observer.com Open in urlscan Pro
192.0.66.160 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://observer.com/
Effective URL:
https://observer.com/
Submission: On April 25 via api (April 25th 2024, 6:31:13 pm UTC) from US — Scanned from DE

Summary HTTP 145 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 55 IPs in 6 countries across 38 domains to perform 145 HTTP transactions. The main IP is 192.0.66.160, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is observer.com. The Cisco Umbrella rank of the primary domain is 264602.
TLS certificate: Issued by R3 on April 11th 2024. Valid for: 3 months.

This is the only time observer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
49	192.0.66.160 192.0.66.160	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	52.84.174.23 52.84.174.23	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	18.66.112.84 18.66.112.84	16509 (AMAZON-02) (AMAZON-02)
1	3.161.77.50 3.161.77.50	16509 (AMAZON-02) (AMAZON-02)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
3	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:7... 2600:1901:0:7416::1	15169 (GOOGLE) (GOOGLE)
1	172.67.155.215 172.67.155.215	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.18.176.126 104.18.176.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	13.249.9.46 13.249.9.46	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	75.2.40.13 75.2.40.13	16509 (AMAZON-02) (AMAZON-02)
1	63.34.81.234 63.34.81.234	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
3	142.250.186.36 142.250.186.36	15169 (GOOGLE) (GOOGLE)
1	2600:9000:245... 2600:9000:2450:b600:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
2	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
1	104.16.144.111 104.16.144.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	34.149.178.20 34.149.178.20	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	52.21.67.129 52.21.67.129	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	108.138.6.136 108.138.6.136	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:239... 2600:9000:2394:da00:5:82fd:2500:21	16509 (AMAZON-02) (AMAZON-02)
1	18.245.31.123 18.245.31.123	16509 (AMAZON-02) (AMAZON-02)
1	18.66.143.149 18.66.143.149	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:81d::200e	15169 (GOOGLE) (GOOGLE)
2	23.20.111.240 23.20.111.240	14618 (AMAZON-AES) (AMAZON-AES)
1	18.245.86.118 18.245.86.118	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.181.238 142.250.181.238	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20a... 2600:9000:20ab:600:11:b309:9100:21	16509 (AMAZON-02) (AMAZON-02)
1	3.5.11.188 3.5.11.188	14618 (AMAZON-AES) (AMAZON-AES)
1	3.239.232.63 3.239.232.63	14618 (AMAZON-AES) (AMAZON-AES)
1	104.103.207.236 104.103.207.236	16625 (AKAMAI-AS) (AKAMAI-AS)
3	34.216.236.248 34.216.236.248	16509 (AMAZON-02) (AMAZON-02)
1	2620:116:800d... 2620:116:800d:21:62d6:bce2:3622:ab07	16509 (AMAZON-02) (AMAZON-02)
1	18.66.102.53 18.66.102.53	16509 (AMAZON-02) (AMAZON-02)
1	157.240.252.13 157.240.252.13	32934 (FACEBOOK) (FACEBOOK)
3	142.250.185.206 142.250.185.206	15169 (GOOGLE) (GOOGLE)
1	13.32.27.54 13.32.27.54	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:25a... 2600:9000:25a2:3000:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	54.170.58.114 54.170.58.114	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700::68... 2606:4700::6813:b234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:7611	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.241.9.51 35.241.9.51	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	185.89.210.212 185.89.210.212	29990 (ASN-APPNEX) (ASN-APPNEX)
7	34.107.254.252 34.107.254.252	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
145	55

49 192.0.66.160 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

observer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.84.174.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-174-23.cdg50.r.cloudfront.net

htlbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-84.fra56.r.cloudfront.net

ak.sail-horizon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.161.77.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-77-50.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:7416::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)

truculentrate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.155.215 (United States)

ASN13335 (CLOUDFLARENET, US)

www.npttech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.176.126 (None, )

ASN13335 (CLOUDFLARENET, US)

sandbox.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.249.9.46 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-249-9-46.cdg53.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 75.2.40.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com

api.sail-personalize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.34.81.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-81-234.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.36 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2450:b600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.144.111 (None, )

