www.nationalobserver.com Open in urlscan Pro
2606:4700:10::6816:4d72 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&ut...
Effective URL:
https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&ut...
Submission: On November 29 via api (November 29th 2020, 5:18:18 pm UTC) from DE

Summary HTTP 77 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 11 domains to perform 77 HTTP transactions. The main IP is 2606:4700:10::6816:4d72, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.nationalobserver.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 3rd 2020. Valid for: a year.

This is the only time www.nationalobserver.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
42	2606:4700:10:... 2606:4700:10::6816:4d72	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	172.217.18.162 172.217.18.162	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:817::2008	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6811:bab1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:817::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	2a00:1450:400... 2a00:1450:4001:820::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81a::2004	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE)
77	14

42 2606:4700:10::6816:4d72 (United States)

ASN13335 (CLOUDFLARENET, US)

www.nationalobserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:817::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:bab1 (United States)

ASN13335 (CLOUDFLARENET, US)

experience.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
buy.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1d25408719c97b852df66f840b54cd1e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:820::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	nationalobserver.com www.nationalobserver.com	3 MB
8	googlesyndication.com 1d25408719c97b852df66f840b54cd1e.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	171 KB
5	tinypass.com experience.tinypass.com cdn.tinypass.com id.tinypass.com buy.tinypass.com	130 KB
5	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net	110 KB
4	google-analytics.com www.google-analytics.com	52 KB
3	googletagmanager.com www.googletagmanager.com	96 KB
2	facebook.com www.facebook.com	467 B
2	googletagservices.com www.googletagservices.com	57 KB
2	facebook.net connect.facebook.net	93 KB
2	google.com adservice.google.com www.google.com	803 B
1	google.ca adservice.google.ca	803 B
77	11

	Domain	Requested by
42	www.nationalobserver.com	www.nationalobserver.com
5	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	securepubads.g.doubleclick.net	www.nationalobserver.com securepubads.g.doubleclick.net
3	www.googletagmanager.com	www.nationalobserver.com www.googletagmanager.com
2	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
2	www.facebook.com	www.nationalobserver.com connect.facebook.net
2	www.googletagservices.com	securepubads.g.doubleclick.net
2	connect.facebook.net	www.nationalobserver.com connect.facebook.net
2	experience.tinypass.com	www.nationalobserver.com cdn.tinypass.com
1	buy.tinypass.com	cdn.tinypass.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	id.tinypass.com	cdn.tinypass.com
1	www.google.com	securepubads.g.doubleclick.net
1	cdn.tinypass.com	experience.tinypass.com
1	1d25408719c97b852df66f840b54cd1e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.ca	securepubads.g.doubleclick.net
77	18

This site contains links to these domains. Also see Links.

Domain
static.nationalobserver.com
zoom.us
www.youtube.com
national-observer.myshopify.com
www.vancouverobserver.com
canadianjournalism.ca
www.facebook.com
twitter.com
instagram.com
www.linkedin.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-03` - `2021-08-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.piano.io Sectigo RSA Domain Validation Secure Server CA	`2020-09-17` - `2021-09-17`	a year	crt.sh
*.google.ca GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-11-02` - `2021-01-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
Frame ID: 50F115D77FF9AE1086434BBE7F9F955F
Requests: 67 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsudg7hviybxlmwZe4Z14kgsS_-cNhDnUxZTq6MAv-FCYgOKfB5zC9cAeikReTVYVZBJ7CcH7aZ0ZMXPyhMDPoCW6xXsAfN3RKaOsgUry_GMXHzg8Mcz4Olcg6rtwjJ12_vcAFbWlHt8aCW3yK_JiBpN2zZ-XeeWYbRYSTjSNm0q0WI2RhTY1IpzDrSAYOw5h7p-OIgAPMYRkB0MmIhOf8D8GM2rfyGpJSZFx-MDjcyDyHP0VxVvM4lJwofUWQo8z7M71l_cv_d7zRz0mcIOw_mAbdqGrQb_WQ&sai=AMfl-YQNX77iINbgL8QJEAxpFuhLYhjnZXkm3sZPSHWtUc86fSG_n6FNUxu0ihUYgVV_y3Cpn_AZGoBAJ3JaLBjWDKmXsUEYZAQrtOeeJr2nmZ9kp-a8H4y-l_GEzHe2v67q&sig=Cg0ArKJSzK8JF3DZE-tYEAE&adurl=
Frame ID: C618B5A7A33C3A99B53DD170E262CECD
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 446A5DA396255C4DCC5197B949374170
Requests: 1 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/show?displayMode=inline&containerSelector=%23site-broadcast-inner&templateId=OTNJXEEAPZNA&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAI2RX2uDMBTFv0ueG8ifamPe3HDFjtqyla717VZTm6HRadSyse8-lXUw2MMgL8nvnHMvJx8IdIokir1T1279-6OPZqiCTO216sORMMIIphQzD1MxHkKwYBQfy1XwHhryUJxDUuYcp6CIB17qQiqU4HMQiQMe8AVnxOEODMHqWqlaK5OoKTo4iCheL1-Wj2H4iwZXlbRWl2aSUUGEMBmpm2E2IcxmOTnlvEs6-1oXF1q0xja__H7yY24uZb9TRZWDVXwRBZsnyre7VczcwXGB5saQtHWrZsh-3yfzZhetDkHgb-No7OXG9lBrMHaUmDbPZyiBogKdmeb20OlGTxx1-O8COe6f-bmP3LS-3m3Wb2r_nwJ1Nf4IECrnZyGpx6Qzp3Mp2cDaRtV-powdJGmRjPvaHEnqEnfhuK6gn18hwGsx7QEAAA&experienceId=EX8NZMGWGKII&tbc=%7Bjzx%7Di4cQEliGphDucRXKRMu_I7e5S5x5zxmkQElWPShCJyhA-NpjEu-_1VTrlbkKxBH9rGpt8t7KwkvrU4v0PlnuYuC_KblM1wdu4fPzRK-YKyWI_itC3QthIaSuOoUGY3ciCVG_RXn-uiONfDaQYYJiQw&iframeId=offer-0-6FIET&url=https%3A%2F%2Fwww.nationalobserver.com%2F%3Futm_source%3DNational%252BObserver%26utm_campaign%3D2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01%26utm_medium%3Demail%26utm_term%3D0_cacd0f141f-2ba3445a0a-277178234&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=Z9bvuPACYA&tags=front&zone=public&pageViewId=2020-11-29-18-18-00-821-YoJEzIn0FmfI0ol3-dae09a9d6ad8e834a8c5a9a37320535a&visitId=v-2020-11-29-18-18-00-823-wS3fwN6drxBOMqeV-dae09a9d6ad8e834a8c5a9a37320535a&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%22_pc_nat_brief%22%3A%22nosub%22%7D&hasLoginRequiredCallback=true&width=1600&_qh=a8fb6a798f
Frame ID: CDCB7C839CA546E355A4745C927B9D34
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Drupal (CMS) Expand

Overall confidence: 100%
Detected patterns

headers expires /19 Nov 1978/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers expires /19 Nov 1978/i

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

77
Requests

99 %
HTTPS

92 %
IPv6

11
Domains

18
Subdomains

14
IPs

4
Countries

3512 kB
Transfer

5149 kB
Size

9
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://static.nationalobserver.com/digital-fractures?utm_source=website&utm_medium=home_cta&utm_campaign=regular&utm_content=button&utm_term=digital_fractures
Title: Download

Search URL Search Domain Scan URL

URL: https://static.nationalobserver.com/digital-fractures?piano_status=logged_in&utm_source=website&utm_medium=home_cta&utm_campaign=regular&utm_content=button&utm_term=digital_fractures_sub
Title: Download

Search URL Search Domain Scan URL

URL: https://zoom.us/webinar/register/WN_eMxaveNgRbuhkST5FFnvyg
Title: Reserve a place

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=OaFnZ2rt1hw
Title: Watch recording

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=llM5wmZjJU4
Title: Watch recording

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=zi6ae6kZNqE
Title: Watch recording

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=eW6O_YbaVv4
Title: Watch recording

Search URL Search Domain Scan URL

URL: https://national-observer.myshopify.com/
Title: Shop

Search URL Search Domain Scan URL

URL: https://www.vancouverobserver.com/
Title: VO

Search URL Search Domain Scan URL

URL: https://canadianjournalism.ca/
Title: CCJ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/nationalobserver

Search URL Search Domain Scan URL

URL: https://twitter.com/NatObserver

Search URL Search Domain Scan URL

URL: https://www.youtube.com/nationalobserver

Search URL Search Domain Scan URL

URL: https://instagram.com/natobserver/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/national-observer

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

77 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.nationalobserver.com/ 81 KB
16 KB 1282ms
1252ms Document
text/html 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c16f78bc132dc119b6d058159f9c3005f8242f8b4849a05de640da47dca64caf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.nationalobserver.com
:scheme: https
:path: /?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 17:17:59 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d3fc3bcb5fe6eeedbd93906377869ac0f1606670278; expires=Tue, 29-Dec-20 17:17:58 GMT; path=/; domain=.nationalobserver.com; HttpOnly; SameSite=Lax
x-drupal-cache: MISS
x-content-type-options: nosniff
content-language: en
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=edge
x-generator: Drupal 7 (http://drupal.org)
link: <https://www.nationalobserver.com/front>; rel="canonical",<https://www.nationalobserver.com/front>; rel="shortlink",<https://www.nationalobserver.com/profiles/natobs/themes/custom/nat/favicon.ico>; rel="shortcut icon",<https://www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/icons/icon-192x192.png>; rel="icon_192x192",<https://www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/icons/ios-iphone-114x114.png>; rel="apple-touch-icon-precomposed_114x114",<https://www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/icons/ios-ipad-144x144.png>; rel="apple-touch-icon-precomposed_144x144",<https://www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/icons/ios-ipad-152x152.png>; rel="apple-touch-icon-precomposed_152x152",<https://www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/icons/ios-iphone-180x180.png>; rel="apple-touch-icon-precomposed_180x180"
cache-control: public, max-age=300
expires: Sun, 19 Nov 1978 05:00:00 GMT
vary: Cookie,Accept-Encoding
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=63072000
last-modified: Sun, 29 Nov 2020 17:17:59 GMT
x-varnish: 21073696
age: 0
via: 1.1 varnish (Varnish/5.0)
x-varnish-cache: MISS
cf-cache-status: DYNAMIC
cf-request-id: 06b69bf80d00002bd64db1b000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5f9dfc39ad112bd6-FRA
content-encoding: br

