last-modified: Tue, 08 Dec 2020 21:48:16 GMT
server: cloudflare
date: Wed, 09 Dec 2020 14:53:28 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 43830664 43546541
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fef8e48b9bc1f39-FRA

GET
H2 200 stpaulsmagog.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser_top_story/public/img/2020/12/08/ 163 KB
163 KB 21ms
19ms Image
image/webp 2606:4700:10::ac43:1aad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser_top_story/public/img/2020/12/08/stpaulsmagog.jpg?itok=yys2aA2e

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1aad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16187dfe884b1244fc670e9c6ceda2077b9242e185a922858d89430b5a2cb408

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 646
cf-polished: qual=85, origFmt=jpeg, origSize=861915
content-type: image/webp
content-disposition: inline; filename="stpaulsmagog.webp"
vary: Accept
content-length: 166534
cf-request-id: 06e997417400001f39513f9000000001
last-modified: Wed, 09 Dec 2020 13:33:09 GMT
server: cloudflare
date: Wed, 09 Dec 2020 14:53:27 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
x-varnish: 42791617 34695401
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fef8e48b9be1f39-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 bob_chamberlin_1_0.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/08/ 42 KB
42 KB 19ms
17ms Image
image/jpeg 2606:4700:10::ac43:1aad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/08/bob_chamberlin_1_0.jpg?itok=Wka0xJXY

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1aad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cc31ba9679d15cec76b776d18772810d47e31b6e1691ddf43405b285846e93c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Wed, 09 Dec 2020 14:53:27 GMT
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2742
cf-polished: degrade=85, origSize=202407, status=webp_bigger
cf-ray: 5fef8e48b9bf1f39-FRA
strict-transport-security: max-age=63072000
content-length: 43118
cf-request-id: 06e997417400001f394793a000000001
last-modified: Wed, 09 Dec 2020 11:12:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 44389638 42789666
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H2 200 09eb0fa8-cce5-4899-80c6-f42508aa27bb_1_105_c.jpeg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/08/ 135 KB
136 KB 19ms
17ms Image
image/jpeg 2606:4700:10::ac43:1aad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/08/09eb0fa8-cce5-4899-80c6-f42508aa27bb_1_105_c.jpeg?itok=dWmchoi0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1aad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

539f06c01e2562f70e1f7bf8f6ade76f0dc6d1c08cc2896c1a37b0706bcc5556

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2742
content-type: image/jpeg
strict-transport-security: max-age=63072000
content-length: 138677
cf-request-id: 06e997417400001f394db19000000001
last-modified: Wed, 09 Dec 2020 11:12:17 GMT
server: cloudflare
date: Wed, 09 Dec 2020 14:53:27 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 40565067 44389481
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fef8e48b9c21f39-FRA

GET
H2 200 191120_canadianministryswearingin_chrystiafreeland_0110.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/08/ 11 KB
11 KB 18ms
16ms Image
image/webp 2606:4700:10::ac43:1aad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/08/191120_canadianministryswearingin_chrystiafreeland_0110.jpg?itok=EJF-0kL1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1aad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04a376be9e39fd437c6ee5153f2bcb5ec34c12b7a0fec0daf8b8dfe052a39b24

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2742
cf-polished: qual=85, origFmt=jpeg, origSize=103056
content-type: image/webp
content-disposition: inline; filename="191120_canadianministryswearingin_chrystiafreeland_0110.webp"
vary: Accept
content-length: 11274
cf-request-id: 06e997417400001f39fd3b6000000001
last-modified: Wed, 09 Dec 2020 11:13:22 GMT
server: cloudflare
date: Wed, 09 Dec 2020 14:53:27 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
x-varnish: 44677919 44677805
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fef8e48b9c41f39-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 35919357966_a4f30ff467_k.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/07/ 142 KB
142 KB 1074ms
1073ms Image
image/jpeg 2606:4700:10::ac43:1aad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/07/35919357966_a4f30ff467_k.jpg?itok=BH8EV7z-

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1aad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2f67713b106de5d6d770aabe74f911653c1ee10b4d714aa72ae0301ba666f7e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: MISS
content-type: image/jpeg
strict-transport-security: max-age=63072000
content-length: 145334
cf-request-id: 06e997417500001f394abba000000001
last-modified: Wed, 09 Dec 2020 13:31:53 GMT
server: cloudflare
date: Wed, 09 Dec 2020 14:53:28 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 34695912 43546625
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fef8e48b9c61f39-FRA

GET
H2 200 2020120812128-5fcfb3d1838adb976f21fa59jpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/09/ 70 KB
70 KB 1037ms
1032ms Image
image/jpeg 2606:4700:10::ac43:1aad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/09/2020120812128-5fcfb3d1838adb976f21fa59jpeg.jpg?itok=-WoacsCL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1aad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7b380f1f70920f1ffcaba1684649f8ff086f2af496ff933b3562abed9b3fe2f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: MISS
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: MISS
content-type: image/jpeg
strict-transport-security: max-age=63072000
content-length: 71231
cf-request-id: 06e997418400001f390f270000000001
last-modified: Wed, 09 Dec 2020 14:04:15 GMT
server: cloudflare
date: Wed, 09 Dec 2020 14:53:28 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 44904212
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fef8e48d9e71f39-FRA

GET
H2 200 20201208171252-5fd0045e10f615321e12660ejpeg_0.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/09/ 106 KB
106 KB 1067ms
1063ms Image
image/jpeg 2606:4700:10::ac43:1aad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/09/20201208171252-5fd0045e10f615321e12660ejpeg_0.jpg?itok=4YChMEr7

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1aad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb53ccb19a5601db9a075a9e525bec51bc8c84fb2bc04b653d84c78165eb5232

