www.thenewsobserver.com Open in urlscan Pro
104.196.37.2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.thenewsobserver.com/
Effective URL:
https://www.thenewsobserver.com/
Submission: On March 03 via api (March 3rd 2024, 3:04:09 am UTC) from US — Scanned from DE

Summary HTTP 53 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 13 IPs in 2 countries across 12 domains to perform 53 HTTP transactions. The main IP is 104.196.37.2, located in North Charleston, United States and belongs to GOOGLE, US. The main domain is www.thenewsobserver.com.
TLS certificate: Issued by R3 on February 9th 2024. Valid for: 3 months.

This is the only time www.thenewsobserver.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 26	104.196.37.2 104.196.37.2	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
1	20.150.38.36 20.150.38.36	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.66.122.114 18.66.122.114	16509 (AMAZON-02) (AMAZON-02)
1	52.217.164.240 52.217.164.240	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:10:... 2606:4700:10::6816:46c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
1 1	52.59.163.183 52.59.163.183	16509 (AMAZON-02) (AMAZON-02)
7	2600:9000:275... 2600:9000:275b:6400:1b:cadc:ef40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	3.123.135.87 3.123.135.87	16509 (AMAZON-02) (AMAZON-02)
4	151.101.131.52 151.101.131.52	54113 (FASTLY) (FASTLY)
53	13

26 104.196.37.2 (North Charleston, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 2.37.196.104.bc.googleusercontent.com

www.thenewsobserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.150.38.36 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

etypeproductionstorage1.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-114.fra60.r.cloudfront.net

cdn-images.mailchimp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.164.240 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:46c5 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.163.183 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-163-183.eu-central-1.compute.amazonaws.com

cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:275b:6400:1b:cadc:ef40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.123.135.87 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-135-87.eu-central-1.compute.amazonaws.com

api.cmp.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.131.52 (United States)

ASN54113 (FASTLY, US)

cdnres.willyweather.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	thenewsobserver.com 1 redirects www.thenewsobserver.com	1 MB
8	inmobi.com cmp.inmobi.com — Cisco Umbrella Rank: 4035 api.cmp.inmobi.com — Cisco Umbrella Rank: 11537	215 KB
4	willyweather.com cdnres.willyweather.com — Cisco Umbrella Rank: 78684	72 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29 region1.google-analytics.com — Cisco Umbrella Rank: 2089	42 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214	163 KB
3	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 3805	28 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	141 KB
1	quantcast.com 1 redirects cmp.quantcast.com — Cisco Umbrella Rank: 4872	216 B
1	amazonaws.com s3.amazonaws.com	140 KB
1	mailchimp.com cdn-images.mailchimp.com — Cisco Umbrella Rank: 5638	2 KB
1	windows.net etypeproductionstorage1.blob.core.windows.net — Cisco Umbrella Rank: 262345	214 KB
0	adatoolbar.com Failed adatoolbar.com Failed
53	12

	Domain	Requested by
26	www.thenewsobserver.com	1 redirects www.thenewsobserver.com
7	cmp.inmobi.com	www.thenewsobserver.com cmp.quantcast.com cmp.inmobi.com
4	cdnres.willyweather.com	www.thenewsobserver.com cdnres.willyweather.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com cdnres.willyweather.com
3	securepubads.g.doubleclick.net	www.thenewsobserver.com securepubads.g.doubleclick.net
3	static.addtoany.com	www.thenewsobserver.com static.addtoany.com
2	www.googletagmanager.com	www.thenewsobserver.com www.googletagmanager.com
1	api.cmp.inmobi.com	cmp.inmobi.com
1	region1.google-analytics.com	www.googletagmanager.com
1	cmp.quantcast.com	1 redirects
1	s3.amazonaws.com	www.thenewsobserver.com
1	cdn-images.mailchimp.com	www.thenewsobserver.com
1	etypeproductionstorage1.blob.core.windows.net	www.thenewsobserver.com
0	adatoolbar.com Failed	www.thenewsobserver.com
53	14

This site contains links to these domains. Also see Links.

Domain
thenewsobserver.newsbank.com
publisher.etype.services
www.etypeservices.com
www.legacy.com
classadz.vdata.com
www.facebook.com

Subject Issuer	Validity	Valid
thenewsobserver.com R3	`2024-02-09` - `2024-05-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.blob.core.windows.net Microsoft Azure TLS Issuing CA 05	`2024-02-20` - `2024-06-27`	4 months	crt.sh
cdn-images.mailchimp.com Amazon RSA 2048 M02	`2023-06-20` - `2024-07-17`	a year	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2024-02-08` - `2025-01-11`	a year	crt.sh
static.addtoany.com E1	`2024-02-24` - `2024-05-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
cmp.inmobi.com Sectigo ECC Organization Validation Secure Server CA	`2023-08-18` - `2024-08-17`	a year	crt.sh
*.willyweather.com R3	`2024-02-08` - `2024-05-08`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.thenewsobserver.com/
Frame ID: DF2E15A4F7FDC121170CBB9C122BC869
Requests: 47 HTTP requests in this frame

Frame: https://cdnres.willyweather.com/widget/loadView.html?id=114747
Frame ID: F2F3A39EFB7EEFDF20F1385E18E24F98
Requests: 5 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.25.html
Frame ID: 1AF12BAAD5EC85045C1F7A1BBC6A1BF5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The News Observer, Blue Ridge, Georgia

Page URL History Show full URLs

http://www.thenewsobserver.com/ HTTP 301
https://www.thenewsobserver.com/ Page URL

Detected technologies

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

MailChimp (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

s3\.amazonaws\.com/downloads\.mailchimp\.com/js/mc-validate\.js
cdn-images\.mailchimp\.com/[^>]*\.css

Page Statistics

53
Requests

96 %
HTTPS

46 %
IPv6

12
Domains

14
Subdomains

13
IPs

2
Countries

2120 kB
Transfer

4242 kB
Size

5
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://thenewsobserver.newsbank.com/
Title: Extended Search

Search URL Search Domain Scan URL

URL: https://publisher.etype.services/The-News-Observer
Title: Renew

Search URL Search Domain Scan URL

URL: https://www.etypeservices.com/Privacy.aspx
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.legacy.com/us/obituaries/thenewsobserver/browse
Title: Obituaries

Search URL Search Domain Scan URL

URL: https://classadz.vdata.com/CommunityNewspapersMurphy/Advertising/Advertiser
Title: Place a classified