GET
H2 200 proxima-nova-bold.woff2
www.nationalobserver.com/profiles/natobs/themes/custom/nat/fonts/proxima-nova/font/proxima-nova-bold/ 22 KB
22 KB 15ms
14ms Font
text/plain 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/profiles/natobs/themes/custom/nat/fonts/proxima-nova/font/proxima-nova-bold/proxima-nova-bold.woff2

Requested by

Host: www.nationalobserver.com
URL: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35c1498a19d58b40939270e89449be0bc4b2e34fe479472e3440b6b0b4218c5d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.nationalobserver.com
Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Sun, 29 Nov 2020 17:17:59 GMT
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5693
strict-transport-security: max-age=63072000
content-length: 22128
cf-request-id: 06b69bfd0300002bd6e0b9c000000001
last-modified: Thu, 26 Nov 2020 19:22:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 31011789 14480837
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 5f9dfc419c0f2bd6-FRA
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description

GET
H2 200 proxima-nova-regular.woff2
www.nationalobserver.com/profiles/natobs/themes/custom/nat/fonts/proxima-nova/font/proxima-nova-regular/ 21 KB
21 KB 16ms
15ms Font
text/plain 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/profiles/natobs/themes/custom/nat/fonts/proxima-nova/font/proxima-nova-regular/proxima-nova-regular.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8b76f4f8d7be014961358274f5002a23afa8a794499a5f0346745a7a3ff0795

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.nationalobserver.com
Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Sun, 29 Nov 2020 17:17:59 GMT
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5693
strict-transport-security: max-age=63072000
content-length: 21700
cf-request-id: 06b69bfd0300002bd628304000000001
last-modified: Thu, 26 Nov 2020 19:22:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 29505681 24110464
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 5f9dfc419c112bd6-FRA
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description

GET
H2 200 proxima-nova-extrabold.woff2
www.nationalobserver.com/profiles/natobs/themes/custom/nat/fonts/proxima-nova/font/proxima-nova-extrabold/ 22 KB
22 KB 21ms
20ms Font
text/plain 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/profiles/natobs/themes/custom/nat/fonts/proxima-nova/font/proxima-nova-extrabold/proxima-nova-extrabold.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d540f8521319ab916fcf16182e5be0d0eb62dfbd6d9438ef7ed1a22044eebd9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.nationalobserver.com
Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Sun, 29 Nov 2020 17:17:59 GMT
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5693
strict-transport-security: max-age=63072000
content-length: 22404
cf-request-id: 06b69bfd0400002bd64abea000000001
last-modified: Thu, 26 Nov 2020 19:22:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 29906689 23950002
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 5f9dfc419c122bd6-FRA
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description

GET
H2 200 css__65kM4zlaIyVDYAn2kAGrH4hfsmdne22qW3KPZz1uuzA__HIDE0arriNOGOnN-d84YmzH6Db3nFkIDTtbbGMvjZ-w__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.css
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_css/ 15 KB
4 KB 14ms
14ms Stylesheet
text/css 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_css/css__65kM4zlaIyVDYAn2kAGrH4hfsmdne22qW3KPZz1uuzA__HIDE0arriNOGOnN-d84YmzH6Db3nFkIDTtbbGMvjZ-w__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcc7fe73b7500d838a58d1b908da476364bb087b453f5f4d0b2c374b849e446e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2107660
cf-ray: 5f9dfc41ac142bd6-FRA
strict-transport-security: max-age=63072000
content-length: 3972
cf-request-id: 06b69bfd0400002bd6fbbee000000001
last-modified: Thu, 15 Oct 2020 08:07:05 GMT
server: cloudflare
date: Sun, 29 Nov 2020 17:17:59 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 20750402 23504547
via: 1.1 varnish (Varnish/5.0)
cache-control: public, max-age=31536000, no-transform, immutable
accept-ranges: bytes
content-type: text/css

GET
H2 200 css__-F-28WDUJfuhSiGMCRLWOtsNrqhOYEPnxe5S_SHxHqE__QiXGFEtcElqah49NtWSGf93cLO5_qVO73pRinGF6MWA__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.css
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_css/ 214 KB
29 KB 16ms
15ms Stylesheet
text/css 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_css/css__-F-28WDUJfuhSiGMCRLWOtsNrqhOYEPnxe5S_SHxHqE__QiXGFEtcElqah49NtWSGf93cLO5_qVO73pRinGF6MWA__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

123ea2fb450da04593fedb8274edb89051037673e2612e90c4004e4c587c2d1b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 235736
cf-ray: 5f9dfc41ac162bd6-FRA
strict-transport-security: max-age=63072000
content-length: 29922
cf-request-id: 06b69bfd0400002bd62ca94000000001
last-modified: Thu, 26 Nov 2020 23:29:41 GMT
server: cloudflare
date: Sun, 29 Nov 2020 17:17:59 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 31011787 31138745
via: 1.1 varnish (Varnish/5.0)
cache-control: public, max-age=31536000, no-transform, immutable
accept-ranges: bytes
content-type: text/css

GET
H2 200 js__6NgjuVoigBzknb8S2rb0ijohEWjJW265Lt3GROCiQRY__p0V6GaihwQowEzAD0a-CSmO4oW3HBgc1Y-iBcGiYId8__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js Show response
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ 54 KB
18 KB 25ms
25ms Script
application/javascript 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/js__6NgjuVoigBzknb8S2rb0ijohEWjJW265Lt3GROCiQRY__p0V6GaihwQowEzAD0a-CSmO4oW3HBgc1Y-iBcGiYId8__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0aabd982d50890426a2b555b88d870b2c7e9b2c93c7cc945561c813556603c97

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: MISS
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 754617
cf-ray: 5f9dfc41ac182bd6-FRA
strict-transport-security: max-age=63072000
content-length: 18449
cf-request-id: 06b69bfd0500002bd6f185a000000001
last-modified: Fri, 20 Nov 2020 23:40:02 GMT
server: cloudflare
date: Sun, 29 Nov 2020 17:17:59 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 23588382
via: 1.1 varnish (Varnish/5.0)
cache-control: public, max-age=31536000, no-transform, immutable
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 js__0HVHSq1HKO0cV1SD0I1hm4EfdUPrikm-yDiwQg8hsMQ__40YrL2aSiZmfap0peqfapAZpogiJynGBflb-zJ7vQQo__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js Show response
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ 6 KB
2 KB 20ms
20ms Script
application/javascript 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/js__0HVHSq1HKO0cV1SD0I1hm4EfdUPrikm-yDiwQg8hsMQ__40YrL2aSiZmfap0peqfapAZpogiJynGBflb-zJ7vQQo__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7798f3947141f95f35a6890c5e7df7eb25c4097e92a2f8fc813963ce37aa58cd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: MISS
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1952101
cf-ray: 5f9dfc41cc772bd6-FRA
strict-transport-security: max-age=63072000
content-length: 2234
cf-request-id: 06b69bfd1b00002bd601240000000001
last-modified: Thu, 15 Oct 2020 08:07:05 GMT
server: cloudflare
date: Sun, 29 Nov 2020 17:17:59 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 238553
via: 1.1 varnish (Varnish/5.0)
cache-control: public, max-age=31536000, no-transform, immutable
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 js__HuMlYbe9VM6ioIEqzbLN24SNkjHWISa7rXLvTEol6b0__AdhAFZ5QAk_VrKkFUOCnxJb9ANrhuWlKf15A7QHm14M__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js Show response
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ 3 KB
1 KB 25ms
24ms Script
application/javascript 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/js__HuMlYbe9VM6ioIEqzbLN24SNkjHWISa7rXLvTEol6b0__AdhAFZ5QAk_VrKkFUOCnxJb9ANrhuWlKf15A7QHm14M__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69b116c12bbdb23eab4b5600fb5e071a12c5d47494c7a600ffacc4ffa4cd44aa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: MISS
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 352713
cf-ray: 5f9dfc41cc9a2bd6-FRA
strict-transport-security: max-age=63072000
content-length: 1080
cf-request-id: 06b69bfd2100002bd60d86f000000001
last-modified: Thu, 15 Oct 2020 08:07:05 GMT
server: cloudflare
date: Sun, 29 Nov 2020 17:17:59 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 29306929
via: 1.1 varnish (Varnish/5.0)
cache-control: public, max-age=31536000, no-transform, immutable
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 pubads_impl_2020111701.js Show response
securepubads.g.doubleclick.net/gpt/ 277 KB
98 KB 182ms
81ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Requested by

Host: www.nationalobserver.com
URL: https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/js__6NgjuVoigBzknb8S2rb0ijohEWjJW265Lt3GROCiQRY__p0V6GaihwQowEzAD0a-CSmO4oW3HBgc1Y-iBcGiYId8__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

sffe /

Resource Hash

68963209b16bd2a387c310495d51021d2fc57e5df9cb87ac98a0505c0daeca43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 29 Nov 2020 17:18:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 17 Nov 2020 09:43:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99766
x-xss-protection: 0
expires: Sun, 29 Nov 2020 17:18:00 GMT

GET
H2 200 lji_canada.svg
www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/maps/ 103 KB
42 KB 863ms
862ms Image
image/svg+xml 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/maps/lji_canada.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f60c0a6768f0d5747867595475c0c20f9887ceb69377168f7c55d662b2e8e19

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Sun, 29 Nov 2020 17:18:00 GMT
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-ray: 5f9dfc42af132bd6-FRA
strict-transport-security: max-age=63072000
content-encoding: br
cf-request-id: 06b69bfdaa00002bd630a2b000000001
last-modified: Thu, 26 Nov 2020 19:22:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 31011794
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
content-type: image/svg+xml
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description