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: MISS
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: MISS
content-type: image/jpeg
strict-transport-security: max-age=63072000
content-length: 108808
cf-request-id: 06e997418400001f394db1b000000001
last-modified: Wed, 09 Dec 2020 14:00:40 GMT
server: cloudflare
date: Wed, 09 Dec 2020 14:53:28 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 44720215
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fef8e48d9eb1f39-FRA

GET
H2 200 2020120820124-5fd022bda15c0750b055789djpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/09/ 15 KB
15 KB 16ms
11ms Image
image/webp 2606:4700:10::ac43:1aad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/09/2020120820124-5fd022bda15c0750b055789djpeg.jpg?itok=OlgxYK3l

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1aad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8595d15f6bd9fbee30c4a99936fa5ea3cb9db7c73e7d2fe7eb68236e7a8c2e05

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 613
cf-polished: qual=85, origFmt=jpeg, origSize=96511
content-type: image/webp
content-disposition: inline; filename="2020120820124-5fd022bda15c0750b055789djpeg.webp"
vary: Accept
content-length: 15228
cf-request-id: 06e997418400001f39f6af2000000001
last-modified: Wed, 09 Dec 2020 13:46:19 GMT
server: cloudflare
date: Wed, 09 Dec 2020 14:53:27 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
x-varnish: 45645844 45068364
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fef8e48d9ec1f39-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 20201208161236-5fcff22410f615321e124f0bjpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/09/ 77 KB
78 KB 1080ms
1076ms Image
image/jpeg 2606:4700:10::ac43:1aad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/09/20201208161236-5fcff22410f615321e124f0bjpeg.jpg?itok=grmqAoBN

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1aad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54aedd865887ca5911bf02e3a2674501f38a4a2a54fb89ec20234817812e1a90

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: MISS
content-type: image/jpeg
strict-transport-security: max-age=63072000
content-length: 79310
cf-request-id: 06e997418400001f3919264000000001
last-modified: Wed, 09 Dec 2020 13:40:59 GMT
server: cloudflare
date: Wed, 09 Dec 2020 14:53:28 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 43546807 45175303
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fef8e48d9ee1f39-FRA

GET
H2 200 20201208111252-5fcfb01ba15c0750b054f70cjpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/08/ 9 KB
10 KB 18ms
14ms Image
image/webp 2606:4700:10::ac43:1aad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/08/20201208111252-5fcfb01ba15c0750b054f70cjpeg.jpg?itok=Y06YwzrT

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1aad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb77f49af4364ec8ccc511bb79dcc8412ae488d1da787d1a6f266992733e17de

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2697
cf-polished: qual=85, origFmt=jpeg, origSize=82291
content-type: image/webp
content-disposition: inline; filename="20201208111252-5fcfb01ba15c0750b054f70cjpeg.webp"
vary: Accept
content-length: 9684
cf-request-id: 06e997418500001f394abbb000000001
last-modified: Tue, 08 Dec 2020 21:44:57 GMT
server: cloudflare
date: Wed, 09 Dec 2020 14:53:27 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
x-varnish: 22662445 44829893
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fef8e48d9ef1f39-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 20201207181244-5fcebf204f7002117e5d2d5djpeg_0.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/08/ 71 KB
71 KB 1048ms
1044ms Image
image/jpeg 2606:4700:10::ac43:1aad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/08/20201207181244-5fcebf204f7002117e5d2d5djpeg_0.jpg?itok=S9ZZO8p6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1aad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b51434614179f34fdaeaf1ce94531ac6734a5f8a10c16c96dcac41e845c36c38

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: MISS
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: MISS
content-type: image/jpeg
strict-transport-security: max-age=63072000
content-length: 72477
cf-request-id: 06e997418500001f39e3879000000001
last-modified: Tue, 08 Dec 2020 21:32:04 GMT
server: cloudflare
date: Wed, 09 Dec 2020 14:53:28 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 45484979
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fef8e48d9f11f39-FRA

GET
H2 200 20201207171224-5fceaba8f0eecdad4adda019jpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/08/ 33 KB
34 KB 20ms
15ms Image
image/jpeg 2606:4700:10::ac43:1aad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/08/20201207171224-5fceaba8f0eecdad4adda019jpeg.jpg?itok=EZchNIGl

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1aad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9762ac040c8b96b6bc6faa14d53fccad7a2e9c0fc60cd12bdf375a084ecdeebc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Wed, 09 Dec 2020 14:53:27 GMT
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2696
cf-polished: degrade=85, origSize=158651, status=webp_bigger
cf-ray: 5fef8e48d9f21f39-FRA
strict-transport-security: max-age=63072000
content-length: 34074
cf-request-id: 06e997418500001f39f9a3a000000001
last-modified: Tue, 08 Dec 2020 14:08:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 35251889 34337691
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H2 200 20201126131136-5fbff652f31580445765fd2cjpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/26/ 8 KB
9 KB 21ms
16ms Image
image/webp 2606:4700:10::ac43:1aad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/26/20201126131136-5fbff652f31580445765fd2cjpeg.jpg?itok=hnyxITGN

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1aad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d5c93fcb4408fd3327e4ede9a810f687e1cfb24fc64d0e6e33669a9ea0eb539

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2696
cf-polished: qual=85, origFmt=jpeg, origSize=83395
content-type: image/webp
content-disposition: inline; filename="20201126131136-5fbff652f31580445765fd2cjpeg.webp"
vary: Accept
content-length: 8622
cf-request-id: 06e997418500001f3927b68000000001
last-modified: Fri, 27 Nov 2020 13:56:20 GMT
server: cloudflare
date: Wed, 09 Dec 2020 14:53:27 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
x-varnish: 43054916 43054879
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fef8e48d9f31f39-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 20201207121256-5fce6d004f7002117e5cbd4fjpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/08/ 35 KB
35 KB 19ms
15ms Image
image/jpeg 2606:4700:10::ac43:1aad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/08/20201207121256-5fce6d004f7002117e5cbd4fjpeg.jpg?itok=SXgPB7W3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1aad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c9090870220f24f65a57b343dccad884ddf94e0141124095963ecf944da4eba