Search URL Search Domain Scan URL

URL: https://www.facebook.com/The-News-Observer-740175116028857/
Title: square-facebook

Search URL Search Domain Scan URL

URL: https://publisher.etype.services/The-News-Observer/e-paper-special-edition/A9CAC1F8F426CE46

Search URL Search Domain Scan URL

URL: https://publisher.etype.services/The-News-Observer/e-paper-special-edition/CF3295D9278FE342

Search URL Search Domain Scan URL

URL: https://publisher.etype.services/The-News-Observer/e-paper-special-edition/AEF36916F41065F0

Search URL Search Domain Scan URL

URL: https://publisher.etype.services/The-News-Observer/e-paper-special-edition/7657A0BD463D9F9B

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.thenewsobserver.com/ HTTP 301
https://www.thenewsobserver.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js HTTP 301
https://cmp.inmobi.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js

53 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.thenewsobserver.com/
Redirect Chain

http://www.thenewsobserver.com/
https://www.thenewsobserver.com/

69 KB
13 KB

437ms
216ms

Document
text/html

104.196.37.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thenewsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.196.37.2 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

2.37.196.104.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

9f567b263336e2885ed0d0fa89eee9bf4075660d0b338efac42e4357e760aa2e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: must-revalidate, no-cache, private
content-encoding: gzip
content-language: en
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:;
content-type: text/html; charset=UTF-8
date: Sat, 02 Mar 2024 04:50:38 GMT
expires: Sun, 19 Nov 1978 05:00:00 GMT
referrer-policy: no-referrer
server: nginx/1.18.0
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff nosniff
x-default-cache: default_cache
x-drupal-cache: HIT
x-drupal-dynamic-cache: HIT
x-frame-options: SAMEORIGIN SAMEORIGIN
x-generator: Drupal 9 (https://www.drupal.org)
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 169
Content-Security-Policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:;
Content-Type: text/html
Date: Sun, 03 Mar 2024 03:04:04 GMT
Location: https://www.thenewsobserver.com/
Referrer-Policy: no-referrer
Server: nginx/1.18.0
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Default-Cache: default_cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 139 KB
54 KB 127ms
49ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-26466179-22

Requested by

Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

567516e4008ebe94dfb88db09f6c275ed607cf0f4448eaf144ff87d322aee1e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 03:04:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 54564
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 03 Mar 2024 03:04:04 GMT

GET
H2 200 css_qCYVQcwlz_blv9ryQYiokRbIGMa5710Ds6bC6xFuX78.css
www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/css/ 9 KB
3 KB 110ms
109ms Stylesheet
text/css 104.196.37.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/css/css_qCYVQcwlz_blv9ryQYiokRbIGMa5710Ds6bC6xFuX78.css

Requested by

Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.196.37.2 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

2.37.196.104.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

a8261541cc25cff6e5bfdaf24188a89116c818c6b9ef5d03b3a6c2eb116e5fbf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 03:04:04 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Thu, 15 Feb 2024 00:31:37 GMT
server: nginx/1.18.0
etag: W/"65cd5b69-24cb"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=315360000
x-default-cache: default_cache
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css_R5hpuNas9Jc5YQQsSdT8qk-e_qOOjpcG6HzIrflbJpg.css
www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/css/ 364 KB
58 KB 117ms
117ms Stylesheet
text/css 104.196.37.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/css/css_R5hpuNas9Jc5YQQsSdT8qk-e_qOOjpcG6HzIrflbJpg.css

Requested by

Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.196.37.2 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

2.37.196.104.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

479869b8d6acf4973961042c49d4fcaa4f9efea38e8e9706e87cc8adf95b2698

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 03:04:04 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Thu, 15 Feb 2024 00:31:38 GMT
server: nginx/1.18.0
etag: W/"65cd5b6a-5ae60"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=315360000
x-default-cache: default_cache
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js_P1NGcVaP41NJGJkUdicGZ5z4_V6DssyGg4AN_ryfFrE.js Show response
www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/js/ 377 B
840 B 227ms
226ms Script
application/javascript 104.196.37.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/js/js_P1NGcVaP41NJGJkUdicGZ5z4_V6DssyGg4AN_ryfFrE.js

Requested by

Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.196.37.2 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

2.37.196.104.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

3f534671568fe35349189914762706679cf8fd5e83b2cc8683800dfebc9f16b1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 03:04:04 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Thu, 15 Feb 2024 00:31:38 GMT
server: nginx/1.18.0
etag: W/"65cd5b6a-179"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000
x-default-cache: default_cache
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 image001_0.jpg
www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/ 38 KB
38 KB 227ms
226ms Image
image/jpeg 104.196.37.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/image001_0.jpg
Requested by: Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.196.37.2 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 2.37.196.104.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: 752d55c576fa27805d9277c3f5f06dab0d21620d765512218eb87ca82dedb2e1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 03:04:04 GMT
last-modified: Fri, 13 Sep 2019 17:57:00 GMT
server: nginx/1.18.0
etag: "5d7bd86c-97b4"
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 38836
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 GH%2014_WEB.jpg
www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/2024-02/ 118 KB
118 KB 227ms
227ms Image
image/jpeg 104.196.37.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/2024-02/GH%2014_WEB.jpg
Requested by: Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.196.37.2 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 2.37.196.104.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: 55967d400d8bc0cc7d3264e1386fa6e190d61faf8be76babc8169609410aa419

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 03:04:04 GMT
last-modified: Tue, 27 Feb 2024 16:03:23 GMT
server: nginx/1.18.0
etag: "65de07cb-1d6f8"
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 120568
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK thumbnail.jpg
etypeproductionstorage1.blob.core.windows.net/$web/Production_Prod/Publications/237/ 214 KB
214 KB 549ms
128ms Image
image/jpeg 20.150.38.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://etypeproductionstorage1.blob.core.windows.net/$web/Production_Prod/Publications/237/thumbnail.jpg
Requested by: Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.150.38.36 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 45f45cd0b237bbdc318f239e3b155fab98104b25161cc5e2dac55f2317b0b215

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 03 Mar 2024 03:04:04 GMT
Last-Modified: Wed, 28 Feb 2024 11:08:15 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8DC384D8FF322C0
Content-Type: .jpg
x-ms-request-id: 916f3f8f-d01e-004b-4517-6db961000000
x-ms-version: 2009-09-19
Content-Length: 218713