GET
H2 200 js__9Dyd-fwxZ7oMH5MbaoCOKCADnhvouFdMwSw8XaZPpzw__8UaUa8dH70EmVutbPdVpk05Bd1Paov93TS0FM81CAZU__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js Show response
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ 167 KB
58 KB 19ms
19ms Script
application/javascript 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/js__9Dyd-fwxZ7oMH5MbaoCOKCADnhvouFdMwSw8XaZPpzw__8UaUa8dH70EmVutbPdVpk05Bd1Paov93TS0FM81CAZU__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44e56ef0e5dd6e0abfe0af2bd8463e1ce174576747f7a71980b4559fea97fa50

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 235737
cf-ray: 5f9dfc43893a2bd6-FRA
strict-transport-security: max-age=63072000
content-length: 58590
cf-request-id: 06b69bfe3200002bd62714a000000001
last-modified: Thu, 26 Nov 2020 23:29:21 GMT
server: cloudflare
date: Sun, 29 Nov 2020 17:18:00 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 31235036 31268442
via: 1.1 varnish (Varnish/5.0)
cache-control: public, max-age=31536000, no-transform, immutable
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 js__Jq-OeEoSxwKKsa6agvxFoVf16cmQ4O2SuyHioLSRnug__ii4xEx2h8Bux_I1upuUOV2JBiJOGW8RJV0TLQaT70DA__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js Show response
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ 79 KB
22 KB 28ms
26ms Script
application/javascript 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/js__Jq-OeEoSxwKKsa6agvxFoVf16cmQ4O2SuyHioLSRnug__ii4xEx2h8Bux_I1upuUOV2JBiJOGW8RJV0TLQaT70DA__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

beda2da2b2330d393ebe11f55360dfdc1fde838ab3a8f63b0cd540752d80f9a4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 235737
cf-ray: 5f9dfc43a9932bd6-FRA
strict-transport-security: max-age=63072000
content-length: 22203
cf-request-id: 06b69bfe4700002bd650853000000001
last-modified: Thu, 26 Nov 2020 23:29:20 GMT
server: cloudflare
date: Sun, 29 Nov 2020 17:18:00 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 29906692 23949604
via: 1.1 varnish (Varnish/5.0)
cache-control: public, max-age=31536000, no-transform, immutable
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 js__drBntGipoEDHhAASZjSa3VmJSsxTjXyTzp58fKGniPo__mFnendQQxsmJHufyCu_ODVQkaSoA8zl-DRJ-O1AasAE__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js Show response
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ 8 KB
3 KB 17ms
15ms Script
application/javascript 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/js__drBntGipoEDHhAASZjSa3VmJSsxTjXyTzp58fKGniPo__mFnendQQxsmJHufyCu_ODVQkaSoA8zl-DRJ-O1AasAE__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3fc334e19b3509707d7676c747ef6f0cd0842e9b485189d13eb3512fdd53fe0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 235737
cf-ray: 5f9dfc43a9982bd6-FRA
strict-transport-security: max-age=63072000
content-length: 2871
cf-request-id: 06b69bfe4a00002bd62714e000000001
last-modified: Thu, 26 Nov 2020 23:29:20 GMT
server: cloudflare
date: Sun, 29 Nov 2020 17:18:00 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 31235038 24110414
via: 1.1 varnish (Varnish/5.0)
cache-control: public, max-age=31536000, no-transform, immutable
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 js__c_-bq4LKl0Z9t_k2kzeOw_YN4hUHeBZq9qjx7iC7uTI__zvBArVrAHvw2FfFmKP0epOKR6omrBA1dazT-SXbyEoE__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js Show response
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ 24 KB
7 KB 16ms
15ms Script
application/javascript 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/js__c_-bq4LKl0Z9t_k2kzeOw_YN4hUHeBZq9qjx7iC7uTI__zvBArVrAHvw2FfFmKP0epOKR6omrBA1dazT-SXbyEoE__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef6b730887f786f8ddcc05814d30d04c8f7f1606975be3f408e497963986efd1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 235737
cf-ray: 5f9dfc43a99c2bd6-FRA
strict-transport-security: max-age=63072000
content-length: 7105
cf-request-id: 06b69bfe4800002bd6e10e9000000001
last-modified: Thu, 26 Nov 2020 23:29:20 GMT
server: cloudflare
date: Sun, 29 Nov 2020 17:18:00 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 20149087 23949976
via: 1.1 varnish (Varnish/5.0)
cache-control: public, max-age=31536000, no-transform, immutable
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 js__sMS63duh3VzRUILRtqOmW35WVeDp-TxtPGhPQPTYP1g__JYl3-wE51W3FC9lSWf2TCTIoMk-HfEMSI4N-C3ptwo4__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js Show response
www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/ 31 KB
9 KB 15ms
14ms Script
application/javascript 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/js__sMS63duh3VzRUILRtqOmW35WVeDp-TxtPGhPQPTYP1g__JYl3-wE51W3FC9lSWf2TCTIoMk-HfEMSI4N-C3ptwo4__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e516b37314d7d5e77025c54027e4d966584ed7333d6332cbbfa6d187b9ff9e9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: MISS
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 127324
cf-ray: 5f9dfc43a9a12bd6-FRA
strict-transport-security: max-age=63072000
content-length: 8727
cf-request-id: 06b69bfe4800002bd64fae1000000001
last-modified: Fri, 27 Nov 2020 02:10:44 GMT
server: cloudflare
date: Sun, 29 Nov 2020 17:18:00 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 32746801
via: 1.1 varnish (Varnish/5.0)
cache-control: public, max-age=31536000, no-transform, immutable
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 logo_header.svg
www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/no_logos/ 6 KB
3 KB 30ms
29ms Image
image/svg+xml 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/no_logos/logo_header.svg

Requested by

Host: www.nationalobserver.com
URL: https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_css/css__-F-28WDUJfuhSiGMCRLWOtsNrqhOYEPnxe5S_SHxHqE__QiXGFEtcElqah49NtWSGf93cLO5_qVO73pRinGF6MWA__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd075ce8eb48032630ecb10e2c78b95803ff8f2b63b83841f14115180001cfeb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_css/css__-F-28WDUJfuhSiGMCRLWOtsNrqhOYEPnxe5S_SHxHqE__QiXGFEtcElqah49NtWSGf93cLO5_qVO73pRinGF6MWA__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Sun, 29 Nov 2020 17:18:00 GMT
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6916
cf-ray: 5f9dfc43b9c32bd6-FRA
strict-transport-security: max-age=63072000
content-encoding: br
cf-request-id: 06b69bfe4f00002bd602863000000001
last-modified: Thu, 26 Nov 2020 19:22:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 20149092 28765569
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
content-type: image/svg+xml
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description

GET
H2 200 nhm-kern-river-oil-field_national-observer.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_header_full_size/public/img/2020/10/13/ 428 KB
429 KB 70ms
67ms Image
image/jpeg 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_header_full_size/public/img/2020/10/13/nhm-kern-river-oil-field_national-observer.jpg?itok=TqF2LReI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef4d60e25621d4182b242e0ac41f0a06d4f426c6a2f51cb54c5b19295f61eefc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Sun, 29 Nov 2020 17:18:00 GMT
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2344
cf-polished: degrade=85, origSize=2009944, status=webp_bigger
cf-ray: 5f9dfc447c142bd6-FRA
strict-transport-security: max-age=63072000
content-length: 438728
cf-request-id: 06b69bfeea00002bd6f2312000000001
last-modified: Tue, 13 Oct 2020 23:05:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 33141676 33523228
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H2 200 kris_krug-file-photo-oilsands.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser_top_story/public/img/2017/11/27/ 530 KB
530 KB 1517ms
1514ms Image
image/jpeg 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser_top_story/public/img/2017/11/27/kris_krug-file-photo-oilsands.jpg?itok=SUiyUzB9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed8ed07619b312d41708e7aa95d3b3ba201cc9e42fb93c5bdeb029cdfa362da1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-type: image/jpeg
strict-transport-security: max-age=63072000
content-length: 542248
cf-request-id: 06b69bfed900002bd63b82a000000001
last-modified: Thu, 26 Nov 2020 13:14:55 GMT
server: cloudflare
date: Sun, 29 Nov 2020 17:18:01 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 33755099 27128562
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5f9dfc447c182bd6-FRA

GET
H2 200 170815_-_orec_-_maurice-lapointe_school_solar_-_1.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/25/ 32 KB
32 KB 806ms
802ms Image
image/jpeg 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/25/170815_-_orec_-_maurice-lapointe_school_solar_-_1.jpg?itok=zedabWJU

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5073e3952365b72b48d52a325a04529b62c22208a4a49b35ef9257adadb89a7d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Sun, 29 Nov 2020 17:18:01 GMT
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: degrade=85, origSize=176646, status=webp_bigger
cf-ray: 5f9dfc447c1c2bd6-FRA
strict-transport-security: max-age=63072000
content-length: 32529
cf-request-id: 06b69bfed800002bd630a50000000001
last-modified: Fri, 27 Nov 2020 11:14:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 32842297 32096199
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H2 200 donald_trump_30020866713.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/12/ 15 KB
15 KB 1005ms
1002ms Image
image/webp 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/12/donald_trump_30020866713.jpg?itok=aG_HvKl2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e3ccb7f8d5033dc9249e088468d550267c7b9197484d5169ab69fb132d5fdb5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: qual=85, origFmt=jpeg, origSize=113322
cf-ray: 5f9dfc447c1e2bd6-FRA
content-disposition: inline; filename="donald_trump_30020866713.webp"
vary: Accept
content-length: 14928
cf-request-id: 06b69bfee200002bd6e10fc000000001
last-modified: Fri, 13 Nov 2020 11:14:42 GMT
server: cloudflare
date: Sun, 29 Nov 2020 17:18:01 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
x-varnish: 32983907 32876925
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 cropped_jhr_report_cover.png
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/24/ 58 KB
58 KB 820ms
817ms Image
image/webp 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/24/cropped_jhr_report_cover.png?itok=93SNHYur