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Wed, 09 Dec 2020 14:53:27 GMT
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2696
cf-polished: degrade=85, origSize=166272, status=webp_bigger
cf-ray: 5fef8e48d9f51f39-FRA
strict-transport-security: max-age=63072000
content-length: 35473
cf-request-id: 06e997418500001f3916805000000001
last-modified: Tue, 08 Dec 2020 14:01:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 34337759 44373048
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H2 200 20201124111128-5fbd35152735c6ba3cf96268jpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/25/ 9 KB
9 KB 20ms
16ms Image
image/webp 2606:4700:10::ac43:1aad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/25/20201124111128-5fbd35152735c6ba3cf96268jpeg.jpg?itok=jsgW2AWa

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1aad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23f2fe4a8cf04d79c520482f62c4f345091ce8bc0077c4114b20b67cbe5c4ab4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2692
cf-polished: qual=85, origFmt=jpeg, origSize=81061
content-type: image/webp
content-disposition: inline; filename="20201124111128-5fbd35152735c6ba3cf96268jpeg.webp"
vary: Accept
content-length: 8940
cf-request-id: 06e997418500001f392536a000000001
last-modified: Wed, 25 Nov 2020 20:23:04 GMT
server: cloudflare
date: Wed, 09 Dec 2020 14:53:27 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
x-varnish: 44373059 34337711
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fef8e48d9f61f39-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 20201207181244-5fcebf204f7002117e5d2d5djpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/08/ 10 KB
10 KB 20ms
17ms Image
image/webp 2606:4700:10::ac43:1aad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/08/20201207181244-5fcebf204f7002117e5d2d5djpeg.jpg?itok=N0ub6gA7

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1aad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a9305d86167d83fe61621da34afbc2c9be944f6e57f8a9b9759621f7dc28b51

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2692
cf-polished: qual=85, origFmt=jpeg, origSize=72477
content-type: image/webp
content-disposition: inline; filename="20201207181244-5fcebf204f7002117e5d2d5djpeg.webp"
vary: Accept
content-length: 9958
cf-request-id: 06e997418600001f391217c000000001
last-modified: Tue, 08 Dec 2020 13:51:05 GMT
server: cloudflare
date: Wed, 09 Dec 2020 14:53:27 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
x-varnish: 44023286 44023161
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fef8e48d9f71f39-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 img_9744.jpeg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/06/ 19 KB
19 KB 46ms
43ms Image
image/webp 2606:4700:10::ac43:1aad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/12/06/img_9744.jpeg?itok=jg4SpAiO

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1aad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20f2ec120e9b9f6692b0c741b2e1e25e76a6592be7984de8c2bbaa86713d47eb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2692
cf-polished: qual=85, origFmt=jpeg, origSize=117368
content-type: image/webp
content-disposition: inline; filename="img_9744.webp"
vary: Accept
content-length: 19724
cf-request-id: 06e997418600001f390a0fc000000001
last-modified: Tue, 08 Dec 2020 11:13:22 GMT
server: cloudflare
date: Wed, 09 Dec 2020 14:53:27 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
x-varnish: 43851435 44404058
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fef8e48d9f91f39-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 logo_footer.svg
www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/no_logos/ 6 KB
3 KB 707ms
707ms Image
image/svg+xml 2606:4700:10::ac43:1aad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/no_logos/logo_footer.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1aad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae2af53b4a4312771ab7cf472e4968b1bb13957cc20434d635485afc9c074d2c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_css/css__-F-28WDUJfuhSiGMCRLWOtsNrqhOYEPnxe5S_SHxHqE__y-ufwb3uKgCcPsIn_H8UGQTTP2S-VQ9rfi3tf615AK8__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Wed, 09 Dec 2020 14:53:28 GMT
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-ray: 5fef8e48d9ff1f39-FRA
strict-transport-security: max-age=63072000
content-encoding: br
cf-request-id: 06e997418900001f39f280a000000001
last-modified: Thu, 26 Nov 2020 19:22:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 31011806 31235028
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
content-type: image/svg+xml
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description

GET
H2 200 201204_women_jobs.png
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser_large/public/img/2020/12/04/ 315 KB
316 KB 24ms
23ms Image
image/webp 2606:4700:10::ac43:1aad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser_large/public/img/2020/12/04/201204_women_jobs.png?itok=iiY2ShwH

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1aad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f7608c56d63db31eee66779e29204de79023aae501d31e8a51477b69fad5f6a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2692
cf-polished: origFmt=png, origSize=473286
content-type: image/webp
content-disposition: inline; filename="201204_women_jobs.webp"
vary: Accept
content-length: 322604
cf-request-id: 06e997419d00001f392806d000000001
last-modified: Tue, 08 Dec 2020 16:50:24 GMT
server: cloudflare
date: Wed, 09 Dec 2020 14:53:27 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
x-varnish: 44669416 44669301
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fef8e48fa2d1f39-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 resized-satelllite_-_image_4_-_ghg_-_sensor_-_leo_2_002.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2019/11/01/ 36 KB
36 KB 14ms
13ms Image
image/jpeg 2606:4700:10::ac43:1aad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2019/11/01/resized-satelllite_-_image_4_-_ghg_-_sensor_-_leo_2_002.jpg?itok=_-yTTlhZ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1aad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39fc9efbd7e62f925da9298da7d58262e218a4698a6b5f2f46a6b09f7e963b6f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Wed, 09 Dec 2020 14:53:27 GMT
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2692
cf-polished: degrade=85, origSize=191635, status=webp_bigger
cf-ray: 5fef8e48fa2f1f39-FRA
strict-transport-security: max-age=63072000
content-length: 36552
cf-request-id: 06e997419e00001f39340e6000000001
last-modified: Tue, 05 Nov 2019 01:58:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 40405994 39562648
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H2 200 bugaboo_creek_clearcut.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/10/23/ 31 KB
32 KB 15ms
14ms Image
image/jpeg 2606:4700:10::ac43:1aad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/10/23/bugaboo_creek_clearcut.jpg?itok=dENkuCMc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1aad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51e6a1eb76090d767aea13195574090d0373416a20c296eb50bf17308b5c6d64