GET
H2 200 classic-10_7.css
cdn-images.mailchimp.com/embedcode/ 4 KB
2 KB 42ms
7ms Stylesheet
text/css 18.66.122.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-images.mailchimp.com/embedcode/classic-10_7.css
Requested by: Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-114.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 613b1a7b4e9e279b4bcceed16041478402a795ac76653535589480190b3aa1c0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 00:02:35 GMT
x-amz-version-id: null
content-encoding: gzip
last-modified: Thu, 17 Dec 2015 16:52:30 GMT
server: AmazonS3
via: 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
etag: W/"ae0fc9b84c30cada1784022044962394"
age: 10890
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: UrQemDxl39SaoUZRbCSowIryJJcetMZrwtEOSVlKU-c3SzT3_ABgAQ==

GET
H/1.1 200
OK mc-validate.js Show response
s3.amazonaws.com/downloads.mailchimp.com/js/ 140 KB
140 KB 335ms
124ms Script
application/javascript 52.217.164.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/downloads.mailchimp.com/js/mc-validate.js
Requested by: Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.164.240 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sun, 03 Mar 2024 03:04:06 GMT
Last-Modified: Mon, 20 Aug 2018 17:42:38 GMT
Server: AmazonS3
x-amz-request-id: Y4BXPV76A2PZ229H
ETag: "6465dd4a8331265e6629cd069e03504c"
Content-Type: application/javascript
Cache-Control: public,max-age=2592000
Accept-Ranges: bytes
Content-Length: 143249
x-amz-id-2: wmbzztd8eFRyjuOwipZ0u64cFAdS5/6Me81oDzwR97PxEvnGVf7mOD5gioAOjjtKJV2pwfx3mSU=

GET
H2 200 js_y57geBL-K47QfSLZFcl_jtxJKKl-i8yIkHt048E1tQc.js Show response
www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/js/ 99 KB
34 KB 200ms
199ms Script
application/javascript 104.196.37.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/js/js_y57geBL-K47QfSLZFcl_jtxJKKl-i8yIkHt048E1tQc.js

Requested by

Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.196.37.2 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

2.37.196.104.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

cb9ee07812fe2b8ed07d22d915c97f8edc4928a97e8bcc88907b74e3c135b507

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 03:04:04 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Thu, 15 Feb 2024 00:31:38 GMT
server: nginx/1.18.0
etag: W/"65cd5b6a-18a46"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000
x-default-cache: default_cache
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 3 KB
2 KB 65ms
25ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a3d8c061a2a585985a71d5b1a45c424c5bc79b310c86b4731b5bececf5ea5df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 03:04:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21504
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"257f9651f9cfd949f6dde30f51352116"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YBlBkVCOqJmh4035K865jZ%2BqYplGi6bhAFQo1Z9uBxmmWm6iMt1NVhXGRq3Ejr02j0RN24%2BsPHHzmmasMHGwPvxflf3KijhbQFqJznDgDK4vTClChL1CtfNZ8jUuQo5NQDNMVGzh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-ray: 85e665a6499f915e-FRA

GET
H2 200 js_fuSCs3Gd0zKHZ_Wwseiqaem5HY2aOEwZFtYa2Ic7_aQ.js Show response
www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/js/ 21 KB
7 KB 201ms
200ms Script
application/javascript 104.196.37.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/js/js_fuSCs3Gd0zKHZ_Wwseiqaem5HY2aOEwZFtYa2Ic7_aQ.js

Requested by

Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.196.37.2 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

2.37.196.104.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

7ee482b3719dd3328767f5b0b1e8aa69e9b91d8d9a384c1916d61ad8873bfda4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 03:04:04 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Thu, 15 Feb 2024 00:31:38 GMT
server: nginx/1.18.0
etag: W/"65cd5b6a-537d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000
x-default-cache: default_cache
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 88 KB
28 KB 132ms
54ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2237e6621c26664d4820a35b42b04caa3cf38f5257169a9a88fbe55ded530b1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 03:04:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28548
x-xss-protection: 0
server: cafe
etag: 125 / 19785 / m202402220101 / config-hash: 7305879754805612343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 03:04:04 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 251 KB
87 KB 55ms
54ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SYDC818VDF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-26466179-22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fdc4ee72bcafb8ddf8249ca997ed2ec70a5ea402509cbecd59c51b0bf243353c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 03:04:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89233
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 03 Mar 2024 03:04:04 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 43ms
14ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-26466179-22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 03 Mar 2024 03:03:59 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 03 Mar 2024 05:03:59 GMT

GET e687213560c8b
adatoolbar.com/wp-json/onlineada/v1/accessibility-toolbar/ 0
0

GET
H2

200

choice.js Show response
cmp.inmobi.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/
Redirect Chain

https://cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
https://cmp.inmobi.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js

3 KB
2 KB

59ms
7ms

Script
application/javascript

2600:9000:275b:6400:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Requested by: Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/
Protocol: H2
Server: 2600:9000:275b:6400:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c71b9f860fe9bac0f75a98fcb50dc1c4f77e59201ef22001131d3a1adc20fcb0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 03:03:32 GMT
content-encoding: br
via: 1.1 69114e4ea0aa4e532a5be63a75c51e2c.cloudfront.net (CloudFront)
last-modified: Wed, 22 Nov 2023 13:52:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 33
x-amz-server-side-encryption: AES256
etag: W/"ec43dec37a4eaf8ca7b754d3aee53c47"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-id: kBnfrHNPNtnoCnDkCc1zeeIkANEojzes-zXeM4MNxbytLw7VeN2iUw==

Redirect headers

date: Sun, 03 Mar 2024 03:04:04 GMT
server: awselb/2.0
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
location: https://cmp.inmobi.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
access-control-allow-origin: *
cache-control: max-age=900
content-length: 0

GET
H2 200 loading.gif
www.thenewsobserver.com/themes/tiempos/images/ 59 KB
59 KB 198ms
197ms Image
image/gif 104.196.37.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewsobserver.com/themes/tiempos/images/loading.gif
Requested by: Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/css/css_R5hpuNas9Jc5YQQsSdT8qk-e_qOOjpcG6HzIrflbJpg.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.196.37.2 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 2.37.196.104.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: 431b428df9a9cccde8d4de067400ee8fba8173e82787f3a05b5502d966b05d89