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2b46e852a38112961d10bfdd15393abaeef3e13f57ac30c627365eea42156c1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=96149
cf-ray: 5f9dfc447c202bd6-FRA
content-disposition: inline; filename="cropped_jhr_report_cover.webp"
vary: Accept
content-length: 59578
cf-request-id: 06b69bfed900002bd64cb20000000001
last-modified: Wed, 25 Nov 2020 11:16:30 GMT
server: cloudflare
date: Sun, 29 Nov 2020 17:18:01 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
x-varnish: 33494382 31369999
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 daybreak-strawn-outer-coast_n8a0372-sepia_ppt.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/04/29/ 28 KB
28 KB 74ms
71ms Image
image/jpeg 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/04/29/daybreak-strawn-outer-coast_n8a0372-sepia_ppt.jpg?itok=5o9nj1Dy

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c843f0359793ee8296a0c650e4b24d29982a08149e637da18189c8845fb66f8f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Sun, 29 Nov 2020 17:18:00 GMT
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1965
cf-polished: degrade=85, origSize=140977, status=webp_bigger
cf-ray: 5f9dfc447c222bd6-FRA
strict-transport-security: max-age=63072000
content-length: 28895
cf-request-id: 06b69bfee700002bd6d8119000000001
last-modified: Thu, 30 Apr 2020 10:18:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 33457686 32328790
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H2 200 linda-01.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/square_350/public/ 17 KB
17 KB 847ms
815ms Image
image/webp 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/square_350/public/linda-01.jpg?itok=2jgOmlkI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b55f5172a79c2853df80b2ad4c33eb3a30f77df8f3dd4f3a8edac0a8dec30d8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: qual=85, origFmt=jpeg, origSize=122205
cf-ray: 5f9dfc44ed9e2bd6-FRA
content-disposition: inline; filename="linda-01.webp"
vary: Accept
content-length: 17292
cf-request-id: 06b69bff1500002bd634a80000000001
last-modified: Wed, 09 Sep 2020 19:02:56 GMT
server: cloudflare
date: Sun, 29 Nov 2020 17:18:01 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
x-varnish: 15720687 9437663
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 monika_bauerlein.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/square_350/public/img/2020/10/20/ 173 KB
173 KB 1314ms
1281ms Image
image/jpeg 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/square_350/public/img/2020/10/20/monika_bauerlein.jpg?itok=27UrvHNS

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a150fba4e753ee4fdb3cb7f3d8986632f727eb6267a5aabe505d2f9cdade026f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-type: image/jpeg
strict-transport-security: max-age=63072000
content-length: 176987
cf-request-id: 06b69bff1400002bd64a82b000000001
last-modified: Tue, 20 Oct 2020 18:06:49 GMT
server: cloudflare
date: Sun, 29 Nov 2020 17:18:01 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 34315873 34315847
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5f9dfc44eda12bd6-FRA

GET
H2 200 steven_katz.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/square_350/public/img/2020/10/20/ 12 KB
12 KB 868ms
836ms Image
image/webp 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/square_350/public/img/2020/10/20/steven_katz.jpg?itok=ZP8GwlIw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4414145b5b1dcba24d41e3bbb0e9d56fc45150e028df745adb67539f8979ff75

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: qual=85, origFmt=jpeg, origSize=142861
cf-ray: 5f9dfc44eda32bd6-FRA
content-disposition: inline; filename="steven_katz.webp"
vary: Accept
content-length: 12444
cf-request-id: 06b69bff1400002bd64cb2d000000001
last-modified: Tue, 20 Oct 2020 18:06:49 GMT
server: cloudflare
date: Sun, 29 Nov 2020 17:18:01 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
x-varnish: 32494389 31496333
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 2020112815114-5fc2ad8d590d2f8327661283jpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/29/ 99 KB
99 KB 1304ms
1273ms Image
image/jpeg 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/29/2020112815114-5fc2ad8d590d2f8327661283jpeg.jpg?itok=759s8pyD

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d889ac75224efc940a8acf0240412988f6aa70b28c8562d159a2f647049e2f7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: MISS
content-type: image/jpeg
strict-transport-security: max-age=63072000
content-length: 101537
cf-request-id: 06b69bff2000002bd64a369000000001
last-modified: Sun, 29 Nov 2020 14:11:52 GMT
server: cloudflare
date: Sun, 29 Nov 2020 17:18:01 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 34670262 34315853
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5f9dfc44eda82bd6-FRA

GET
H2 200 20201127171136-5fc17fc65ae39b3ca7035b8fjpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/28/ 8 KB
9 KB 850ms
819ms Image
image/webp 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/28/20201127171136-5fc17fc65ae39b3ca7035b8fjpeg.jpg?itok=Y1eyMy-p

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d59c8c91c6efcc143a7789a5a9c6a2c8e7f869850071d26e7d0b3b252308d96

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: qual=85, origFmt=jpeg, origSize=81369
cf-ray: 5f9dfc44edab2bd6-FRA
content-disposition: inline; filename="20201127171136-5fc17fc65ae39b3ca7035b8fjpeg.webp"
vary: Accept
content-length: 8628
cf-request-id: 06b69bff2000002bd64998e000000001
last-modified: Sat, 28 Nov 2020 14:51:42 GMT
server: cloudflare
date: Sun, 29 Nov 2020 17:18:01 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
x-varnish: 33198070 33458945
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 2020112713118-6af0cfd7d7a186fa05044a81ec39deddf3e8dcab98ebcc795dc047e209bcde4a.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/27/ 5 KB
5 KB 861ms
830ms Image
image/webp 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/27/2020112713118-6af0cfd7d7a186fa05044a81ec39deddf3e8dcab98ebcc795dc047e209bcde4a.jpg?itok=Mi8buG2j

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f493ff022632693bee90a65e3a25588b92d97f4bf763c06fe14bc36ea4940e4f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: qual=85, origFmt=jpeg, origSize=40806
cf-ray: 5f9dfc44edb52bd6-FRA
content-disposition: inline; filename="2020112713118-6af0cfd7d7a186fa05044a81ec39deddf3e8dcab98ebcc795dc047e209bcde4a.webp"
vary: Accept
content-length: 4972
cf-request-id: 06b69bff2500002bd634a82000000001
last-modified: Sat, 28 Nov 2020 14:26:08 GMT
server: cloudflare
date: Sun, 29 Nov 2020 17:18:01 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
x-varnish: 31057282 33458948
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 20201127151112-5fc15e2ef31580445766c5efjpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/27/ 22 KB
22 KB 962ms
931ms Image
image/webp 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/27/20201127151112-5fc15e2ef31580445766c5efjpeg.jpg?itok=mJomchQb

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7ce9204d65cd63b4621a02d396860996af869894f6663a27dd91491b1fb6658

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: qual=85, origFmt=jpeg, origSize=126165
cf-ray: 5f9dfc44edb62bd6-FRA
content-disposition: inline; filename="20201127151112-5fc15e2ef31580445766c5efjpeg.webp"
vary: Accept
content-length: 22328
cf-request-id: 06b69bff3100002bd623900000000001
last-modified: Fri, 27 Nov 2020 21:35:01 GMT
server: cloudflare
date: Sun, 29 Nov 2020 17:18:01 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
x-varnish: 32209781 33458951
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 200318_justintrudeau_rideaucottage_0005.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/27/ 159 KB
160 KB 1681ms
1651ms Image
image/jpeg 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/27/200318_justintrudeau_rideaucottage_0005.jpg?itok=a0aPKa4F

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a163af79f592d9b3dd25a2735ecb8b71097d5073dc89b5c4b4136d04ab50598b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-type: image/jpeg
strict-transport-security: max-age=63072000
content-length: 163212
cf-request-id: 06b69bff1f00002bd635a00000000001
last-modified: Fri, 27 Nov 2020 21:21:38 GMT
server: cloudflare
date: Sun, 29 Nov 2020 17:18:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 34315879 34315859
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5f9dfc44edb92bd6-FRA

GET
H2 200 20201125141144-5fbeb4a4f315804457654d44jpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/26/ 84 KB
85 KB 1305ms
1275ms Image
image/jpeg 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/26/20201125141144-5fbeb4a4f315804457654d44jpeg.jpg?itok=UtoGxN_v

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b8e103e45f98a1107bc875600134b27bb9ce5c7a285bd91a8581628c74c32d7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-type: image/jpeg
strict-transport-security: max-age=63072000
content-length: 86516
cf-request-id: 06b69bff2000002bd60aa01000000001
last-modified: Fri, 27 Nov 2020 14:01:45 GMT
server: cloudflare
date: Sun, 29 Nov 2020 17:18:01 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 24813278 34542252
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5f9dfc44edba2bd6-FRA

GET
H2 200 20201126131136-5fbff652f31580445765fd2cjpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/26/ 81 KB
82 KB 1142ms
1112ms Image
image/jpeg 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/26/20201126131136-5fbff652f31580445765fd2cjpeg.jpg?itok=hnyxITGN

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8385ce67720ee99c27a01db9a07832d4dd7626bc5e3ae6f70be61de4706e155

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-type: image/jpeg
strict-transport-security: max-age=63072000
content-length: 83395
cf-request-id: 06b69bff2400002bd65086e000000001
last-modified: Fri, 27 Nov 2020 13:56:20 GMT
server: cloudflare
date: Sun, 29 Nov 2020 17:18:01 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 21291093 34315862
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5f9dfc44edbd2bd6-FRA

GET
H2 200 20201126151112-5fc00c3b590d2f8327650265jpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/27/ 10 KB
11 KB 896ms
867ms Image
image/webp 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/27/20201126151112-5fc00c3b590d2f8327650265jpeg.jpg?itok=3Ex_4oWV

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3ef23306f9d14149279ab694ab30e2e44535964860a4d1cc373022a60f31fda