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Wed, 09 Dec 2020 14:53:27 GMT
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2691
cf-polished: degrade=85, origSize=144624, status=webp_bigger
cf-ray: 5fef8e48fa301f39-FRA
strict-transport-security: max-age=63072000
content-length: 32128
cf-request-id: 06e997419e00001f393baa9000000001
last-modified: Mon, 26 Oct 2020 12:52:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 29692636
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H2 200 img_9448.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/10/23/ 30 KB
30 KB 30ms
30ms Image
image/jpeg 2606:4700:10::ac43:1aad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/10/23/img_9448.jpg?itok=-hBaZ1RN

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1aad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80f2a7af0c25c90ed812cffff00ffe37d31805d48b4b545f2eb7f8639dd1ca6d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Wed, 09 Dec 2020 14:53:27 GMT
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2691
cf-polished: degrade=85, origSize=141104, status=webp_bigger
cf-ray: 5fef8e48fa331f39-FRA
strict-transport-security: max-age=63072000
content-length: 30428
cf-request-id: 06e997419e00001f3915b4b000000001
last-modified: Fri, 23 Oct 2020 16:37:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 39947274
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 133 KB
46 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K2JMB7M

Requested by

Host: www.nationalobserver.com
URL: https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/js__9Dyd-fwxZ7oMH5MbaoCOKCADnhvouFdMwSw8XaZPpzw__8UaUa8dH70EmVutbPdVpk05Bd1Paov93TS0FM81CAZU__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fa336c22fb857f287979cb63c18ab317a71ae635a84f7d44287d0e8f3329b53a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 14:53:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46571
x-xss-protection: 0
last-modified: Wed, 09 Dec 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 09 Dec 2020 14:53:27 GMT

GET
H2 200 load Show response
experience.tinypass.com/xbuilder/experience/ 4 KB
2 KB 434ms
417ms Script
application/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/load?aid=Z9bvuPACYA

Requested by

Host: www.nationalobserver.com
URL: https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/js__drBntGipoEDHhAASZjSa3VmJSsxTjXyTzp58fKGniPo__mFnendQQxsmJHufyCu_ODVQkaSoA8zl-DRJ-O1AasAE__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1131af27c283cb6f61de27b239a8d6228c28cc8069cde3027461fd4b70d5c138

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 14:53:28 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: EXPIRED
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 06e99741ca0000323301a65000000001
x-request-id: C4pu2lqex4l
wn: prod-exp-10-0-119-169
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=1800
cf-ray: 5fef8e4948923233-FRA
expires: Wed, 09 Dec 2020 15:23:28 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 133 KB
51 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TNN7SJH0J9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2JMB7M

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

add6bfcca0649df5bff89bcfbf5e4c18cecdbcc14a80b326b50965e6a978df0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 14:53:27 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52254
x-xss-protection: 0
expires: Wed, 09 Dec 2020 14:53:27 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2JMB7M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 217
date: Wed, 09 Dec 2020 14:49:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Wed, 09 Dec 2020 16:49:50 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 89 KB
23 KB 6ms
5ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0e49c2b4e86d3fda1dda93eb1210a47712f7b091181b4e7c6da2b3e6f8e86396

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23320
x-xss-protection: 0
pragma: public
x-fb-debug: QsJDhQknylfKZIvG5Kg+kKlDDRTETrwyQZimAldouFyULiQTLxgJ4lc3uome4Jcf+51ntuu0ilXR2WH2x1RuUQ==
x-fb-trip-id: 664085054
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 09 Dec 2020 14:53:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 161351677799122 Show response
connect.facebook.net/signals/config/ 238 KB
69 KB 65ms
65ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/161351677799122?v=2.9.29&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d05f3f1c49d3e6bdb4b73972fb335fe7682b491ab1d3ca31030f8b38d7514008

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: QNNvMP43YP+YFq0q7DKeDIzCraL1+JvD+RUo7mBSGK/SvuFyA2DW32LwjIv0kG61uvcETcQlfOIV9rZSerpaOg==
x-fb-trip-id: 664085054
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 09 Dec 2020 14:53:28 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 1747440604
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 js Show response
www.google-analytics.com/gtm/ 85 KB
34 KB 30ms
30ms Script
application/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-WFJVCJJ&t=gtm2&cid=1551612221.1607525608

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

19aaf2746e45e4a958e7f3f48d8237fb04775373e2ff587be41c0fb0a0f1180f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 14:53:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34512
x-xss-protection: 0
last-modified: Wed, 09 Dec 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 09 Dec 2020 14:53:27 GMT

POST
H3-Q050 204 collect
www.google-analytics.com/g/ 0
70 B 13ms
13ms Other
text/plain 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-TNN7SJH0J9&gtm=2oebu0&_p=523278655&sr=1600x1200&ul=en-us&cid=1551612221.1607525608&_s=1&dl=https%3A%2F%2Fwww.nationalobserver.com%2F%3Futm_source%3DNational%2BObserver%26utm_campaign%3D2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45%26utm_medium%3Demail%26utm_term%3D0_cacd0f141f-2c21a96285-277178234&dr=&dt=Home%20%7C%20National%20Observer&sid=1607525607&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.cookieDomain=auto
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TNN7SJH0J9&l=dataLayer&cx=c
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 09 Dec 2020 14:53:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nationalobserver.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
25 B 13ms
13ms XHR
text/plain 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=523278655&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nationalobserver.com%2F%3Futm_source%3DNational%2BObserver%26utm_campaign%3D2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45%26utm_medium%3Demail%26utm_term%3D0_cacd0f141f-2c21a96285-277178234&ul=en-us&de=UTF-8&dt=Home%20%7C%20National%20Observer&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAAAAC~&jid=348182414&gjid=500120789&cid=1551612221.1607525608&tid=UA-59182232-1&_gid=1552652236.1607525608&_r=1&gtm=2wgbu0K2JMB7M&z=717526796