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 03:04:04 GMT
last-modified: Sun, 11 Sep 2022 19:16:30 GMT
server: nginx/1.18.0
etag: "631e340e-ea08"
content-type: image/gif
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 59912
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Petrona-VariableFont_wght.ttf
www.thenewsobserver.com/fonts/Petrona/ 211 KB
211 KB 198ms
198ms Font
application/octet-stream 104.196.37.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewsobserver.com/fonts/Petrona/Petrona-VariableFont_wght.ttf
Requested by: Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/css/css_R5hpuNas9Jc5YQQsSdT8qk-e_qOOjpcG6HzIrflbJpg.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.196.37.2 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 2.37.196.104.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: c5fb9773e1b7b1c8c078b650a644c6370a14d0e0ac67667d58ca8dbb027dcce3

Request headers

Referer
Origin: https://www.thenewsobserver.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 03:04:04 GMT
last-modified: Wed, 22 Mar 2023 16:43:11 GMT
server: nginx/1.18.0
etag: "641b301f-34b24"
content-type: application/octet-stream
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 215844
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fa-solid-900.woff2
www.thenewsobserver.com/libraries/fontawesome-free-6.4.2-web/webfonts/ 147 KB
147 KB 199ms
199ms Font
application/octet-stream 104.196.37.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thenewsobserver.com/libraries/fontawesome-free-6.4.2-web/webfonts/fa-solid-900.woff2

Requested by

Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/css/css_R5hpuNas9Jc5YQQsSdT8qk-e_qOOjpcG6HzIrflbJpg.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.196.37.2 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

2.37.196.104.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.thenewsobserver.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 03:04:04 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 02 Oct 2023 17:04:49 GMT
server: nginx/1.18.0
referrer-policy: no-referrer
etag: "651af831-24a04"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
x-default-cache: default_cache
accept-ranges: bytes
content-length: 150020
x-xss-protection: 1; mode=block

GET
H2 200 fa-brands-400.woff2
www.thenewsobserver.com/libraries/fontawesome-free-6.4.2-web/webfonts/ 107 KB
108 KB 199ms
199ms Font
application/octet-stream 104.196.37.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thenewsobserver.com/libraries/fontawesome-free-6.4.2-web/webfonts/fa-brands-400.woff2

Requested by

Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/css/css_R5hpuNas9Jc5YQQsSdT8qk-e_qOOjpcG6HzIrflbJpg.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.196.37.2 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

2.37.196.104.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

faae6fc0aa94cc5bde5076647c817a23206096a1cbeda10d1c6f3d89d6163ed1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.thenewsobserver.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 03:04:04 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 02 Oct 2023 17:04:49 GMT
server: nginx/1.18.0
referrer-policy: no-referrer
etag: "651af831-1acf0"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
x-default-cache: default_cache
accept-ranges: bytes
content-length: 109808
x-xss-protection: 1; mode=block

GET
H2 200 CBMC_WEB.jpg
www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/styles/article_thumbnail_230_scale_/public/2024-02/ 14 KB
15 KB 190ms
189ms Image
image/jpeg 104.196.37.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/styles/article_thumbnail_230_scale_/public/2024-02/CBMC_WEB.jpg?itok=kYRTZgcM

Requested by

Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.196.37.2 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

2.37.196.104.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

bb51a04331a8cc7c4a0d335b4b5ed921c4167fcc066fa5a90940b3e09866cc62

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 03:04:04 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 14625
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 28 Feb 2024 11:32:36 GMT
server: nginx/1.18.0
etag: "65df19d4-3921"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-default-cache: default_cache
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 HH%203_WEB.jpg
www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/styles/article_thumbnail_230_scale_/public/2024-02/ 25 KB
25 KB 190ms
189ms Image
image/jpeg 104.196.37.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/styles/article_thumbnail_230_scale_/public/2024-02/HH%203_WEB.jpg?itok=C_u_6e3d

Requested by

Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.196.37.2 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

2.37.196.104.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

70eec2abbe7cdd2ad04df0c8937e235392a1c3ec5ed3659acdb9e75b14fb4bba

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 03:04:04 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 25171
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 28 Feb 2024 11:32:36 GMT
server: nginx/1.18.0
etag: "65df19d4-6253"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-default-cache: default_cache
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 NGMCN%20Gala%201_WEB.jpg
www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/styles/article_thumbnail_230_scale_/public/2024-02/ 17 KB
17 KB 190ms
189ms Image
image/jpeg 104.196.37.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/styles/article_thumbnail_230_scale_/public/2024-02/NGMCN%20Gala%201_WEB.jpg?itok=32sylHsD

Requested by

Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.196.37.2 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

2.37.196.104.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

1360031a1f3cd646e258d1a56afca50d3308a03cabafdda048a873d60d3f999d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 03:04:04 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 17078
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 28 Feb 2024 11:32:36 GMT
server: nginx/1.18.0
etag: "65df19d4-42b6"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-default-cache: default_cache
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 92afc091-6256-45a4-828d-da965407b290-AnitaNavas_WEB.jpg
www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/styles/article_thumbnail_230_scale_/public/2024-02/ 15 KB
16 KB 191ms
189ms Image
image/jpeg 104.196.37.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/styles/article_thumbnail_230_scale_/public/2024-02/92afc091-6256-45a4-828d-da965407b290-AnitaNavas_WEB.jpg?itok=Cf0_vpTg

Requested by

Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.196.37.2 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

2.37.196.104.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

06acb2aea0fb5bdca870ad4f2cfdd053236d5e275092a4313aa89c9f8e687b57

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 03:04:04 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 15368
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 27 Feb 2024 16:57:27 GMT
server: nginx/1.18.0
etag: "65de1477-3c08"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-default-cache: default_cache
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Basin%203_WEB.jpg
www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/styles/article_thumbnail_230_scale_/public/2024-02/ 24 KB
25 KB 191ms
190ms Image
image/jpeg 104.196.37.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/styles/article_thumbnail_230_scale_/public/2024-02/Basin%203_WEB.jpg?itok=yeFGcrSg

Requested by

Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.196.37.2 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

2.37.196.104.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

d2478f53e1a7a4dc0e33dc1e914bf481dd2e533e71d9cdf5ca70e4a2b271440c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 03:04:04 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 24941
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 28 Feb 2024 11:32:36 GMT
server: nginx/1.18.0
etag: "65df19d4-616d"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-default-cache: default_cache
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Team_WEB.jpg
www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/styles/article_thumbnail_230_scale_/public/2024-02/ 23 KB
24 KB 191ms
190ms Image
image/jpeg 104.196.37.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/styles/article_thumbnail_230_scale_/public/2024-02/Team_WEB.jpg?itok=B7-Jg-H5

Requested by

Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.196.37.2 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