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: qual=85, origFmt=jpeg, origSize=84146
cf-ray: 5f9dfc44edbe2bd6-FRA
content-disposition: inline; filename="20201126151112-5fc00c3b590d2f8327650265jpeg.webp"
vary: Accept
content-length: 10654
cf-request-id: 06b69bff1f00002bd6e62f7000000001
last-modified: Fri, 27 Nov 2020 13:51:05 GMT
server: cloudflare
date: Sun, 29 Nov 2020 17:18:01 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
x-varnish: 31400717 30307589
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 logo_footer.svg
www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/no_logos/ 6 KB
3 KB 38ms
36ms Image
image/svg+xml 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/profiles/natobs/themes/custom/nat/img/no_logos/logo_footer.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae2af53b4a4312771ab7cf472e4968b1bb13957cc20434d635485afc9c074d2c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_css/css__-F-28WDUJfuhSiGMCRLWOtsNrqhOYEPnxe5S_SHxHqE__QiXGFEtcElqah49NtWSGf93cLO5_qVO73pRinGF6MWA__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Sun, 29 Nov 2020 17:18:00 GMT
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6905
cf-ray: 5f9dfc44fdc02bd6-FRA
strict-transport-security: max-age=63072000
content-encoding: br
cf-request-id: 06b69bff1f00002bd6d811f000000001
last-modified: Thu, 26 Nov 2020 19:22:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 31011806 31235028
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
content-type: image/svg+xml
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description

GET
H2 200 20201126121128-5fbfe64a0af484b630d854f4jpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/27/ 83 KB
83 KB 1293ms
1291ms Image
image/jpeg 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/27/20201126121128-5fbfe64a0af484b630d854f4jpeg.jpg?itok=T1W7g4WM

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75dfffc8811d68a50aa3d739fb37f00646a3193db5a249416df7ed0dec3f1d4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-type: image/jpeg
strict-transport-security: max-age=63072000
content-length: 84490
cf-request-id: 06b69bff3900002bd6f231f000000001
last-modified: Fri, 27 Nov 2020 13:40:50 GMT
server: cloudflare
date: Sun, 29 Nov 2020 17:18:01 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 34315876 34542261
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5f9dfc451e3e2bd6-FRA

GET
H2 200 2020111620114-5fb3219e0b0a55c2169526bajpeg.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/17/ 11 KB
11 KB 873ms
871ms Image
image/webp 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/17/2020111620114-5fb3219e0b0a55c2169526bajpeg.jpg?itok=7Y3NySRX

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1156a8cd64894cd8317de15e14d9d396578d9790b64ea5fd6313276469a53c42

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: qual=85, origFmt=jpeg, origSize=93185
cf-ray: 5f9dfc451e482bd6-FRA
content-disposition: inline; filename="2020111620114-5fb3219e0b0a55c2169526bajpeg.webp"
vary: Accept
content-length: 11316
cf-request-id: 06b69bff3200002bd649992000000001
last-modified: Fri, 27 Nov 2020 13:34:35 GMT
server: cloudflare
date: Sun, 29 Nov 2020 17:18:01 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
x-varnish: 31757682 8976112
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 nov_27-20_collage.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/26/ 147 KB
148 KB 1254ms
1252ms Image
image/jpeg 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/26/nov_27-20_collage.jpg?itok=N0S68kGH

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4beacda92c3035631a1727817999f1e5fd7f803f803e6803475f9a2b6ff44571

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-type: image/jpeg
strict-transport-security: max-age=63072000
content-length: 150840
cf-request-id: 06b69bff3500002bd60d8b0000000001
last-modified: Fri, 27 Nov 2020 11:17:59 GMT
server: cloudflare
date: Sun, 29 Nov 2020 17:18:01 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 33597328 34542258
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5f9dfc451e4b2bd6-FRA

GET
H2 200 brian-yurasits-yfihay2dvye-unsplash_0.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/26/ 110 KB
110 KB 1099ms
1098ms Image
image/jpeg 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/11/26/brian-yurasits-yfihay2dvye-unsplash_0.jpg?itok=YxK8dXsB

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08a10ec891b85f1162061831678d1330ecc25375124e497d6a43d05401487d3d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-type: image/jpeg
strict-transport-security: max-age=63072000
content-length: 112535
cf-request-id: 06b69bff3000002bd627170000000001
last-modified: Fri, 27 Nov 2020 11:16:48 GMT
server: cloudflare
date: Sun, 29 Nov 2020 17:18:01 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 34670259 27128574
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5f9dfc451e4c2bd6-FRA

GET
H2 200 crop_fraser_macdonald_prawn_mfa.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser_large/public/img/2020/11/23/ 302 KB
302 KB 1440ms
1439ms Image
image/jpeg 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser_large/public/img/2020/11/23/crop_fraser_macdonald_prawn_mfa.jpg?itok=7pIPLFV2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4068cadadb33cb8fcc9bb0a8499c93614b4f9943281313a55a2d3108b1855351

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
content-security-policy: upgrade-insecure-requests;
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-type: image/jpeg
strict-transport-security: max-age=63072000
content-length: 308895
cf-request-id: 06b69bff3500002bd630a63000000001
last-modified: Wed, 25 Nov 2020 13:38:58 GMT
server: cloudflare
date: Sun, 29 Nov 2020 17:18:01 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 33755102 34542264
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5f9dfc451e4e2bd6-FRA

GET
H2 200 resized-satelllite_-_image_4_-_ghg_-_sensor_-_leo_2_002.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2019/11/01/ 36 KB
36 KB 815ms
814ms Image
image/jpeg 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2019/11/01/resized-satelllite_-_image_4_-_ghg_-_sensor_-_leo_2_002.jpg?itok=_-yTTlhZ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39fc9efbd7e62f925da9298da7d58262e218a4698a6b5f2f46a6b09f7e963b6f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Sun, 29 Nov 2020 17:18:01 GMT
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: degrade=85, origSize=191635, status=webp_bigger
cf-ray: 5f9dfc451e522bd6-FRA
strict-transport-security: max-age=63072000
content-length: 36552
cf-request-id: 06b69bff3400002bd627171000000001
last-modified: Tue, 05 Nov 2019 01:58:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 30670940 26669953
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H2 200 bugaboo_creek_clearcut.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/10/23/ 31 KB
32 KB 878ms
877ms Image
image/jpeg 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/10/23/bugaboo_creek_clearcut.jpg?itok=dENkuCMc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51e6a1eb76090d767aea13195574090d0373416a20c296eb50bf17308b5c6d64

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Sun, 29 Nov 2020 17:18:01 GMT
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: degrade=85, origSize=144624, status=webp_bigger
cf-ray: 5f9dfc451e552bd6-FRA
strict-transport-security: max-age=63072000
content-length: 32128
cf-request-id: 06b69bff4300002bd60aa05000000001
last-modified: Mon, 26 Oct 2020 12:52:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 8956597 30281883
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 132 KB
45 KB 29ms
27ms Script
application/javascript 2a00:1450:4001:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K2JMB7M

Requested by

Host: www.nationalobserver.com
URL: https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/js__9Dyd-fwxZ7oMH5MbaoCOKCADnhvouFdMwSw8XaZPpzw__8UaUa8dH70EmVutbPdVpk05Bd1Paov93TS0FM81CAZU__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

767fc87068fa115f4b331a14ed3005d1bb71d54cdb0684f5ac104da6d34d4943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 17:18:00 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46278
x-xss-protection: 0
last-modified: Sun, 29 Nov 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 29 Nov 2020 17:18:00 GMT

GET
H2 200 load Show response
experience.tinypass.com/xbuilder/experience/ 4 KB
1 KB 78ms
29ms Script
application/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/load?aid=Z9bvuPACYA

Requested by

Host: www.nationalobserver.com
URL: https://www.nationalobserver.com/sites/nationalobserver.com/files/advagg_js/js__drBntGipoEDHhAASZjSa3VmJSsxTjXyTzp58fKGniPo__mFnendQQxsmJHufyCu_ODVQkaSoA8zl-DRJ-O1AasAE__5Pg3yH6pv9HzYACsd8fULt4n52LF-2fhO3T0oHDqon4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1131af27c283cb6f61de27b239a8d6228c28cc8069cde3027461fd4b70d5c138

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 17:18:00 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: HIT
age: 22
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 06b69bff760000d725353ad000000001
x-request-id: Cepikkq3hwk
wn: prod-exp-10-0-127-123
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=1800
cf-ray: 5f9dfc458858d725-FRA
expires: Sun, 29 Nov 2020 17:48:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.ca/adsid/ 109 B
803 B 48ms
17ms Script
application/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=www.nationalobserver.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 29 Nov 2020 17:18:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
803 B 34ms
15ms Script
application/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nationalobserver.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 29 Nov 2020 17:18:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
12 KB 175ms
110ms XHR
text/plain 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2522209313313796&correlator=168884993955337&output=ldjh&impl=fifs&eid=21067590%2C21068418%2C21068812&vrg=2020111701&guci=2.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201129&iu_parts=1086440%2Cnatobs_main_body_bottom%2Cnatobs_main_body_middle%2Cnatobs_main_body_top&enc_prev_ius=0%2F1%2C0%2F2%2C0%2F3&prev_iu_szs=970x250%7C728x90%2C970x250%7C728x90%2C970x250%7C728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1606670279&dt=1606670280679&dlt=1606670279935&idt=313&frm=20&biw=1600&bih=1200&oid=3&adxs=315%2C315%2C315&adys=4298%2C3639%2C1813&adks=2171609318%2C1768474810%2C3015429365&ucis=1%7C2%7C3&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nationalobserver.com%2F%3Futm_source%3DNational%2BObserver%26utm_campaign%3D2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01%26utm_medium%3Demail%26utm_term%3D0_cacd0f141f-2ba3445a0a-277178234&dssz=24&icsg=3927039&std=0&vis=1&stss=1&dmc=8&scr_x=0&scr_y=0&psz=1600x250%7C1600x250%7C1600x250&msz=1600x250%7C1600x250%7C1600x250&ga_vid=668852753.1606670281&ga_sid=1606670281&ga_hid=1673583181&fws=4%2C4%2C4&ohw=1600%2C1600%2C1600&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

7c1add8c543fe26d7e21eaa15943306439b6cd0dc4310e77355db300794ee7d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 17:18:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11371
x-xss-protection: 0
google-lineitem-id: 5335774932,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138329142861,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nationalobserver.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
1d25408719c97b852df66f840b54cd1e.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 79ms
13ms Other
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1d25408719c97b852df66f840b54cd1e.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 img_9448.jpg
www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/10/23/ 30 KB
30 KB 893ms
893ms Image
image/jpeg 2606:4700:10::6816:4d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nationalobserver.com/sites/nationalobserver.com/files/styles/nat_teaser/public/img/2020/10/23/img_9448.jpg?itok=-hBaZ1RN