ASN13335 (CLOUDFLARENET, US)

c2-sandbox.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.178.20 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 20.178.149.34.bc.googleusercontent.com

truculentrate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.21.67.129 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-67-129.compute-1.amazonaws.com

overlay-track.sailthru.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.6.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-6-136.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2394:da00:5:82fd:2500:21 (United States)

ASN16509 (AMAZON-02, US)

dyv1bugovvq1g.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.31.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-123.fra56.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.143.149 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-143-149.fra60.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.20.111.240 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-111-240.compute-1.amazonaws.com

prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.86.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-118.fra60.r.cloudfront.net

js.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20ab:600:11:b309:9100:21 (United States)

ASN16509 (AMAZON-02, US)

d15kdpgjg3unno.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.5.11.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com

ams-pageview-public.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.239.232.63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-239-232-63.compute-1.amazonaws.com

sqs.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.103.207.236 (London, United Kingdom)

ASN16625 (AKAMAI-AS, US)
PTR: a104-103-207-236.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.216.236.248 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-216-236-248.us-west-2.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:62d6:bce2:3622:ab07 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-53.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-54.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:25a2:3000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.170.58.114 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-58-114.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6813:b234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:7611 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.9.51 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.9.241.35.bc.googleusercontent.com

3b5c18b9-96b7-48e4-a3ef-011eb84a970d.prmutv.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.212 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com

api.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	observer.com observer.com — Cisco Umbrella Rank: 264602	396 KB
8	permutive.com cdn.permutive.com — Cisco Umbrella Rank: 3233 api.permutive.com — Cisco Umbrella Rank: 2500	88 KB
7	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 2941 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 660	125 KB
6	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 306	114 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	69 KB
5	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 303 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 641 aax.amazon-adsystem.com — Cisco Umbrella Rank: 411	81 KB
4	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 84 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 207	171 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	402 KB
4	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 183	5 KB
3	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1137	3 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	75 KB
3	tinypass.com sandbox.tinypass.com — Cisco Umbrella Rank: 414026	120 KB
3	truculentrate.com truculentrate.com — Cisco Umbrella Rank: 146389	25 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 737 script.hotjar.com — Cisco Umbrella Rank: 933	59 KB
2	amazonaws.com ams-pageview-public.s3.amazonaws.com — Cisco Umbrella Rank: 9171 sqs.us-east-1.amazonaws.com — Cisco Umbrella Rank: 5784	1 KB
2	gumgum.com js.gumgum.com — Cisco Umbrella Rank: 4965 g2.gumgum.com — Cisco Umbrella Rank: 1392	43 KB
2	amazon.dev prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 3690	128 B
2	cloudfront.net dyv1bugovvq1g.cloudfront.net d15kdpgjg3unno.cloudfront.net	26 KB
2	sailthru.cloud overlay-track.sailthru.cloud — Cisco Umbrella Rank: 35075	422 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	399 B
2	google.de www.google.de — Cisco Umbrella Rank: 7278	126 B
2	sail-personalize.com api.sail-personalize.com — Cisco Umbrella Rank: 3466	2 KB
2	wp.com stats.wp.com — Cisco Umbrella Rank: 2879 pixel.wp.com — Cisco Umbrella Rank: 2841	3 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 3229 p1.parsely.com — Cisco Umbrella Rank: 2417	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	192 KB
2	htlbid.com htlbid.com — Cisco Umbrella Rank: 7908	138 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	7 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 535	306 B
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 252	698 B
1	prmutv.co 3b5c18b9-96b7-48e4-a3ef-011eb84a970d.prmutv.co — Cisco Umbrella Rank: 466433	383 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1376	643 B
1	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1363	9 KB
1	ntv.io s.ntv.io — Cisco Umbrella Rank: 3819	182 KB
1	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 977	27 KB
1	piano.io c2-sandbox.piano.io — Cisco Umbrella Rank: 481762	1 KB
1	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 586	482 B
1	npttech.com www.npttech.com — Cisco Umbrella Rank: 8805	3 KB
1	sail-horizon.com ak.sail-horizon.com — Cisco Umbrella Rank: 3600	34 KB
145	38