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 09 Dec 2020 14:53:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nationalobserver.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
91 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-59182232-1&cid=1551612221.1607525608&jid=348182414&gjid=500120789&_gid=1552652236.1607525608&_u=aGDAAEACQAAAAC~&z=735682629

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 09 Dec 2020 14:53:28 GMT
content-type: text/plain
access-control-allow-origin: https://www.nationalobserver.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.ca/adsid/ 109 B
803 B 36ms
15ms Script
application/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=www.nationalobserver.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Dec 2020 14:53:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
803 B 37ms
16ms Script
application/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nationalobserver.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Dec 2020 14:53:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
1003 B 98ms
67ms XHR
text/plain 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1541816685268248&correlator=588408845491910&output=ldjh&impl=fifs&eid=21069140&vrg=2020120201&guci=2.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201209&iu_parts=1086440%2Cnatobs_main_body_bottom%2Cnatobs_main_body_middle%2Cnatobs_main_body_top&enc_prev_ius=0%2F1%2C0%2F2%2C0%2F3&prev_iu_szs=970x250%7C728x90%2C970x250%7C728x90%2C970x250%7C728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1607525606&dt=1607525608060&dlt=1607525607431&idt=252&frm=20&biw=1600&bih=1200&oid=3&adxs=315%2C315%2C315&adys=4073%2C3413%2C1862&adks=2171609318%2C1768474810%2C3015429365&ucis=1%7C2%7C3&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nationalobserver.com%2F%3Futm_source%3DNational%2BObserver%26utm_campaign%3D2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45%26utm_medium%3Demail%26utm_term%3D0_cacd0f141f-2c21a96285-277178234&vis=1&stss=1&dmc=8&scr_x=0&scr_y=0&psz=1600x250%7C1600x250%7C1600x250&msz=1600x250%7C1600x250%7C1600x250&ga_vid=1551612221.1607525608&ga_sid=1607525608&ga_hid=523278655&ga_cid=1552652236.1607525608&fws=4%2C4%2C4&ohw=1600%2C1600%2C1600&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

2492d6bc2d1ef28c27174976842633a8f99beb92a8c0aa39eaa9d440e1374032

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 14:53:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 274
x-xss-protection: 0
google-lineitem-id: -2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nationalobserver.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
789d7e6933eae34fa23442bda6f5df7e.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 95ms
39ms Other
text/html 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://789d7e6933eae34fa23442bda6f5df7e.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 25ms
6ms Other
text/html 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 /
www.facebook.com/tr/ 44 B
257 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=161351677799122&ev=PageView&dl=https%3A%2F%2Fwww.nationalobserver.com%2F%3Futm_source%3DNational%2BObserver%26utm_campaign%3D2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45%26utm_medium%3Demail%26utm_term%3D0_cacd0f141f-2c21a96285-277178234&rl=&if=false&ts=1607525608099&sw=1600&sh=1200&v=2.9.29&r=stable&ec=0&o=30&fbp=fb.1.1607525608097.809522284&it=1607525607955&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 14:53:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 09 Dec 2020 14:53:28 GMT

GET
H2 200 tinypass.min.js Show response
cdn.tinypass.com/api/ 393 KB
124 KB 26ms
24ms Script
application/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tinypass.com/api/tinypass.min.js

Requested by

Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=Z9bvuPACYA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09366ab556332ac30a3e256e5c40b8c2d459f17a0a28cc188b7f84ca46ec014f

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 14:53:28 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 11
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 06e997436d0000323369273000000001
wn: prod-dash-10-0-125-59
last-modified: Tue, 08 Dec 2020 16:54:22 GMT
server: cloudflare
etag: W/"402547-1607446462000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: application/javascript
server-time: 0.000
cache-control: public, max-age=300
cf-ray: 5fef8e4bee873233-FRA
expires: Wed, 09 Dec 2020 14:58:28 GMT

GET
H2 200 verify Show response
id.tinypass.com/id/api/v1/identity/token/ 209 B
978 B 135ms
126ms Script
application/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://id.tinypass.com/id/api/v1/identity/token/verify?callback=jQuery1124048197091214757815_1607525608368&client_id=Z9bvuPACYA&token=&site=https%3A%2F%2Fwww.nationalobserver.com&_=1607525608369

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11d495b25bbd3acdf0f7ce1790b643b0dc549caf60db8d24c61b233a2929bb42

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 14:53:28 GMT
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL", CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 06e997440e000032331801f000000001
x-request-id: C4pu2lqDdh8
pragma: no-cache
wn: prod-id-10-0-81-113
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-cache="set-cookie"
access-control-allow-credentials: true
server-time: 0.003
cf-ray: 5fef8e4ce8f73233-FRA
access-control-allow-headers: origin, content-type, accept, authorization
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 execute Show response
experience.tinypass.com/xbuilder/experience/ 7 KB
3 KB 249ms
249ms XHR
application/json 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/execute?aid=Z9bvuPACYA

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4398912a2d5f1bb8e5c29eb814d5c0f5545ab3a20a69d40ae623be24e72f973e

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Accept: */*
Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 09 Dec 2020 14:53:28 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 06e99744960000323301ab1000000001
x-request-id: C4pu2lqA1Zw
pragma: no-cache
wn: prod-exp-10-200-142-165
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.nationalobserver.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 5fef8e4dbb1c3233-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 41ms
20ms XHR
application/json 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020120201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dadbdcd29e3a4e7f1107e64bb1d8cc9bde3e0358bff13e5618e52e995f1fdc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Dec 2020 14:53:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6345
x-xss-protection: 0