2.37.196.104.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

eb35841304db034b53771e5503e8ab373da0298c2b1a48ac4ac60918fa49c622

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 03:04:04 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 23846
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 28 Feb 2024 11:32:36 GMT
server: nginx/1.18.0
etag: "65df19d4-5d26"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-default-cache: default_cache
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Kenneth%20boring_WEB.jpg
www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/styles/article_thumbnail_230_scale_/public/2023-01/ 18 KB
18 KB 191ms
190ms Image
image/jpeg 104.196.37.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/styles/article_thumbnail_230_scale_/public/2023-01/Kenneth%20boring_WEB.jpg?itok=TevLouh9

Requested by

Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.196.37.2 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

2.37.196.104.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

ab309d4dbe24aa0f4a0e5e4d7aeec790196fbdda107857c4360508eb64d0a296

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 03:04:04 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 18214
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 25 Jan 2023 11:56:10 GMT
server: nginx/1.18.0
etag: "63d118da-4726"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-default-cache: default_cache
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Holly%20Fehrmann_WEB.jpg
www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/styles/article_thumbnail_230_scale_/public/2023-01/ 16 KB
16 KB 191ms
190ms Image
image/jpeg 104.196.37.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/styles/article_thumbnail_230_scale_/public/2023-01/Holly%20Fehrmann_WEB.jpg?itok=kJNKetAd

Requested by

Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.196.37.2 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

2.37.196.104.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

cc3534cb92be2761fe3c31ea4db7283a0e92cabedf9c0bb3d61444cd871421a4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 03:04:04 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 16144
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 25 Jan 2023 11:56:10 GMT
server: nginx/1.18.0
etag: "63d118da-3f10"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-default-cache: default_cache
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Ervin%20Thomason_WEB.jpg
www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/styles/article_thumbnail_230_scale_/public/2023-01/ 13 KB
13 KB 191ms
191ms Image
image/jpeg 104.196.37.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/styles/article_thumbnail_230_scale_/public/2023-01/Ervin%20Thomason_WEB.jpg?itok=Xv25_Uw4

Requested by

Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.196.37.2 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

2.37.196.104.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

6f35e32c7f68087ef5f05cd02aa7b27a216a8a72963b1cec026cca3f64ad0bed

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 03:04:04 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 12886
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 25 Jan 2023 11:56:10 GMT
server: nginx/1.18.0
etag: "63d118da-3256"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-default-cache: default_cache
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Healthcare%202024%20Cover.jpg
www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/styles/special_section/public/2024-02/ 24 KB
25 KB 300ms
299ms Image
image/jpeg 104.196.37.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/styles/special_section/public/2024-02/Healthcare%202024%20Cover.jpg?itok=ObvLfKMM

Requested by

Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.196.37.2 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

2.37.196.104.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

caf14f53c0e44d6e358de6fa00677c3403d6ce2a04e5674b6396ce70f9472b0a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 03:04:04 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 24919
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 20 Feb 2024 14:58:22 GMT
server: nginx/1.18.0
etag: "65d4be0e-6157"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-default-cache: default_cache
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 New%20Year%202024%20Welcome%20Cover.jpg
www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/styles/special_section/public/2024-01/ 37 KB
38 KB 300ms
300ms Image
image/jpeg 104.196.37.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/styles/special_section/public/2024-01/New%20Year%202024%20Welcome%20Cover.jpg?itok=XmeWXoL9

Requested by

Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.196.37.2 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

2.37.196.104.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

b22f1d135e937eb0b200aecbe035cd646cb463146f027699d4895e5a18a9da8b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 03:04:04 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 37917
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Thu, 18 Jan 2024 16:14:35 GMT
server: nginx/1.18.0
etag: "65a94e6b-941d"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-default-cache: default_cache
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Holiday%20Welcome%202023%20Cover.jpg
www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/styles/special_section/public/2023-11/ 44 KB
45 KB 300ms
300ms Image
image/jpeg 104.196.37.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/styles/special_section/public/2023-11/Holiday%20Welcome%202023%20Cover.jpg?itok=W71w_1q2

Requested by

Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.196.37.2 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

2.37.196.104.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

9f0ed9398c82c2e6f96b21cce740635068bd31a9062640c0b9ca7f871876fd93

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 03:04:04 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 45075
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 21 Nov 2023 19:20:14 GMT
server: nginx/1.18.0
etag: "655d02ee-b013"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-default-cache: default_cache
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 HBT%202023%20E-Edition-1%20copy.jpg
www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/styles/special_section/public/2023-10/ 29 KB
30 KB 300ms
300ms Image
image/jpeg 104.196.37.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thenewsobserver.com/sites/thenewsobserver.etypegoogle7.com/files/styles/special_section/public/2023-10/HBT%202023%20E-Edition-1%20copy.jpg?itok=edSGMkfw

Requested by

Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.196.37.2 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

2.37.196.104.bc.googleusercontent.com

Software

nginx/1.18.0 /

Resource Hash

0d8aeb1194af285c9d5d22d5a3d8753994a823a7615ad515096e48d9531a564d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 03:04:04 GMT
content-security-policy: default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 29648
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Thu, 12 Oct 2023 20:08:57 GMT
server: nginx/1.18.0
etag: "65285259-73d0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-default-cache: default_cache
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
212 B 17ms
17ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1290734174&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thenewsobserver.com%2F&ul=en-us&de=UTF-8&dt=The%20News%20Observer%2C%20Blue%20Ridge%2C%20Georgia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=89909575&gjid=1857100621&cid=93032274.1709435045&tid=UA-26466179-22&_gid=1717498406.1709435045&_r=1&gtm=457e42t1za200&gcd=13l3l3l3l3&dma_cps=sypham&dma=1&did=dMDhkMT&gdid=dMDhkMT&npa=1&z=895771136

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 03 Mar 2024 03:04:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thenewsobserver.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
260 B 48ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-SYDC818VDF&gtm=45je42t1v893268615za220&_p=1709435044573&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&tcfd=10001&cid=93032274.1709435045&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1709435044&sct=1&seg=0&dl=https%3A%2F%2Fwww.thenewsobserver.com%2F&dt=The%20News%20Observer%2C%20Blue%20Ridge%2C%20Georgia&en=page_view&_fv=1&_ss=1&tfd=1036
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SYDC818VDF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Mar 2024 03:04:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thenewsobserver.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cmp2.js Show response
cmp.inmobi.com/tcfv2/ 164 KB
43 KB 7ms
7ms Script
text/javascript 2600:9000:275b:6400:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=www.themoneytizer.com
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:6400:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 97d7832c4ce6e09c70b9daa26c79f189b45cf0b7b4075334470d1b1b8bf2418a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 02:05:12 GMT
content-encoding: br
via: 1.1 69114e4ea0aa4e532a5be63a75c51e2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
age: 3533
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 01 Mar 2024 10:04:44 GMT
server: AmazonS3
etag: W/"236daf6aff24a09663f1def7afcec490"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-meta-qc-ineu: True
vary: Accept-Encoding
x-amz-cf-id: jdQzZbfbTDgxqZQ_5PH7jD_dvsiNdI8cooCzmIxswB9zLMMZVqFfiw==