	Domain	Requested by
49	observer.com	observer.com
7	api.permutive.com	cdn.permutive.com
6	cdn.cookielaw.org	observer.com cdn.cookielaw.org
6	www.google-analytics.com	observer.com www.google-analytics.com www.googletagmanager.com
4	sb.scorecardresearch.com	1 redirects observer.com
3	jadserve.postrelease.com	s.ntv.io
3	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
3	c.amazon-adsystem.com	htlbid.com c.amazon-adsystem.com
3	www.google.com	observer.com www.gstatic.com
3	fonts.gstatic.com	fonts.googleapis.com observer.com
3	connect.facebook.net	observer.com connect.facebook.net
3	sandbox.tinypass.com	observer.com sandbox.tinypass.com
3	truculentrate.com	observer.com truculentrate.com
2	prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	c.amazon-adsystem.com
2	securepubads.g.doubleclick.net	htlbid.com securepubads.g.doubleclick.net
2	overlay-track.sailthru.cloud	ak.sail-horizon.com
2	www.facebook.com	observer.com
2	www.google.de	observer.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	api.sail-personalize.com	ak.sail-horizon.com
2	www.googletagmanager.com	observer.com
2	htlbid.com	observer.com htlbid.com
2	fonts.googleapis.com	observer.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	ib.adnxs.com	cdn.permutive.com
1	3b5c18b9-96b7-48e4-a3ef-011eb84a970d.prmutv.co	cdn.permutive.com
1	cdn.permutive.com	observer.com
1	g2.gumgum.com	js.gumgum.com
1	rules.quantcount.com	secure.quantserve.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	www.googletagmanager.com
1	secure.quantserve.com	www.googletagmanager.com
1	s.ntv.io	observer.com
1	sqs.us-east-1.amazonaws.com	d15kdpgjg3unno.cloudfront.net
1	ams-pageview-public.s3.amazonaws.com
1	d15kdpgjg3unno.cloudfront.net	htlbid.com
1	cdn.id5-sync.com	observer.com
1	js.gumgum.com	observer.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	dyv1bugovvq1g.cloudfront.net	htlbid.com
1	www.gstatic.com	www.google.com
1	c2-sandbox.piano.io	sandbox.tinypass.com
1	region1.analytics.google.com	www.googletagmanager.com
1	static.adsafeprotected.com	observer.com
1	pixel.wp.com	observer.com
1	p1.parsely.com	observer.com
1	www.npttech.com	observer.com
1	stats.wp.com	observer.com
1	cdn.parsely.com	observer.com
1	ak.sail-horizon.com	observer.com
145	51

This site contains links to these domains. Also see Links.

Domain
www.observer.com
artobserved.observer.com
observermedia.com
www.facebook.com
twitter.com
www.linkedin.com
instagram.com
www.observermedia.com
privacyportal.onetrust.com
wpvip.com
onetrust.com

Subject Issuer	Validity	Valid
observer.com R3	`2024-04-11` - `2024-07-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
htlbid.com Amazon RSA 2048 M01	`2023-09-21` - `2024-10-18`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
ak.sail-horizon.com Amazon RSA 2048 M02	`2023-12-04` - `2024-12-30`	a year	crt.sh
*.parsely.com Amazon RSA 2048 M03	`2024-04-05` - `2025-05-04`	a year	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
truculentrate.com R3	`2024-04-05` - `2024-07-04`	3 months	crt.sh
npttech.com GTS CA 1P5	`2024-04-24` - `2024-07-23`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-08-13` - `2024-08-12`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-02-03` - `2024-05-03`	3 months	crt.sh
api.sail-personalize.com Amazon RSA 2048 M02	`2024-03-25` - `2025-04-22`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.google.de GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh
piano.io Cloudflare Inc ECC CA-3	`2024-02-25` - `2024-12-31`	10 months	crt.sh
*.sailthru.cloud Amazon RSA 2048 M03	`2024-02-11` - `2025-03-11`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
alt1-3ps.amazon-adsystem.com Amazon RSA 2048 M03	`2024-03-29` - `2025-04-28`	a year	crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev Amazon RSA 2048 M02	`2023-11-27` - `2024-12-25`	a year	crt.sh
*.gumgum.com Amazon RSA 2048 M02	`2023-08-13` - `2024-09-09`	a year	crt.sh
id5-sync.com E1	`2024-04-06` - `2024-07-05`	3 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-03`	9 months	crt.sh
queue.amazonaws.com Amazon RSA 2048 M01	`2024-01-18` - `2024-12-28`	a year	crt.sh
*.ntv.io DigiCert TLS RSA SHA256 2020 CA1	`2023-08-28` - `2024-08-28`	a year	crt.sh
*.postrelease.com Amazon RSA 2048 M02	`2023-08-30` - `2024-09-28`	a year	crt.sh
quantserve.com R3	`2024-02-25` - `2024-05-25`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M03	`2024-02-07` - `2025-03-08`	a year	crt.sh
ie-ad-exch-prd-two-eks.prd.eks.ie.adexchange.gumgum.com Amazon RSA 2048 M01	`2023-07-17` - `2024-08-14`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
permutive.com Cloudflare Inc ECC CA-3	`2023-12-26` - `2024-12-25`	a year	crt.sh
*.prmutv.co R3	`2024-02-27` - `2024-05-27`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
api.permutive.com R3	`2024-04-14` - `2024-07-13`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://observer.com/
Frame ID: 22C8A2B2F73BE0131FD1E51E07D699BC
Requests: 144 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LexvRggAAAAAF1HvCWrHtG4UAa7m0WIdyIgstAo&co=aHR0cHM6Ly9vYnNlcnZlci5jb206NDQz&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=f97lhjglbgiy
Frame ID: D5C72D7CDCA6736DC9A44B93F7E5B444
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