POST
H2 200 /
www.facebook.com/tr/ 0
54 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarypn62ub9wS9ieIEqy

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Wed, 09 Dec 2020 14:53:28 GMT
content-type: text/plain
access-control-allow-origin: https://www.nationalobserver.com
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 34ms
21ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 14:53:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Wed, 09 Dec 2020 14:53:28 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 1C53 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Wed, 09 Dec 2020 13:52:21 GMT
expires: Thu, 09 Dec 2021 13:52:21 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3667
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 show
buy.tinypass.com/checkout/template/ Frame 1DD2 0
0 152ms
144ms Document
text/html 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/template/show?displayMode=inline&containerSelector=%23site-broadcast-inner&templateId=OT9X4IMM1QSE&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAI2R0W-CMBDG_5c-26QtBUvf2EaULOrM1DneCpxQA5VBQZNl__uQzC1L9rB7u_t93-Xy3TtSOkMSxX7Sd0_B_WuAJqhWOew0nKMrYYQRTBkmPqYudh3MBHZ8it3q4tgsXO3oeTM3aYw98DyRKEqzLD2AAJ6RAzhKcA4qUSQbFsOlhkaDSWFcHe7FMl7MXmaPUfSLhhdIO6tPZpTRhAvrC1LkmAzFrJ72p6oAo3Kj2qNti0Lnv_xB-m1ui9N5A1VdKgt07m-JeIi3S_eOeYOjUO2NIWmbDibIfvWjebXx9zxaLOj6OUQ_bKcarYy9SkxXlhOUqqpWOjftbdDrVo8c9fjvAB0sgnVxzDvgILxi_9b_J0BdXz-iCJX8ICT1mXQ55VKygXUtNEEOxg6SrEqv99oSSeqRqUcZIeLjE9zi2zLtAQAA&experienceId=EX8NZMGWGKII&tbc=%7Bjzx%7Di4cQEliGphDucRXKRMu_I9lst30YJriZm8Pc68ZYvkrWGrWtrwEFOZdnuVIMV0BUMN21RhEc7hA_XGWDiJey6c1OUuo7aLiCYHGIxEx4hBMGoqTidjcVU4CyBalhs_GUCVG_RXn-uiONfDaQYYJiQw&iframeId=offer-0-v9ZjW&url=https%3A%2F%2Fwww.nationalobserver.com%2F%3Futm_source%3DNational%252BObserver%26utm_campaign%3D2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45%26utm_medium%3Demail%26utm_term%3D0_cacd0f141f-2c21a96285-277178234&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=Z9bvuPACYA&tags=front&zone=public&pageViewId=2020-12-09-15-53-28-391-5mx3tdEOV1wTHncZ-6e668ba11ddcfe8e4d0fe3a844eaba0d&visitId=v-2020-12-09-15-53-28-393-8AQhjgue4e86hXqv-6e668ba11ddcfe8e4d0fe3a844eaba0d&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%22_pc_nat_brief%22%3A%22nosub%22%7D&hasLoginRequiredCallback=true&width=1600&_qh=e1a37f7369

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Xss-Protection	0

Request headers

:method: GET
:authority: buy.tinypass.com
:scheme: https
:path: /checkout/template/show?displayMode=inline&containerSelector=%23site-broadcast-inner&templateId=OT9X4IMM1QSE&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAI2R0W-CMBDG_5c-26QtBUvf2EaULOrM1DneCpxQA5VBQZNl__uQzC1L9rB7u_t93-Xy3TtSOkMSxX7Sd0_B_WuAJqhWOew0nKMrYYQRTBkmPqYudh3MBHZ8it3q4tgsXO3oeTM3aYw98DyRKEqzLD2AAJ6RAzhKcA4qUSQbFsOlhkaDSWFcHe7FMl7MXmaPUfSLhhdIO6tPZpTRhAvrC1LkmAzFrJ72p6oAo3Kj2qNti0Lnv_xB-m1ui9N5A1VdKgt07m-JeIi3S_eOeYOjUO2NIWmbDibIfvWjebXx9zxaLOj6OUQ_bKcarYy9SkxXlhOUqqpWOjftbdDrVo8c9fjvAB0sgnVxzDvgILxi_9b_J0BdXz-iCJX8ICT1mXQ55VKygXUtNEEOxg6SrEqv99oSSeqRqUcZIeLjE9zi2zLtAQAA&experienceId=EX8NZMGWGKII&tbc=%7Bjzx%7Di4cQEliGphDucRXKRMu_I9lst30YJriZm8Pc68ZYvkrWGrWtrwEFOZdnuVIMV0BUMN21RhEc7hA_XGWDiJey6c1OUuo7aLiCYHGIxEx4hBMGoqTidjcVU4CyBalhs_GUCVG_RXn-uiONfDaQYYJiQw&iframeId=offer-0-v9ZjW&url=https%3A%2F%2Fwww.nationalobserver.com%2F%3Futm_source%3DNational%252BObserver%26utm_campaign%3D2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45%26utm_medium%3Demail%26utm_term%3D0_cacd0f141f-2c21a96285-277178234&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=Z9bvuPACYA&tags=front&zone=public&pageViewId=2020-12-09-15-53-28-391-5mx3tdEOV1wTHncZ-6e668ba11ddcfe8e4d0fe3a844eaba0d&visitId=v-2020-12-09-15-53-28-393-8AQhjgue4e86hXqv-6e668ba11ddcfe8e4d0fe3a844eaba0d&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%22_pc_nat_brief%22%3A%22nosub%22%7D&hasLoginRequiredCallback=true&width=1600&_qh=e1a37f7369
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234