GET
H2 200 cmp-list.json Show response
cmp.inmobi.com/GVL-v2/ 17 KB
4 KB 21ms
7ms XHR
application/json 2600:9000:275b:6400:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/GVL-v2/cmp-list.json
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:6400:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1c72608664c08464243401421c479f40306405affdf4d81ce9d790c336149db7

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 03:00:45 GMT
content-encoding: br
via: 1.1 3e28473376ca49b2cafcfef86a39cf34.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
age: 200
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sun, 03 Mar 2024 03:00:42 GMT
server: AmazonS3
etag: W/"5261afd44e89cc5902f31c68b715e67c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: RZOVoQ7PFWlq93i_J_abPCOyJdurlTogXBcVXukx5OXkd5pkHAhr2w==

GET
H2 200 cmp2ui-en.js Show response
cmp.inmobi.com/tcfv2/52/ 291 KB
71 KB 7ms
7ms Script
text/javascript 2600:9000:275b:6400:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/tcfv2/52/cmp2ui-en.js
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:6400:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5aebed525f4f9673b537afc1ebb00205586bb9f3a0bd1ca666abc01ceb087aed

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 11:20:24 GMT
content-encoding: br
via: 1.1 69114e4ea0aa4e532a5be63a75c51e2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
age: 56621
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Fri, 01 Mar 2024 10:04:34 GMT
server: AmazonS3
etag: W/"a2bb9321c83c0e50d38aaf595d4c8979"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: BSGFHT9s5OF-GHXJUFtF9UGUxVRT-GZ5tM9GodqvIjZOgsNs6a98aw==

GET
H2 200 vendor-list-trimmed-v1.json Show response
cmp.inmobi.com/GVL-v3/ 568 KB
63 KB 9ms
9ms XHR
application/json 2600:9000:275b:6400:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/GVL-v3/vendor-list-trimmed-v1.json
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:6400:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 110eb4dfb826b81c95def8eda766eae762e3dd5fb7b260a394825c43db58f6db

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 11:20:24 GMT
content-encoding: br
via: 1.1 3e28473376ca49b2cafcfef86a39cf34.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
age: 56621
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 29 Feb 2024 23:59:21 GMT
server: AmazonS3
etag: W/"642e16ee5cd7b65a641bf099e6c073a6"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: NDe-r5lfknEeKyiW5uWSX81qQ_CJI6A1y3KzRdr3yYFmzjzaBV64yA==

GET
H2 200 google-atp-list.json Show response
cmp.inmobi.com/tcfv2/ 142 KB
33 KB 16ms
16ms XHR
application/json 2600:9000:275b:6400:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/tcfv2/google-atp-list.json
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:6400:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 37f20168aa8b55188b6de54718e81af99d910de6890fee998e384ab3bec73b8b

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 03:00:27 GMT
content-encoding: br
via: 1.1 3e28473376ca49b2cafcfef86a39cf34.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
age: 218
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sun, 03 Mar 2024 03:00:24 GMT
server: AmazonS3
etag: W/"5dc482cb2bdb0d382854b80196cc07cf"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: lh_H5etlCiGyxwM36YD8CII9Q2SpPlmth654OM5Weo24Efj0rbLWjQ==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/ 428 KB
135 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e518d28fc305914d99970e7793785ff5143eb03b1ff3eaf90f980d3e28758cdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 13:29:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48850
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137662
x-xss-protection: 0
server: cafe
etag: 2919427224111863329
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 02 Mar 2025 13:29:54 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 74 B
83 B 116ms
45ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.thenewsobserver.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d4f3bd875cbfe52ae004c870d9a15089bd38c464a223835f441b4cce34e9bd32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 03:04:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59
x-xss-protection: 0
expires: Sun, 03 Mar 2024 03:04:05 GMT

GET
H2 200 / Show response
api.cmp.inmobi.com/ 2 B
101 B 38ms
7ms XHR
text/plain 3.123.135.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.cmp.inmobi.com/?log=%7B%22accountId%22%3A%226Fv0cGNfc_bw8%22%2C%22domain%22%3A%22www.thenewsobserver.com%22%2C%22publisher%22%3A%22themoneytizer.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.52%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22JdpIh1wN33NiXwc3%2Fem6FQ%22%2C%22tagVersion%22%3A%22V2%22%2C%22gvlVersion%22%3A3%2C%22clientTimestamp%22%3A1709435045009%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-1bk6yf45e7nhg1w5m93p%22%7D
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/52/cmp2ui-en.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.123.135.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-135-87.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 03 Mar 2024 03:04:05 GMT
content-length: 2
content-type: text/plain; charset=utf-8

GET
H2 200 geoip Show response
cmp.inmobi.com/ 58 B
341 B 10ms
10ms XHR
application/json 2600:9000:275b:6400:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/geoip
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/52/cmp2ui-en.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:6400:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: ac52aa47022e892411dd0d4c540b2caabac7e4f252b79cfd2294f27b5580b7f2

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 03:04:05 GMT
via: 1.1 3e28473376ca49b2cafcfef86a39cf34.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P7
x-cache: FunctionGeneratedResponse from cloudfront
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *
content-length: 58
x-amz-cf-id: MnYk4ekJIsjn5Vo9DYR4tFtVsLhJmiJ6hsE4N9wXk7WyZ5ZO19DYkA==

GET
H2 200 loadView.html Show response
cdnres.willyweather.com/widget/ Frame F2F3 2 KB
1 KB 513ms
473ms Document
text/html 151.101.131.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnres.willyweather.com/widget/loadView.html?id=114747
Requested by: Host: www.thenewsobserver.com
URL: https://www.thenewsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.131.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache/2.4.46 (IUS) / PHP/7.4.33
Resource Hash: 7be1fe809cc5434c7bbc24713b8ed6dd2a448e0fc168c188128254336b384b28