News, data and insight about the powerful forces that shape the world. | Observer

Page URL History Show full URLs

http://observer.com/ HTTP 307
https://observer.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

145
Requests

98 %
HTTPS

39 %
IPv6

38
Domains

51
Subdomains

55
IPs

6
Countries

2425 kB
Transfer

7942 kB
Size

32
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.observer.com/music
Title: Music

Search URL Search Domain Scan URL

URL: https://www.observer.com/lifestyle
Title: Lifestyle

Search URL Search Domain Scan URL

URL: https://artobserved.observer.com/home
Title: Events

Search URL Search Domain Scan URL

URL: http://observermedia.com/terms
Title: terms of service

Search URL Search Domain Scan URL

URL: https://observermedia.com/contact/
Title: Contact

Search URL Search Domain Scan URL

URL: https://www.facebook.com/observer

Search URL Search Domain Scan URL

URL: https://twitter.com/observer

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/observer-media

Search URL Search Domain Scan URL

URL: https://instagram.com/observer

Search URL Search Domain Scan URL

URL: https://www.observermedia.com/privacy-policy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://observermedia.com/terms
Title: Terms

Search URL Search Domain Scan URL

URL: https://privacyportal.onetrust.com/webform/8bf444f2-ddd6-41ff-8e24-b69ac0176e05/19c22396-023a-465c-a9c0-d9f831d1d9cd
Title: Do not sell my data

Search URL Search Domain Scan URL

URL: https://wpvip.com/?utm_source=vip_powered_wpcom&utm_medium=web&utm_campaign=VIP%20Footer%20Credit&utm_term=observer.com
Title: WordPress VIP

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://observer.com/ HTTP 307
https://observer.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://sb.scorecardresearch.com/cs/37161820/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

145 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
observer.com/
Redirect Chain

http://observer.com/
https://observer.com/

298 KB
40 KB

31ms
6ms

Document
text/html

192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

092ba44b604265b3a250eb85cbc4ae21492592b8cd7fa29b50a727bd6a16b9f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=300, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 25 Apr 2024 18:31:07 GMT
host-header: a9130478a60e5f9135f765b23f26593b
link: <https://observer.com/wp-json/>; rel="https://api.w.org/" <https://observer.com/wp-json/wp/v2/pages/1329211>; rel="alternate"; type="application/json" <http://nyob.co/N5PKir>; rel=shortlink
server: nginx
strict-transport-security: max-age=31536000;includeSubdomains;preload
vary: Accept-Encoding
x-cache: HIT
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by: WordPress VIP <https://wpvip.com>
x-rq: hhn2 111 253 443

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://observer.com/
Non-Authoritative-Reason: HSTS

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 43ms
19ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Libre+Franklin:wght@400;500;600;700&family=Source+Serif+Pro&display=swap

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9d5e418b5750653e02058cfa67d6b8f6311359cb276229f2d7307ffa05b3f840

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 25 Apr 2024 18:31:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 25 Apr 2024 18:31:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Apr 2024 18:31:07 GMT