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80f2a7af0c25c90ed812cffff00ffe37d31805d48b4b545f2eb7f8639dd1ca6d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Sun, 29 Nov 2020 17:18:01 GMT
via: 1.1 varnish (Varnish/5.0)
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: degrade=85, origSize=141104, status=webp_bigger
cf-ray: 5f9dfc4669be2bd6-FRA
strict-transport-security: max-age=63072000
content-length: 30428
cf-request-id: 06b69c000000002bd6f91fb000000001
last-modified: Fri, 23 Oct 2020 16:37:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 29436800 26925606
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: imgq:85,h2pri

GET
H2 200 tinypass.min.js Show response
cdn.tinypass.com/api/ 393 KB
124 KB 18ms
16ms Script
application/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tinypass.com/api/tinypass.min.js

Requested by

Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=Z9bvuPACYA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

152e0dd9b47d9104caf63768507e9931a874ef264d661c987a8f34752c36cbc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 17:18:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 3
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 06b69c00040000d7254d3e6000000001
wn: prod-dash-10-0-133-182
last-modified: Thu, 26 Nov 2020 13:57:24 GMT
server: cloudflare
etag: W/"402512-1606399044000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: application/javascript
server-time: 0.000
cache-control: public, max-age=300
cf-ray: 5f9dfc466a22d725-FRA
expires: Sun, 29 Nov 2020 17:23:00 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 132 KB
51 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TNN7SJH0J9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2JMB7M

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1f3c1dcaadae4cac8e255c157dfa9c3d28b97f5f2831eeba99ea1da334f4e728

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 17:18:00 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51842
x-xss-protection: 0
expires: Sun, 29 Nov 2020 17:18:00 GMT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2JMB7M

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 5319
date: Sun, 29 Nov 2020 15:49:21 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Sun, 29 Nov 2020 17:49:21 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 89 KB
23 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0e49c2b4e86d3fda1dda93eb1210a47712f7b091181b4e7c6da2b3e6f8e86396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-trip-id: 664085054
pragma: public
x-fb-debug: 3EBe+cL8mZYwZlWoCVF9XZpj0PQE/7ZyaOpup7fpmJTlieXDrbJUzxd/Fk02wMwe9ePCgfTO3LbRheMy9d4Ptg==
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: DENY
date: Sun, 29 Nov 2020 17:18:00 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23320
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 js Show response
www.google-analytics.com/gtm/ 84 KB
33 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-WFJVCJJ&t=gtm2&cid=668852753.1606670281

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d4ace00bc3d94626ea0e9629ce3a0a401bdd23a1eaf1654c100cf4a7bbd47a40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 17:18:00 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34189
x-xss-protection: 0
last-modified: Sun, 29 Nov 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 29 Nov 2020 17:18:00 GMT

GET
H2 200 161351677799122 Show response
connect.facebook.net/signals/config/ 238 KB
70 KB 50ms
49ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/161351677799122?v=2.9.29&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d05f3f1c49d3e6bdb4b73972fb335fe7682b491ab1d3ca31030f8b38d7514008

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: bWAFtRPHYMG7of5IUxCbHq1EF00rEcgyxL3QWCv14oXCMrlLlt0L94PIeBnVtlZyz/6aRGNwRJKbPfB/8/Abww==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Sun, 29 Nov 2020 17:18:00 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 1747440604
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3-Q050 204 collect
www.google-analytics.com/g/ 0
45 B 14ms
14ms Other
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-TNN7SJH0J9&gtm=2oeb41&_p=1673583181&sr=1600x1200&ul=en-us&cid=668852753.1606670281&_s=1&dl=https%3A%2F%2Fwww.nationalobserver.com%2F%3Futm_source%3DNational%2BObserver%26utm_campaign%3D2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01%26utm_medium%3Demail%26utm_term%3D0_cacd0f141f-2ba3445a0a-277178234&dr=&dt=Home%20%7C%20National%20Observer&sid=1606670280&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.cookieDomain=auto
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TNN7SJH0J9&l=dataLayer&cx=c
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 29 Nov 2020 17:18:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nationalobserver.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame C618 0
0 72ms
72ms Fetch
image/gif 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsudg7hviybxlmwZe4Z14kgsS_-cNhDnUxZTq6MAv-FCYgOKfB5zC9cAeikReTVYVZBJ7CcH7aZ0ZMXPyhMDPoCW6xXsAfN3RKaOsgUry_GMXHzg8Mcz4Olcg6rtwjJ12_vcAFbWlHt8aCW3yK_JiBpN2zZ-XeeWYbRYSTjSNm0q0WI2RhTY1IpzDrSAYOw5h7p-OIgAPMYRkB0MmIhOf8D8GM2rfyGpJSZFx-MDjcyDyHP0VxVvM4lJwofUWQo8z7M71l_cv_d7zRz0mcIOw_mAbdqGrQb_WQ&sai=AMfl-YQNX77iINbgL8QJEAxpFuhLYhjnZXkm3sZPSHWtUc86fSG_n6FNUxu0ihUYgVV_y3Cpn_AZGoBAJ3JaLBjWDKmXsUEYZAQrtOeeJr2nmZ9kp-a8H4y-l_GEzHe2v67q&sig=Cg0ArKJSzK8JF3DZE-tYEAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 29 Nov 2020 17:18:00 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 29 Nov 2020 17:18:00 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201112/r20110914/ Frame C618 18 KB
8 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201112/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80412b3870c5b5349ad52d6393130fe405055e16560a3398a03c9b85302ef320

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 14:52:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8746
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7327
x-xss-protection: 0
server: cafe
etag: 4109265994257346226
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Dec 2020 14:52:14 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201112/r20110914/client/ Frame C618 3 KB
1 KB 32ms
9ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201112/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c8c5ae8437903bcd9d8737d4c119c14492373d06e719215ba9ef065bc5e1186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 14:55:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8547
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1336
x-xss-protection: 0
server: cafe
etag: 4033927919502905291
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Dec 2020 14:55:33 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame C618 75 KB
29 KB 62ms
39ms Script
text/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e72a6053c72fd8b75a2723a35b054605a26ed93fe36fa40c5cb1ace71322129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 17:18:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29194
x-xss-protection: 0
expires: Sun, 29 Nov 2020 17:18:00 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame C618 0
0 35ms
20ms Image
text/html 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRIqH_roPPXIjNSPMr5aBz1WGED27KjLF5mYCpLANpYLqdGj3B2XLVDMZQ-m27dORbZjBGv
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 7203356235343914538
tpc.googlesyndication.com/simgad/ Frame C618 148 KB
149 KB 33ms
11ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7203356235343914538

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19bba8d185eca379da27ef3c84b7706737bc31eed5196e8dd80daffc622284ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 28 Nov 2020 21:58:31 GMT
x-content-type-options: nosniff
age: 69569
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 152002
x-xss-protection: 0
last-modified: Tue, 03 Nov 2020 23:33:46 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Nov 2021 21:58:31 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 29ms
13ms Script
text/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 17:18:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28207
x-xss-protection: 0
expires: Sun, 29 Nov 2020 17:18:00 GMT

GET
H2 200 verify Show response
id.tinypass.com/id/api/v1/identity/token/ 208 B
995 B 164ms
157ms Script
application/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://id.tinypass.com/id/api/v1/identity/token/verify?callback=jQuery112404790889260858142_1606670280799&client_id=Z9bvuPACYA&token=&site=https%3A%2F%2Fwww.nationalobserver.com&_=1606670280800

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e54fc0ecd34ff85684882c25c1b1b0669beb6bc77685cc9218e3c23cd72e253

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 17:18:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL", CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 06b69c00d40000d7254c8ac000000001
x-request-id: C1qikkqQQMG
pragma: no-cache
wn: prod-id-10-0-115-57
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-cache="set-cookie"
access-control-allow-credentials: true
server-time: 0.004
cf-ray: 5f9dfc47bcaad725-FRA
access-control-allow-headers: origin, content-type, accept, authorization
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
27 B 33ms
33ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1673583181&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nationalobserver.com%2F%3Futm_source%3DNational%2BObserver%26utm_campaign%3D2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01%26utm_medium%3Demail%26utm_term%3D0_cacd0f141f-2ba3445a0a-277178234&ul=en-us&de=UTF-8&dt=Home%20%7C%20National%20Observer&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCjAAEADQAAAAC~&jid=204278015&gjid=9544732&cid=668852753.1606670281&tid=UA-59182232-1&_gid=1584306640.1606670281&_r=1&gtm=2wgb41K2JMB7M&z=1805500655

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 29 Nov 2020 17:18:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nationalobserver.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
378 B 18ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=161351677799122&ev=PageView&dl=https%3A%2F%2Fwww.nationalobserver.com%2F%3Futm_source%3DNational%2BObserver%26utm_campaign%3D2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01%26utm_medium%3Demail%26utm_term%3D0_cacd0f141f-2ba3445a0a-277178234&rl=&if=false&ts=1606670280979&sw=1600&sh=1200&v=2.9.29&r=stable&ec=0&o=30&fbp=fb.1.1606670280977.1383872669&it=1606670280866&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 17:18:00 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sun, 29 Nov 2020 17:18:00 GMT

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
427 B 41ms
16ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-59182232-1&cid=668852753.1606670281&jid=204278015&gjid=9544732&_gid=1584306640.1606670281&_u=aCjAAEACQAAAAC~&z=1031363939