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: max-age=60, public
content-encoding: gzip
content-length: 820
content-type: text/html; charset=UTF-8
date: Sun, 03 Mar 2024 03:04:05 GMT
server: Apache/2.4.46 (IUS)
vary: Accept-Encoding,User-Agent
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-powered-by: PHP/7.4.33
x-served-by: cache-fra-eddf8230108-FRA
x-timer: S1709435045.476211,VS0,VE467

GET
H2 200 sm.25.html Show response
static.addtoany.com/menu/ Frame 1AF1 716 B
755 B 29ms
29ms Document
text/html 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.25.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

274d4116239b63097bb7c16e56e27cbb5a77be20392fb8e2317c0a0235185cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 11224
alt-svc: h3=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 85e665aa0abe915e-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 03 Mar 2024 03:04:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XfRhM7liVSPTW4Aukc%2FPpcEjKuch4RmdyDzfdfqw3%2FXjKJsLiQTqGYCmkImYkH0Dhn0FZ4%2FWyo0lJt1AamPno3VViWgUCPQL7JtZcg9pY6dnrXASvCSMOX67JpKIye%2BtwgbDXUSA"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 core.Ep5bSEmr.js Show response
static.addtoany.com/menu/modules/ 70 KB
26 KB 70ms
56ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

219b652de3176257072749c876811cc963494f5fbdee3f92eb38e7392f724ce0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://www.thenewsobserver.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 03:04:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"a995aaed2cd978eb5749462d1dc3635e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OgGmmFIjjgrbcDhoS%2F49pk6kuLbqlSJuCU8hNRPAwPgqlYpnELPR6Z%2BQsM%2BTt67ErKGOpvcQnV88VaXVp336KqCytdafGlRgws%2BncYaf48%2BwgseTkVv3aLO%2BZP1Fjte0o%2FZE7OmubZE4rEjCKLq%2FL6%2BC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-ray: 85e665aa1bb73719-FRA

GET
H2 200 cssView.1.42.44.html
cdnres.willyweather.com/widget/ Frame F2F3 6 KB
2 KB 681ms
675ms Stylesheet
text/css 151.101.131.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnres.willyweather.com/widget/cssView.1.42.44.html?id=114747
Requested by: Host: cdnres.willyweather.com
URL: https://cdnres.willyweather.com/widget/loadView.html?id=114747
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.131.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache/2.4.46 (IUS) / PHP/7.4.33
Resource Hash: e7b894ba388346cf9db1fa06e70c6b95990a4e2615b10692d267205c42408815

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdnres.willyweather.com/widget/loadView.html?id=114747
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230108-FRA
date: Sun, 03 Mar 2024 03:04:06 GMT
content-encoding: gzip
via: 1.1 varnish
server: Apache/2.4.46 (IUS)
age: 0
x-timer: S1709435046.956186,VS0,VE670
x-powered-by: PHP/7.4.33
vary: Accept-Encoding,User-Agent
x-cache: MISS
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 1473
x-cache-hits: 0

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame F2F3 52 KB
21 KB 14ms
14ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdnres.willyweather.com
URL: https://cdnres.willyweather.com/widget/loadView.html?id=114747

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdnres.willyweather.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 03 Mar 2024 02:19:51 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2655
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 03 Mar 2024 04:19:51 GMT

GET
H2 200 sprite-precis.png
cdnres.willyweather.com/images/widgets/ Frame F2F3 16 KB
16 KB 6ms
6ms Image
image/png 151.101.131.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnres.willyweather.com/images/widgets/sprite-precis.png
Requested by: Host: cdnres.willyweather.com
URL: https://cdnres.willyweather.com/widget/cssView.1.42.44.html?id=114747
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.131.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache/2.4.46 (IUS) /
Resource Hash: 2d68e964474991f19656a6d03de9690d625af240e0647395b915464d25539d7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdnres.willyweather.com/widget/cssView.1.42.44.html?id=114747
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-cache-hits: 2
date: Sun, 03 Mar 2024 03:04:06 GMT
via: 1.1 varnish
expires: Sat, 22 Feb 2025 10:00:46 GMT
last-modified: Thu, 22 Feb 2024 14:27:26 GMT
server: Apache/2.4.46 (IUS)
age: 752600
x-timer: S1709435047.635726,VS0,VE0
x-cache: HIT
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 15919
x-served-by: cache-fra-eddf8230108-FRA

GET
H2 200 sprite.png
cdnres.willyweather.com/images/widgets/ Frame F2F3 54 KB
54 KB 8ms
7ms Image
image/png 151.101.131.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnres.willyweather.com/images/widgets/sprite.png
Requested by: Host: cdnres.willyweather.com
URL: https://cdnres.willyweather.com/widget/cssView.1.42.44.html?id=114747
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.131.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache/2.4.46 (IUS) /
Resource Hash: dfdf0c64f9007815d3ead2b68031a4ffbc0c4bb3493424faf70fd1f75ec405db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdnres.willyweather.com/widget/cssView.1.42.44.html?id=114747
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-cache-hits: 1
date: Sun, 03 Mar 2024 03:04:06 GMT
via: 1.1 varnish
expires: Tue, 25 Feb 2025 23:55:50 GMT
last-modified: Mon, 26 Feb 2024 15:49:48 GMT
server: Apache/2.4.46 (IUS)
age: 443296
x-timer: S1709435047.635835,VS0,VE1
x-cache: HIT
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 55146
x-served-by: cache-fra-eddf8230108-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: adatoolbar.com
URL: https://adatoolbar.com/wp-json/onlineada/v1/accessibility-toolbar/e687213560c8b

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.thenewsobserver.com/	1970-01-20 18:52:01	Name: _gid Value: GA1.2.1717498406.1709435045
.thenewsobserver.com/	1970-01-20 18:50:35	Name: _gat_gtag_UA_26466179_22 Value: 1
.thenewsobserver.com/	1970-01-21 04:26:35	Name: _ga_SYDC818VDF Value: GS1.1.1709435044.1.0.1709435044.0.0.0
.thenewsobserver.com/	1970-01-21 04:26:35	Name: _ga Value: GA1.1.93032274.1709435045
.www.thenewsobserver.com/	1970-01-21 04:12:11	Name: usprivacy Value: 1NNN