GET
H2 200 flexslider-icon.woff2
observer.com/wp-content/themes/newyorkobserver-2014/dist/fonts/ 748 B
1 KB 9ms
8ms Font
application/font-woff2 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/themes/newyorkobserver-2014/dist/fonts/flexslider-icon.woff2

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6eb7a18174bf6a3ba003999e45eecbb81059c52b2c7b2da91b85e944e948c6e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Origin: https://observer.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:07 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn2 111 253 443
last-modified: Thu, 08 Dec 2022 11:26:07 GMT
server: nginx
etag: "6391c9cf-2ec"
x-cache: HIT
content-type: application/font-woff2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 748

GET
H2 200 jquery.min.js Show response
observer.com/wp-includes/js/jquery/ 86 KB
31 KB 9ms
9ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 09 Apr 2024 21:24:52 GMT
server: nginx
x-rq: hhn2 96 184 443
etag: W/"6615b224-15601"
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 main.min.css
observer.com/wp-content/themes/newyorkobserver-2014/dist/css/ 75 KB
14 KB 8ms
8ms Stylesheet
text/css 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/themes/newyorkobserver-2014/dist/css/main.min.css?ver=1.9.11

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

08137d731439f76c8cd0193d46327d52c4502db4021386720da4be5137edcb54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Wed, 24 Apr 2024 15:29:56 GMT
server: nginx
x-rq: hhn2 111 254 443
etag: W/"66292574-12dc3"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 style.css
observer.com/wp-content/themes/newyorkobserver-2014/nyo-plugins/dist/css/ 48 KB
8 KB 10ms
10ms Stylesheet
text/css 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/themes/newyorkobserver-2014/nyo-plugins/dist/css/style.css?ver=1.9.11-1713985898

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

bc1718bf9b04dc8fcdf7c1ef4ed00516bbce6de5f8ee489669fc83e9d7c726ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Wed, 24 Apr 2024 19:11:38 GMT
server: nginx
x-rq: hhn2 111 254 443
etag: W/"6629596a-c061"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 amp-google-tag-manager-public.js Show response
observer.com/wp-content/plugins/amp-google-tag-manager/public/js/ 838 B
698 B 7ms
7ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/plugins/amp-google-tag-manager/public/js/amp-google-tag-manager-public.js?ver=1.0.0

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Thu, 08 Dec 2022 11:26:06 GMT
server: nginx
x-rq: hhn2 96 184 443
etag: W/"6391c9ce-346"
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 widget.subscribe.js Show response
observer.com/wp-content/plugins/sailthru-widget/js/ 2 KB
967 B 13ms
7ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/plugins/sailthru-widget/js/widget.subscribe.js?ver=6.5.2

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b7e6db8dfe79e6581a5accc07438706f2ff043bc6f9cb4f61f549a4f5d0ee4e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 29 Aug 2023 13:59:22 GMT
server: nginx
x-rq: hhn2 111 253 443
etag: W/"64edf9ba-622"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 htlbid.js Show response
htlbid.com/v3/observer.com/ 426 B
825 B 96ms
30ms Script
application/javascript 52.84.174.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/observer.com/htlbid.js?ver=3.0
Requested by: Host: observer.com
URL: https://observer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.174.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-174-23.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7becc09d43b550e2a43e20e0037f1283c9830a62c7d0e5cab6ee9ee50998ec0b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:07 GMT
via: 1.1 f71686f416809921055425c79026dd70.cloudfront.net (CloudFront)
last-modified: Tue, 09 Apr 2024 17:30:05 GMT
server: AmazonS3
x-amz-cf-pop: CDG50-P1
age: 128
x-amz-server-side-encryption: AES256
etag: "16a3d07dce6bfc32fddd354814b5b34d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 426
x-amz-cf-id: D8Zn10vOKV_ZBItnzjD-9rxt2q8xuKh3m1rUaCvi2w1mGs6rtlKt9w==

GET
H2 200 default.min.css
observer.com/wp-content/themes/newyorkobserver-2014/dist/css/ 66 KB
11 KB 19ms
16ms Stylesheet
text/css 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/themes/newyorkobserver-2014/dist/css/default.min.css?ver=1.9.11