Response headers

date: Wed, 09 Dec 2020 14:53:29 GMT
content-type: text/html;charset=UTF-8
access-control-allow-methods: *
access-control-allow-origin: https://dashboard.piano.io
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR OUR IND"
pragma: no-cache
server-time: 0.007
set-cookie: LANG=en_US;Version=1;Domain=.tinypass.com;Path=/;Max-Age=2592000;Secure;SameSite=None
strict-transport-security: max-age=60; includeSubDomains
vary: accept-encoding
wn: prod-dash-10-0-95-165
x-forwarded-https: on
x-request-id: C4pu2lqGAGX
x-xss-protection: 0
cf-cache-status: DYNAMIC
cf-request-id: 06e99745b7000032335d0cd000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5fef8e4f8fae3233-FRA
content-encoding: br

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
145 B 16ms
15ms Image
image/gif 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020120201&jk=1541816685268248&bg=!OjmlORnNAAUbEDgJG1jERs4jwY7YEwIAAACcUgAAABpoAQcKARojAXor-zCi4dxTnRjrhibWTYvxbpbk7D40dO1z9xX9AtIMpxqlmY0z-RL11zhMWZadqCK1nBikEN_F-eMIFe9KyCUI5FW0fvDN3LPXXviNhD9-zRBRFvr40Va8XgfePazRFjZUM88HmIvCDDRjYd1josbsGWMHfhmpr0Ji94rT8sw_oZbbbc8_sfnBzK4Nb1BE6syXyhGQ5Fi_g6RI0x4sza7x4FFfr6xX2CzvFDpEozfDRl4UVCsBt2j7K1Ull65PNMowMLIam-q3uiIWH6E3JLtFCm9InwY5LPCoxsmztCDiMsUk9i_HjIfvvIJaw4dKQatfiFqDZONTZ9BYTsulzhyQKc4XMIHqHh0tItEO4RaZ2YYCpA06q9CZAcEYGVf8S6Kq3BRQxjlKHLds01xCwFFNk64MQlvpjVSJG-VyeBVtJL7vTY6SFyaGAAi-9CEWqjGm_CI7YJ7syyD7fiwMXtjbAO89DTpvYc-dITx3V9U6NDFOb35YDT2IqZLci372_P1vPjPg93udimqseYdGdDVXdMEVY2ZNag8jJpYsBbUevIiPqhkkwaDbZitYqdTPeyZbCuy8MZSMtol-Qw2XP6gzulBYZbqxbh2VUF8Wtajz4vCB2crUUuqAvloeZP9vCqRslaboi31xEHQCh20n0Se4Ah1fIKpHOk4-mlGFXsSY1Z1YQlleKu8HN03jphKdoUS3ufLiBKs73OO2-4yAguO3Oq4WjkNqcCNyK5xIaVWX173uep3lTWOZLkq2W0-G22gGENyi5v_mFn_F5mg8of-UjDrhT0xAYEiVidZzWydS8r1iFydvOforLa47M8NUOnlqevPfiaC1hX-Z1XD-_98cvzOgOKD-R9bEXaPxD97TFneBS-ie9rpvNzt5ca9tkEPDlKe8qCAdH-1O1TCHwfoP9ohaC2t4huWMUFPTIHGAEXdmKS74yD4jEiFN3BIKvs9G2bVE4NXqSrDXyw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2c21a96285-EMAIL_CAMPAIGN_2020_12_09_02_45&utm_medium=email&utm_term=0_cacd0f141f-2c21a96285-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Dec 2020 14:53:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nationalobserver.com/	1970-01-19 23:53:41	Name: __gads Value: ID=0d8b8d3e50ae72e7-22b191515eb9001a:T=1607525608:S=ALNI_MZn4xg3DbZ0Z1xnptVJmVV9qGmh9w
.nationalobserver.com/	1970-01-19 14:32:05	Name: _gat_UA-59182232-1 Value: 1
.nationalobserver.com/	1970-01-20 08:03:17	Name: _ga Value: GA1.2.1551612221.1607525608
www.nationalobserver.com/	1969-12-31 23:59:59	Name: has_js Value: 1
www.nationalobserver.com/	1969-12-31 23:59:59	Name: _pc_nat_brief Value: nosub
.nationalobserver.com/	1970-01-19 14:33:32	Name: _gid Value: GA1.2.1552652236.1607525608
.nationalobserver.com/	1970-01-20 08:03:17	Name: _ga_TNN7SJH0J9 Value: GS1.1.1607525607.1.0.1607525607.0
.nationalobserver.com/	1970-01-19 16:41:41	Name: _fbp Value: fb.1.1607525608097.809522284
.nationalobserver.com/	1970-01-19 15:15:17	Name: __cfduid Value: d96bd36ce18645a941539b42249753e531607525606