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 29 Nov 2020 17:18:01 GMT
content-type: text/plain
access-control-allow-origin: https://www.nationalobserver.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame C618 0
45 B 74ms
73ms Image
image/gif 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstRdof8UPin5Vh1DA7hOiP2TohH0PAghFsEFlarNZa8z6QmHRmJRNlwsPstTrJDDSioBQa070wWD_mgVBf1ZXVVvat2QT8A2xXeklOTJQF8CUc799eq8DCHzq_bZ2fTyylkC18VHlNs5k9NbcFbAOLP3uX3sAZs3vWuqzRhcxNJWPv804FPQCkDmujd6DC3z-uCOkE1S0UWdoOH-sVmu0kb1lqO0tZ_j4gy-eo5XXZ1S9QbUuayyWqyCaM1NKYhYUcw3g5Ez48KF965mL7DXYIeOuyrqeqTvbCE&sai=AMfl-YRjhinIPkZgAkcj7179Zzxjdbd-nIkMlHPgLxW3df3Y0RCB8N6jk9T6WoqJTw5XH30mB4ajxLrraNTVXkzsK23ekjRrizknr4AHdnLOPRrZbnFSyYqdlMLz7v2f-Phl&sig=Cg0ArKJSzE2BjmBqZmImEAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 29 Nov 2020 17:18:01 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C618 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b79b59ce6735ed87bf7dd861713e0df57195f01ceb5fa705ffe01097bb357a9

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 execute Show response
experience.tinypass.com/xbuilder/experience/ 7 KB
3 KB 274ms
274ms XHR
application/json 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/execute?aid=Z9bvuPACYA

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e1db0b480cd6f32641c3955cdc656a829ef134c57b657e9e8025e3372f00ea8

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Accept: */*
Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 29 Nov 2020 17:18:01 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 06b69c01820000d7252a07d000000001
x-request-id: C1qikkq7mIM
pragma: no-cache
wn: prod-exp-10-0-132-94
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.nationalobserver.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 5f9dfc48ce8dd725-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 41ms
18ms XHR
application/json 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020111701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fed7c9a9ddadb8412db54edda9350894ec8df7a78ab7ea366d3ab9492a18b4ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 29 Nov 2020 17:18:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6444
x-xss-protection: 0

GET
H3-Q050 204 a
www.googletagmanager.com/ 0
95 B 15ms
14ms Image
image/gif 2a00:1450:4001:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-WFJVCJJ&cv=24&t=ol&g=133&p=gtm&l=426&q=852&f=27&e=99&i=29&d=405&c=510&hc=0&sr=0.050000&ps=0.020097729469791048&cb=1136041758

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Nov 2020 17:18:01 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 67ms
53ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 17:18:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Sun, 29 Nov 2020 17:18:01 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 446A 0
0 7ms
6ms Document
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Sun, 29 Nov 2020 16:41:00 GMT
expires: Mon, 29 Nov 2021 16:41:00 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2221
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 show
buy.tinypass.com/checkout/template/ Frame CDCB 0
0 190ms
187ms Document
text/html 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/template/show?displayMode=inline&containerSelector=%23site-broadcast-inner&templateId=OTNJXEEAPZNA&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAI2RX2uDMBTFv0ueG8ifamPe3HDFjtqyla717VZTm6HRadSyse8-lXUw2MMgL8nvnHMvJx8IdIokir1T1279-6OPZqiCTO216sORMMIIphQzD1MxHkKwYBQfy1XwHhryUJxDUuYcp6CIB17qQiqU4HMQiQMe8AVnxOEODMHqWqlaK5OoKTo4iCheL1-Wj2H4iwZXlbRWl2aSUUGEMBmpm2E2IcxmOTnlvEs6-1oXF1q0xja__H7yY24uZb9TRZWDVXwRBZsnyre7VczcwXGB5saQtHWrZsh-3yfzZhetDkHgb-No7OXG9lBrMHaUmDbPZyiBogKdmeb20OlGTxx1-O8COe6f-bmP3LS-3m3Wb2r_nwJ1Nf4IECrnZyGpx6Qzp3Mp2cDaRtV-powdJGmRjPvaHEnqEnfhuK6gn18hwGsx7QEAAA&experienceId=EX8NZMGWGKII&tbc=%7Bjzx%7Di4cQEliGphDucRXKRMu_I7e5S5x5zxmkQElWPShCJyhA-NpjEu-_1VTrlbkKxBH9rGpt8t7KwkvrU4v0PlnuYuC_KblM1wdu4fPzRK-YKyWI_itC3QthIaSuOoUGY3ciCVG_RXn-uiONfDaQYYJiQw&iframeId=offer-0-6FIET&url=https%3A%2F%2Fwww.nationalobserver.com%2F%3Futm_source%3DNational%252BObserver%26utm_campaign%3D2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01%26utm_medium%3Demail%26utm_term%3D0_cacd0f141f-2ba3445a0a-277178234&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=Z9bvuPACYA&tags=front&zone=public&pageViewId=2020-11-29-18-18-00-821-YoJEzIn0FmfI0ol3-dae09a9d6ad8e834a8c5a9a37320535a&visitId=v-2020-11-29-18-18-00-823-wS3fwN6drxBOMqeV-dae09a9d6ad8e834a8c5a9a37320535a&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%22_pc_nat_brief%22%3A%22nosub%22%7D&hasLoginRequiredCallback=true&width=1600&_qh=a8fb6a798f

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Xss-Protection	0

Request headers

:method: GET
:authority: buy.tinypass.com
:scheme: https
:path: /checkout/template/show?displayMode=inline&containerSelector=%23site-broadcast-inner&templateId=OTNJXEEAPZNA&offerId=fakeOfferId&showCloseButton=false&trackingId=%7Bjcx%7DH4sIAAAAAAAAAI2RX2uDMBTFv0ueG8ifamPe3HDFjtqyla717VZTm6HRadSyse8-lXUw2MMgL8nvnHMvJx8IdIokir1T1279-6OPZqiCTO216sORMMIIphQzD1MxHkKwYBQfy1XwHhryUJxDUuYcp6CIB17qQiqU4HMQiQMe8AVnxOEODMHqWqlaK5OoKTo4iCheL1-Wj2H4iwZXlbRWl2aSUUGEMBmpm2E2IcxmOTnlvEs6-1oXF1q0xja__H7yY24uZb9TRZWDVXwRBZsnyre7VczcwXGB5saQtHWrZsh-3yfzZhetDkHgb-No7OXG9lBrMHaUmDbPZyiBogKdmeb20OlGTxx1-O8COe6f-bmP3LS-3m3Wb2r_nwJ1Nf4IECrnZyGpx6Qzp3Mp2cDaRtV-powdJGmRjPvaHEnqEnfhuK6gn18hwGsx7QEAAA&experienceId=EX8NZMGWGKII&tbc=%7Bjzx%7Di4cQEliGphDucRXKRMu_I7e5S5x5zxmkQElWPShCJyhA-NpjEu-_1VTrlbkKxBH9rGpt8t7KwkvrU4v0PlnuYuC_KblM1wdu4fPzRK-YKyWI_itC3QthIaSuOoUGY3ciCVG_RXn-uiONfDaQYYJiQw&iframeId=offer-0-6FIET&url=https%3A%2F%2Fwww.nationalobserver.com%2F%3Futm_source%3DNational%252BObserver%26utm_campaign%3D2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01%26utm_medium%3Demail%26utm_term%3D0_cacd0f141f-2ba3445a0a-277178234&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=Z9bvuPACYA&tags=front&zone=public&pageViewId=2020-11-29-18-18-00-821-YoJEzIn0FmfI0ol3-dae09a9d6ad8e834a8c5a9a37320535a&visitId=v-2020-11-29-18-18-00-823-wS3fwN6drxBOMqeV-dae09a9d6ad8e834a8c5a9a37320535a&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%22_pc_nat_brief%22%3A%22nosub%22%7D&hasLoginRequiredCallback=true&width=1600&_qh=a8fb6a798f
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234

Response headers

date: Sun, 29 Nov 2020 17:18:01 GMT
content-type: text/html;charset=UTF-8
access-control-allow-methods: *
access-control-allow-origin: https://dashboard.piano.io
cache-control: no-cache, no-store, must-revalidate
expires: Wed, 31 Dec 1969 18:00:00 CST
p3p: CP="NON DSP COR OUR IND"
pragma: no-cache
server-time: 0.013
set-cookie: LANG=en_US;Version=1;Domain=.tinypass.com;Path=/;Max-Age=2592000;Secure;SameSite=None
strict-transport-security: max-age=60; includeSubDomains
vary: accept-encoding
wn: prod-dash-10-0-142-21
x-forwarded-https: on
x-request-id: C1qikkqIC5E
x-xss-protection: 0
cf-cache-status: DYNAMIC
cf-request-id: 06b69c02b20000d725102c9000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5f9dfc4aba24d725-FRA
content-encoding: br

POST
H2 200 /
www.facebook.com/tr/ 0
89 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryuefCRHitzp1xfyt1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Sun, 29 Nov 2020 17:18:01 GMT
content-type: text/plain
access-control-allow-origin: https://www.nationalobserver.com
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
224 B 17ms
17ms Image
image/gif 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020111701&jk=2522209313313796&bg=!0tGl0fHNAAUoamvQKFgwN_B8M8NCSAIAAADoUgAAABNoAQcKAR5HcoN0VnEcgFQF4pYZa6QRGQGMVtqwpXGnWQxBnU-LKMaI7-j3lun2y-lTUyoKM8XrJoDCbF8RZf39n0KWBYJF3PYrAEeQ9PxOGptPGlWRz_1ZVUNVMzGQyhLVs-odDh0irGiO-HRYjK0QidsnwCyW4qSYfXRG-Y-MX4bqQdfjnvwQOr4sOlA0QYn4zpUu1XOVKctBhNpENZ0dCqQmfkTecp9tl-SDi7gcXEMGpPw7eNlZLUMaV1Tv5j6x8oWIVSCmRF8IHD3lz2x3wt8SRhjTepDWSeVM00lsRw0TAkJEcKsxma0Lorjm6bMMEpoAul2Ms3HhTNqAKfd_YR_JVYDlZkOGgM8oZ9o7CSm5w-T8NRj9Eb2JkRYR58XEIPWOmQHBEc7WFGww881gwhQhUF3BmH7_QUfAS75uOvv_8Cq7DNmJMEjnjYDYeawOo_FEno5TqQsIQboco02RLyKiGokvbVYQVsPCtXZdGYUQEWl4GBmDZsC3H2h27OVVVvLeMooJThz01br4SQ7Ro8Obm_Wgi4e2is6HSjGznV2_1m6RVBOEskPaE5HIoRkGo9jV6WxQD9bE8DcFWSzNjsqD8QbQTjukIM5ikpiR0hy_FXGVp6YoDEPt-Y_HDIf-v7EIlwFOE_fvCAr9ixWxAJ7SfoT4fwUN-3QgvRIiWB9OLDsX1Os_Bqrzns0U_UO6vj7BEcvb3ncWJlDorQ6CP0CgnkFDPfsezgzqhQyewqdrbxnj0wNUq5JLw3YM96AVcsreOo863yyBoul6aXdJ28VV_itR1pg8XeGwHQlvPUE2jThgNvcLGmoY0ICzF-2afO-iap74u50bJ_5OqB5uu7F6QDOobpNem4mBNP2dPYhYSX7i7R8lEkx_cmsI7PEBONpM4WrAeftAzN8QsNJul-o0jt5RyYMYJzimAa-Y1AZZ1kWUD20_OTK8_4gO_kXvj_VKx_c1KwP4db6ruA15wUSxu1keqJ4