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.thenewsobserver.com/ Message: Access to script at 'https://adatoolbar.com/wp-json/onlineada/v1/accessibility-toolbar/e687213560c8b' from origin 'https://www.thenewsobserver.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://adatoolbar.com/wp-json/onlineada/v1/accessibility-toolbar/e687213560c8b Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https: data:; script-src 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'unsafe-inline' https:; img-src 'unsafe-inline' https: data: blob:; font-src 'unsafe-inline' https: data:; media-src 'unsafe-inline' blob: https:; worker-src blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adatoolbar.com
api.cmp.inmobi.com
cdn-images.mailchimp.com
cdnres.willyweather.com
cmp.inmobi.com
cmp.quantcast.com
etypeproductionstorage1.blob.core.windows.net
region1.google-analytics.com
s3.amazonaws.com
securepubads.g.doubleclick.net
static.addtoany.com
www.google-analytics.com
www.googletagmanager.com
www.thenewsobserver.com
adatoolbar.com
104.196.37.2
151.101.131.52
18.66.122.114
20.150.38.36
2001:4860:4802:34::178
2001:4860:4802:34::36
2600:9000:275b:6400:1b:cadc:ef40:93a1
2606:4700:10::6816:46c5
2a00:1450:4001:809::2008
2a00:1450:4001:80f::2002
3.123.135.87
52.217.164.240
52.59.163.183
06acb2aea0fb5bdca870ad4f2cfdd053236d5e275092a4313aa89c9f8e687b57
0d8aeb1194af285c9d5d22d5a3d8753994a823a7615ad515096e48d9531a564d
110eb4dfb826b81c95def8eda766eae762e3dd5fb7b260a394825c43db58f6db
1360031a1f3cd646e258d1a56afca50d3308a03cabafdda048a873d60d3f999d
1c72608664c08464243401421c479f40306405affdf4d81ce9d790c336149db7
219b652de3176257072749c876811cc963494f5fbdee3f92eb38e7392f724ce0
2237e6621c26664d4820a35b42b04caa3cf38f5257169a9a88fbe55ded530b1e
274d4116239b63097bb7c16e56e27cbb5a77be20392fb8e2317c0a0235185cad
2d68e964474991f19656a6d03de9690d625af240e0647395b915464d25539d7c
37f20168aa8b55188b6de54718e81af99d910de6890fee998e384ab3bec73b8b
3f534671568fe35349189914762706679cf8fd5e83b2cc8683800dfebc9f16b1
431b428df9a9cccde8d4de067400ee8fba8173e82787f3a05b5502d966b05d89
45f45cd0b237bbdc318f239e3b155fab98104b25161cc5e2dac55f2317b0b215
479869b8d6acf4973961042c49d4fcaa4f9efea38e8e9706e87cc8adf95b2698
55967d400d8bc0cc7d3264e1386fa6e190d61faf8be76babc8169609410aa419
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
567516e4008ebe94dfb88db09f6c275ed607cf0f4448eaf144ff87d322aee1e1
5aebed525f4f9673b537afc1ebb00205586bb9f3a0bd1ca666abc01ceb087aed
613b1a7b4e9e279b4bcceed16041478402a795ac76653535589480190b3aa1c0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f35e32c7f68087ef5f05cd02aa7b27a216a8a72963b1cec026cca3f64ad0bed
70eec2abbe7cdd2ad04df0c8937e235392a1c3ec5ed3659acdb9e75b14fb4bba
752d55c576fa27805d9277c3f5f06dab0d21620d765512218eb87ca82dedb2e1
7be1fe809cc5434c7bbc24713b8ed6dd2a448e0fc168c188128254336b384b28
7ee482b3719dd3328767f5b0b1e8aa69e9b91d8d9a384c1916d61ad8873bfda4
886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9
8a3d8c061a2a585985a71d5b1a45c424c5bc79b310c86b4731b5bececf5ea5df
97d7832c4ce6e09c70b9daa26c79f189b45cf0b7b4075334470d1b1b8bf2418a
9f0ed9398c82c2e6f96b21cce740635068bd31a9062640c0b9ca7f871876fd93
9f567b263336e2885ed0d0fa89eee9bf4075660d0b338efac42e4357e760aa2e
a8261541cc25cff6e5bfdaf24188a89116c818c6b9ef5d03b3a6c2eb116e5fbf
ab309d4dbe24aa0f4a0e5e4d7aeec790196fbdda107857c4360508eb64d0a296
ac52aa47022e892411dd0d4c540b2caabac7e4f252b79cfd2294f27b5580b7f2
b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857
b22f1d135e937eb0b200aecbe035cd646cb463146f027699d4895e5a18a9da8b
bb51a04331a8cc7c4a0d335b4b5ed921c4167fcc066fa5a90940b3e09866cc62
c5fb9773e1b7b1c8c078b650a644c6370a14d0e0ac67667d58ca8dbb027dcce3
c71b9f860fe9bac0f75a98fcb50dc1c4f77e59201ef22001131d3a1adc20fcb0
caf14f53c0e44d6e358de6fa00677c3403d6ce2a04e5674b6396ce70f9472b0a
cb9ee07812fe2b8ed07d22d915c97f8edc4928a97e8bcc88907b74e3c135b507
cc3534cb92be2761fe3c31ea4db7283a0e92cabedf9c0bb3d61444cd871421a4
d2478f53e1a7a4dc0e33dc1e914bf481dd2e533e71d9cdf5ca70e4a2b271440c
d4f3bd875cbfe52ae004c870d9a15089bd38c464a223835f441b4cce34e9bd32
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfdf0c64f9007815d3ead2b68031a4ffbc0c4bb3493424faf70fd1f75ec405db
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e518d28fc305914d99970e7793785ff5143eb03b1ff3eaf90f980d3e28758cdd
e7b894ba388346cf9db1fa06e70c6b95990a4e2615b10692d267205c42408815
eb35841304db034b53771e5503e8ab373da0298c2b1a48ac4ac60918fa49c622
faae6fc0aa94cc5bde5076647c817a23206096a1cbeda10d1c6f3d89d6163ed1
fdc4ee72bcafb8ddf8249ca997ed2ec70a5ea402509cbecd59c51b0bf243353c

www.thenewsobserver.com Open in urlscan Pro 104.196.37.2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

96 %HTTPS

46 %IPv6

12 Domains

14 Subdomains

13 IPs

2 Countries

2120 kBTransfer

4242 kBSize

5 Cookies

10 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.thenewsobserver.com Open in urlscan Pro
104.196.37.2 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

96 %
HTTPS

46 %
IPv6

12
Domains

14
Subdomains

13
IPs

2
Countries

2120 kB
Transfer

4242 kB
Size

5
Cookies

53 HTTP transactions
0 data transactions