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

789d7e6933eae34fa23442bda6f5df7e.safeframe.googlesyndication.com
adservice.google.ca
adservice.google.com
buy.tinypass.com
cdn.tinypass.com
connect.facebook.net
experience.tinypass.com
id.tinypass.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.nationalobserver.com
172.217.18.162
2606:4700:10::ac43:1aad
2606:4700::6811:bab1
2a00:1450:4001:806::2008
2a00:1450:4001:814::2001
2a00:1450:4001:81e::2001
2a00:1450:4001:820::2002
2a00:1450:4001:824::200e
2a00:1450:400c:c02::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04a376be9e39fd437c6ee5153f2bcb5ec34c12b7a0fec0daf8b8dfe052a39b24
05512d815f46a3dd0e9aaa163dad6808ea2c7d43c89fe74b821c879c4b1b5046
09366ab556332ac30a3e256e5c40b8c2d459f17a0a28cc188b7f84ca46ec014f
0e49c2b4e86d3fda1dda93eb1210a47712f7b091181b4e7c6da2b3e6f8e86396
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1131af27c283cb6f61de27b239a8d6228c28cc8069cde3027461fd4b70d5c138
11d495b25bbd3acdf0f7ce1790b643b0dc549caf60db8d24c61b233a2929bb42
16187dfe884b1244fc670e9c6ceda2077b9242e185a922858d89430b5a2cb408
19aaf2746e45e4a958e7f3f48d8237fb04775373e2ff587be41c0fb0a0f1180f
20f2ec120e9b9f6692b0c741b2e1e25e76a6592be7984de8c2bbaa86713d47eb
23f2fe4a8cf04d79c520482f62c4f345091ce8bc0077c4114b20b67cbe5c4ab4
2492d6bc2d1ef28c27174976842633a8f99beb92a8c0aa39eaa9d440e1374032
3591b9c5a03ac3bb721111a4ec2ccdbfb2e576359cf30a40ac290c6534a6f359
39fc9efbd7e62f925da9298da7d58262e218a4698a6b5f2f46a6b09f7e963b6f
3c10dda92767ee7e5a9018e3085b03074060ca0318b7ea5b5cccd03d06e90f0c
3d5c93fcb4408fd3327e4ede9a810f687e1cfb24fc64d0e6e33669a9ea0eb539
3f60c0a6768f0d5747867595475c0c20f9887ceb69377168f7c55d662b2e8e19
4033fe125bc4912b399636e14b7ef202fe63b3b5cd50f1c094da1695270d878e
4398912a2d5f1bb8e5c29eb814d5c0f5545ab3a20a69d40ae623be24e72f973e
44e56ef0e5dd6e0abfe0af2bd8463e1ce174576747f7a71980b4559fea97fa50
51e6a1eb76090d767aea13195574090d0373416a20c296eb50bf17308b5c6d64
539f06c01e2562f70e1f7bf8f6ade76f0dc6d1c08cc2896c1a37b0706bcc5556
54aedd865887ca5911bf02e3a2674501f38a4a2a54fb89ec20234817812e1a90
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
69b116c12bbdb23eab4b5600fb5e071a12c5d47494c7a600ffacc4ffa4cd44aa
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7798f3947141f95f35a6890c5e7df7eb25c4097e92a2f8fc813963ce37aa58cd
7a9305d86167d83fe61621da34afbc2c9be944f6e57f8a9b9759621f7dc28b51
7c9090870220f24f65a57b343dccad884ddf94e0141124095963ecf944da4eba
7cc31ba9679d15cec76b776d18772810d47e31b6e1691ddf43405b285846e93c
80f2a7af0c25c90ed812cffff00ffe37d31805d48b4b545f2eb7f8639dd1ca6d
8595d15f6bd9fbee30c4a99936fa5ea3cb9db7c73e7d2fe7eb68236e7a8c2e05
88400ee72941490b27858e2378dcfc56b3a2521141bb13e1c65c606c85a51ae4
8c26421e16e6e09907c2ca663f148367c7d335758ef92ce4fa51a75f5fcd06ca
8e516b37314d7d5e77025c54027e4d966584ed7333d6332cbbfa6d187b9ff9e9
9762ac040c8b96b6bc6faa14d53fccad7a2e9c0fc60cd12bdf375a084ecdeebc
9dadbdcd29e3a4e7f1107e64bb1d8cc9bde3e0358bff13e5618e52e995f1fdc1
9f7608c56d63db31eee66779e29204de79023aae501d31e8a51477b69fad5f6a
add6bfcca0649df5bff89bcfbf5e4c18cecdbcc14a80b326b50965e6a978df0b
ae2af53b4a4312771ab7cf472e4968b1bb13957cc20434d635485afc9c074d2c
b51434614179f34fdaeaf1ce94531ac6734a5f8a10c16c96dcac41e845c36c38
bcc7fe73b7500d838a58d1b908da476364bb087b453f5f4d0b2c374b849e446e
beda2da2b2330d393ebe11f55360dfdc1fde838ab3a8f63b0cd540752d80f9a4
c2f67713b106de5d6d770aabe74f911653c1ee10b4d714aa72ae0301ba666f7e
c3fc334e19b3509707d7676c747ef6f0cd0842e9b485189d13eb3512fdd53fe0
c7b380f1f70920f1ffcaba1684649f8ff086f2af496ff933b3562abed9b3fe2f
cb77f49af4364ec8ccc511bb79dcc8412ae488d1da787d1a6f266992733e17de
d05f3f1c49d3e6bdb4b73972fb335fe7682b491ab1d3ca31030f8b38d7514008
dd075ce8eb48032630ecb10e2c78b95803ff8f2b63b83841f14115180001cfeb
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
eb53ccb19a5601db9a075a9e525bec51bc8c84fb2bc04b653d84c78165eb5232
ef6b730887f786f8ddcc05814d30d04c8f7f1606975be3f408e497963986efd1
f3e9edd59000085678cdc16c87a70b76b869c7010948cfe01aaf891e8b8d6478
fa336c22fb857f287979cb63c18ab317a71ae635a84f7d44287d0e8f3329b53a
fd0a50b9c36bd8e504951a962763814e3418ef6d5b746e2802d0aec962a474a4

www.nationalobserver.com Open in urlscan Pro 2606:4700:10::ac43:1aad Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

65 Requests

100 %HTTPS

91 %IPv6

10 Domains

16 Subdomains

11 IPs

4 Countries

2630 kBTransfer

4147 kBSize

9 Cookies

12 Outgoing links

Redirected requests

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.nationalobserver.com Open in urlscan Pro
2606:4700:10::ac43:1aad Public Scan

Screenshot
Live screenshot

Full Image

65
Requests

100 %
HTTPS

91 %
IPv6

10
Domains

16
Subdomains

11
IPs

4
Countries

2630 kB
Transfer

4147 kB
Size

9
Cookies

65 HTTP transactions
0 data transactions