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nationalobserver.com/?utm_source=National+Observer&utm_campaign=2ba3445a0a-EMAIL_CAMPAIGN_2020_11_26_05_22_COPY_01&utm_medium=email&utm_term=0_cacd0f141f-2ba3445a0a-277178234
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Nov 2020 17:18:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nationalobserver.com/	1970-01-19 14:17:50	Name: _gat_UA-59182232-1 Value: 1
.nationalobserver.com/	1970-01-20 07:49:02	Name: _ga Value: GA1.2.668852753.1606670281
.nationalobserver.com/	1970-01-19 23:39:26	Name: __gads Value: ID=eeb25752396ef2de-22b3e1fd7da600fc:T=1606670280:S=ALNI_Mbl8V8tzebCeX08NUEjmjNvH-cTbQ
www.nationalobserver.com/	1969-12-31 23:59:59	Name: has_js Value: 1
www.nationalobserver.com/	1969-12-31 23:59:59	Name: _pc_nat_brief Value: nosub
.nationalobserver.com/	1970-01-19 14:19:16	Name: _gid Value: GA1.2.1584306640.1606670281
.nationalobserver.com/	1970-01-20 07:49:02	Name: _ga_TNN7SJH0J9 Value: GS1.1.1606670280.1.0.1606670280.0
.nationalobserver.com/	1970-01-19 16:27:26	Name: _fbp Value: fb.1.1606670280977.1383872669
.nationalobserver.com/	1970-01-19 15:01:02	Name: __cfduid Value: d3fc3bcb5fe6eeedbd93906377869ac0f1606670278

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1d25408719c97b852df66f840b54cd1e.safeframe.googlesyndication.com
adservice.google.ca
adservice.google.com
buy.tinypass.com
cdn.tinypass.com
connect.facebook.net
experience.tinypass.com
id.tinypass.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.nationalobserver.com
172.217.18.162
2606:4700:10::6816:4d72
2606:4700::6811:bab1
2a00:1450:4001:80b::200e
2a00:1450:4001:817::2001
2a00:1450:4001:817::2008
2a00:1450:4001:81a::2002
2a00:1450:4001:81a::2004
2a00:1450:4001:820::2001
2a00:1450:4001:820::2002
2a00:1450:400c:c0c::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
08a10ec891b85f1162061831678d1330ecc25375124e497d6a43d05401487d3d
0aabd982d50890426a2b555b88d870b2c7e9b2c93c7cc945561c813556603c97
0e49c2b4e86d3fda1dda93eb1210a47712f7b091181b4e7c6da2b3e6f8e86396
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1131af27c283cb6f61de27b239a8d6228c28cc8069cde3027461fd4b70d5c138
1156a8cd64894cd8317de15e14d9d396578d9790b64ea5fd6313276469a53c42
123ea2fb450da04593fedb8274edb89051037673e2612e90c4004e4c587c2d1b
152e0dd9b47d9104caf63768507e9931a874ef264d661c987a8f34752c36cbc2
19bba8d185eca379da27ef3c84b7706737bc31eed5196e8dd80daffc622284ec
1e54fc0ecd34ff85684882c25c1b1b0669beb6bc77685cc9218e3c23cd72e253
1f3c1dcaadae4cac8e255c157dfa9c3d28b97f5f2831eeba99ea1da334f4e728
2b79b59ce6735ed87bf7dd861713e0df57195f01ceb5fa705ffe01097bb357a9
35c1498a19d58b40939270e89449be0bc4b2e34fe479472e3440b6b0b4218c5d
39fc9efbd7e62f925da9298da7d58262e218a4698a6b5f2f46a6b09f7e963b6f
3f60c0a6768f0d5747867595475c0c20f9887ceb69377168f7c55d662b2e8e19
4068cadadb33cb8fcc9bb0a8499c93614b4f9943281313a55a2d3108b1855351
4414145b5b1dcba24d41e3bbb0e9d56fc45150e028df745adb67539f8979ff75
44e56ef0e5dd6e0abfe0af2bd8463e1ce174576747f7a71980b4559fea97fa50
4beacda92c3035631a1727817999f1e5fd7f803f803e6803475f9a2b6ff44571
5073e3952365b72b48d52a325a04529b62c22208a4a49b35ef9257adadb89a7d
51e6a1eb76090d767aea13195574090d0373416a20c296eb50bf17308b5c6d64
5d59c8c91c6efcc143a7789a5a9c6a2c8e7f869850071d26e7d0b3b252308d96
5e72a6053c72fd8b75a2723a35b054605a26ed93fe36fa40c5cb1ace71322129
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
68963209b16bd2a387c310495d51021d2fc57e5df9cb87ac98a0505c0daeca43
69b116c12bbdb23eab4b5600fb5e071a12c5d47494c7a600ffacc4ffa4cd44aa
6b55f5172a79c2853df80b2ad4c33eb3a30f77df8f3dd4f3a8edac0a8dec30d8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d540f8521319ab916fcf16182e5be0d0eb62dfbd6d9438ef7ed1a22044eebd9
767fc87068fa115f4b331a14ed3005d1bb71d54cdb0684f5ac104da6d34d4943
7798f3947141f95f35a6890c5e7df7eb25c4097e92a2f8fc813963ce37aa58cd
7c1add8c543fe26d7e21eaa15943306439b6cd0dc4310e77355db300794ee7d2
80412b3870c5b5349ad52d6393130fe405055e16560a3398a03c9b85302ef320
80f2a7af0c25c90ed812cffff00ffe37d31805d48b4b545f2eb7f8639dd1ca6d
8b8e103e45f98a1107bc875600134b27bb9ce5c7a285bd91a8581628c74c32d7
8e516b37314d7d5e77025c54027e4d966584ed7333d6332cbbfa6d187b9ff9e9
9c8c5ae8437903bcd9d8737d4c119c14492373d06e719215ba9ef065bc5e1186
9d889ac75224efc940a8acf0240412988f6aa70b28c8562d159a2f647049e2f7
9e1db0b480cd6f32641c3955cdc656a829ef134c57b657e9e8025e3372f00ea8
9e3ccb7f8d5033dc9249e088468d550267c7b9197484d5169ab69fb132d5fdb5
a150fba4e753ee4fdb3cb7f3d8986632f727eb6267a5aabe505d2f9cdade026f
a163af79f592d9b3dd25a2735ecb8b71097d5073dc89b5c4b4136d04ab50598b
a8385ce67720ee99c27a01db9a07832d4dd7626bc5e3ae6f70be61de4706e155
ae2af53b4a4312771ab7cf472e4968b1bb13957cc20434d635485afc9c074d2c
b7ce9204d65cd63b4621a02d396860996af869894f6663a27dd91491b1fb6658
b8b76f4f8d7be014961358274f5002a23afa8a794499a5f0346745a7a3ff0795
bcc7fe73b7500d838a58d1b908da476364bb087b453f5f4d0b2c374b849e446e
beda2da2b2330d393ebe11f55360dfdc1fde838ab3a8f63b0cd540752d80f9a4
c16f78bc132dc119b6d058159f9c3005f8242f8b4849a05de640da47dca64caf
c3fc334e19b3509707d7676c747ef6f0cd0842e9b485189d13eb3512fdd53fe0
c843f0359793ee8296a0c650e4b24d29982a08149e637da18189c8845fb66f8f
d05f3f1c49d3e6bdb4b73972fb335fe7682b491ab1d3ca31030f8b38d7514008
d4ace00bc3d94626ea0e9629ce3a0a401bdd23a1eaf1654c100cf4a7bbd47a40
d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5
dd075ce8eb48032630ecb10e2c78b95803ff8f2b63b83841f14115180001cfeb
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e2b46e852a38112961d10bfdd15393abaeef3e13f57ac30c627365eea42156c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ed8ed07619b312d41708e7aa95d3b3ba201cc9e42fb93c5bdeb029cdfa362da1
ef4d60e25621d4182b242e0ac41f0a06d4f426c6a2f51cb54c5b19295f61eefc
ef6b730887f786f8ddcc05814d30d04c8f7f1606975be3f408e497963986efd1
f3ef23306f9d14149279ab694ab30e2e44535964860a4d1cc373022a60f31fda
f493ff022632693bee90a65e3a25588b92d97f4bf763c06fe14bc36ea4940e4f
f75dfffc8811d68a50aa3d739fb37f00646a3193db5a249416df7ed0dec3f1d4
fed7c9a9ddadb8412db54edda9350894ec8df7a78ab7ea366d3ab9492a18b4ee

www.nationalobserver.com Open in urlscan Pro 2606:4700:10::6816:4d72 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

77 Requests

99 %HTTPS

92 %IPv6

11 Domains

18 Subdomains

14 IPs

4 Countries

3512 kBTransfer

5149 kBSize

9 Cookies

15 Outgoing links

Redirected requests

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.nationalobserver.com Open in urlscan Pro
2606:4700:10::6816:4d72 Public Scan

Screenshot
Live screenshot

Full Image

77
Requests

99 %
HTTPS

92 %
IPv6

11
Domains

18
Subdomains

14
IPs

4
Countries

3512 kB
Transfer

5149 kB
Size

9
Cookies

77 HTTP transactions
0 data transactions