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2cbc6c13af45bc311311531d579cd7e529376564ba3eef9af1f50e02f0998db0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Wed, 24 Apr 2024 15:29:56 GMT
server: nginx
x-rq: hhn2 111 254 443
etag: W/"66292574-1097b"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 print.min.css
observer.com/wp-content/themes/newyorkobserver-2014/dist/css/ 143 B
377 B 19ms
16ms Stylesheet
text/css 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/themes/newyorkobserver-2014/dist/css/print.min.css?ver=1.9.11

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c0eb09d747f4cb0d61057afe50609d7419873b0bdbc56f6965f3098a1cf6d975

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:07 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn2 111 253 443
last-modified: Wed, 24 Apr 2024 15:29:56 GMT
server: nginx
etag: "66292574-8f"
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 143

GET
H2 200 style.min.css
observer.com/wp-includes/css/dist/block-library/ 111 KB
15 KB 19ms
16ms Stylesheet
text/css 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 09 Apr 2024 22:12:18 GMT
server: nginx
x-rq: hhn2 111 254 443
etag: W/"6615bd42-1bae5"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 mediaelementplayer-legacy.min.css
observer.com/wp-includes/js/mediaelement/ 11 KB
3 KB 19ms
16ms Stylesheet
text/css 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 09 Apr 2024 21:24:52 GMT
server: nginx
x-rq: hhn2 96 184 443
etag: W/"6615b224-2bf8"
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 wp-mediaelement.min.css
observer.com/wp-includes/js/mediaelement/ 4 KB
1 KB 19ms
16ms Stylesheet
text/css 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.5.2

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 09 Apr 2024 22:12:19 GMT
server: nginx
x-rq: hhn2 111 253 443
etag: W/"6615bd43-105a"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 media-credit.min.css
observer.com/wp-content/plugins/media-credit/public/css/ 589 B
518 B 19ms
17ms Stylesheet
text/css 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/plugins/media-credit/public/css/media-credit.min.css?ver=4.3.0

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a7b23f357530667a4d5d574a7b9141f0858db9f3dc49ad1e676bd850b8093c22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Thu, 08 Dec 2022 11:26:06 GMT
server: nginx
x-rq: hhn2 96 184 443
etag: W/"6391c9ce-24d"
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 lasso-live.css
observer.com/wp-content/plugins/lasso/admin/assets/css/ 26 KB
4 KB 26ms
24ms Stylesheet
text/css 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/plugins/lasso/admin/assets/css/lasso-live.css?v=1670537250&ver=253

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

36e24dc06e51fdd9b13497039bf3c286b61476669c715a274b9a6703b4000a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Thu, 08 Dec 2022 22:07:30 GMT
server: nginx
x-rq: hhn2 111 254 443
etag: W/"63926022-698a"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 amp-google-tag-manager-public.css
observer.com/wp-content/plugins/amp-google-tag-manager/public/css/ 98 B
330 B 19ms
17ms Stylesheet
text/css 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/plugins/amp-google-tag-manager/public/css/amp-google-tag-manager-public.css?ver=1.0.0

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:07 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn2 96 184 443
last-modified: Thu, 08 Dec 2022 11:26:06 GMT
server: nginx
etag: "6391c9ce-62"
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 98

GET
H2 200 widget.subscribe.css
observer.com/wp-content/plugins/sailthru-widget/css/ 2 KB
990 B 19ms
17ms Stylesheet
text/css 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/plugins/sailthru-widget/css/widget.subscribe.css?ver=6.5.2

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

262fbcc7922dfabfbb72c1c366ae208230efbed08f7fc16988db51650c1e01ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 29 Aug 2023 13:59:22 GMT
server: nginx
x-rq: hhn2 111 254 443
etag: W/"64edf9ba-9a1"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 jetpack.css
observer.com/wp-content/mu-plugins/jetpack-13.3/css/ 105 KB
20 KB 19ms
17ms Stylesheet
text/css 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/mu-plugins/jetpack-13.3/css/jetpack.css?ver=13.3.1

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2ec23484fae47980001eed8805ef2fa389d25d6b9db0a5aaeb41ecb76c411905

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Wed, 17 Apr 2024 16:06:57 GMT
server: nginx
x-rq: hhn2 111 253 443
etag: W/"661ff3a1-1a512"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 300 KB
100 KB 76ms
42ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-T9PLB60R8S

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5f1af9bac81d90cae055dc049058b0038311d9a828cd2685d11b8cd2fa400bb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 101999
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 25 Apr 2024 18:31:07 GMT

GET
H2 200 Cabaret-1.jpeg
observer.com/wp-content/uploads/sites/2/2024/04/ 13 KB
13 KB 9ms
6ms Image
image/webp 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://observer.com/wp-content/uploads/sites/2/2024/04/Cabaret-1.jpeg?quality=80&w=635

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5dcc91d8afece472ec1fa7b0c35200cd3f4b253678726472dff6a60fee20b6e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:07 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn2 109 27 443
last-modified: Wed, 24 Apr 2024 20:19:18 GMT
server: nginx
etag: "7ec042352a34d903"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 13222

GET
H2 200 Four-Seasons-2.jpeg
observer.com/wp-content/uploads/sites/2/2024/04/ 9 KB
9 KB 9ms
7ms Image
image/webp 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://observer.com/wp-content/uploads/sites/2/2024/04/Four-Seasons-2.jpeg?quality=80&w=300

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

14b27b959663f40325736814b0a55096dbcf0d1cbd2dea1e862d9ce8240376cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:07 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn2 109 195 443
last-modified: Wed, 24 Apr 2024 16:56:27 GMT
server: nginx
etag: "31f4b2bbdafc3739"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 9252

GET
H2 200 Jorge_Perez.jpg
observer.com/wp-content/uploads/sites/2/2024/04/ 15 KB
15 KB 6ms
6ms Image
image/webp 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://observer.com/wp-content/uploads/sites/2/2024/04/Jorge_Perez.jpg?quality=80&w=300

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

752d88609fbe6d78c2ff1add6b15af083d4749d3d7a1123a14b16680a1d46737

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:07 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn2 109 198 443
last-modified: Sat, 20 Apr 2024 07:55:24 GMT
server: nginx
etag: "86f140a14f4179ec"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 15390

GET
H2 200 frontend.js Show response
observer.com/wp-content/plugins/observer-block-editor/dist//js/ 945 B
614 B 13ms
8ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/plugins/observer-block-editor/dist//js/frontend.js?ver=519d7f1aff151fb1ff7d

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

da6374c9a2081446ee989dd64ecb74c2286bdef1e60d1e087472718421b8ef2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Wed, 24 Apr 2024 15:29:55 GMT
server: nginx
x-rq: hhn2 111 253 443
etag: W/"66292573-3b1"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 spm.v1.min.js Show response
ak.sail-horizon.com/spm/ 103 KB
34 KB 55ms
7ms Script
application/javascript 18.66.112.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ak.sail-horizon.com/spm/spm.v1.min.js?ver=5.5.1
Requested by: Host: observer.com
URL: https://observer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-84.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4ce1f595ea044b955619f6839a22ac34a22d80efde699f84f044976baa4831e3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:25:25 GMT
content-encoding: gzip
via: 1.1 7be6cb2d0156b563b6b1c8f2595ddd52.cloudfront.net (CloudFront)
last-modified: Tue, 20 Feb 2024 06:45:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 343
x-amz-server-side-encryption: AES256
etag: W/"6a90e37d3f128291a2aab5a6b31ac0a6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600; must-revalidate
x-amz-cf-id: vawd39oKkXuxgihPXfQkqvaEcaElHj4noCV4RbFzZKYAUYL1ZvkPbQ==

GET
H2 200 sailthru.js Show response
observer.com/wp-content/plugins/hc-sailthru/assets/js/ 761 B
651 B 12ms
7ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/plugins/hc-sailthru/assets/js/sailthru.js?ver=20211026

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b6cf23ed282a5cb25c43c5923908a43cc8c4c9e92b23a1f73eb7b0af46ef6534

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Thu, 08 Dec 2022 11:26:06 GMT
server: nginx
x-rq: hhn2 96 185 443
etag: W/"6391c9ce-2f9"
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 wp-polyfill-inert.min.js Show response
observer.com/wp-includes/js/dist/vendor/ 8 KB
3 KB 12ms
7ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 09 Apr 2024 21:24:52 GMT
server: nginx
x-rq: hhn2 96 185 443
etag: W/"6615b224-1feb"
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 regenerator-runtime.min.js Show response
observer.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 14ms
9ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 09 Apr 2024 21:24:52 GMT
server: nginx
x-rq: hhn2 96 185 443
etag: W/"6615b224-19e1"
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 hooks.min.js Show response
observer.com/wp-includes/js/dist/ 4 KB
2 KB 14ms
10ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-includes/js/dist/hooks.min.js?ver=2810c76e705dd1a53b18

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2cb546fbdda7995d374fffa4b2f6530bbcf57d014639ddf76de45df43d593045

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 09 Apr 2024 22:12:19 GMT
server: nginx
x-rq: hhn2 111 254 443
etag: W/"6615bd43-10d3"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 i18n.min.js Show response
observer.com/wp-includes/js/dist/ 9 KB
4 KB 15ms
10ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Tue, 09 Apr 2024 22:12:19 GMT
server: nginx
x-rq: hhn2 111 253 443
etag: W/"6615bd43-23b5"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 loader.js Show response
observer.com/wp-content/mu-plugins/wp-parsely-3.14/build/ 3 KB
2 KB 15ms
10ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/mu-plugins/wp-parsely-3.14/build/loader.js?ver=71d37502d12f3838b80d

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

1889f65ec8711c38d9f5789d2fcd4d2f13fa1d1e4b8b3bc4d4a7193c0fae5f1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Mon, 08 Apr 2024 20:21:34 GMT
server: nginx
x-rq: hhn2 96 184 443
etag: W/"661451ce-bf9"
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 p.js Show response
cdn.parsely.com/keys/observer.com/ 56 KB
21 KB 42ms
7ms Script
application/javascript 3.161.77.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/observer.com/p.js?ver=3.14.3
Requested by: Host: observer.com
URL: https://observer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.77.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-77-50.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: c46b033d7688f2f46e87a04634a1389db91ceea1be9cb70d1ae9205819739a7e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Thu, 25 Apr 2024 00:39:47 GMT
content-encoding: gzip
via: 1.1 bb6970675ac5572387ab59ecc9abd23e.cloudfront.net (CloudFront)
last-modified: Thu, 24 Mar 2022 17:02:52 GMT
server: nginx
x-amz-cf-pop: FRA56-P10
age: 64280
etag: W/"623ca43c-e05a"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: ghfZyUlv75zKZncL4k_xO0UEG3eex9lO3JtvJr2JrkvPGjH_guRPoQ==
expires: Fri, 26 Apr 2024 00:39:47 GMT

GET
H2 200 helpers.js Show response
observer.com/wp-content/themes/newyorkobserver-2014/dist/js/ 924 B
752 B 15ms
10ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/themes/newyorkobserver-2014/dist/js/helpers.js?ver=1.9.11

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

74cd24ddc81aa3ee59910410a00b9fb31dfba22b8f185de0a8a9f46103b97f4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Wed, 24 Apr 2024 15:29:56 GMT
server: nginx
x-rq: hhn2 111 253 443
etag: W/"66292574-39c"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 jquery.flexslider.min.js Show response
observer.com/wp-content/themes/newyorkobserver-2014/dist/js/vendor/ 21 KB
7 KB 15ms
10ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/themes/newyorkobserver-2014/dist/js/vendor/jquery.flexslider.min.js?ver=2.2.2

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d747bc0ec8a549bb25f0bab199d8e3019bcea7cfaf1438d55da2fabcff48f2c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Thu, 08 Dec 2022 11:26:07 GMT
server: nginx
x-rq: hhn2 96 185 443
etag: W/"6391c9cf-5429"
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 theme.js Show response
observer.com/wp-content/themes/newyorkobserver-2014/dist/js/ 7 KB
3 KB 19ms
15ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/themes/newyorkobserver-2014/dist/js/theme.js?ver=1.9.11.04282045

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

3a7ab362bfd8cc11527812e52f934f1676932bd373d931d87d91cd78a6ea6f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Wed, 24 Apr 2024 15:29:56 GMT
server: nginx
x-rq: hhn2 111 253 443
etag: W/"66292574-1c67"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 sailthru-widget.js Show response
observer.com/wp-content/themes/newyorkobserver-2014/dist/js/ 1 KB
796 B 19ms
15ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/themes/newyorkobserver-2014/dist/js/sailthru-widget.js?ver=1.9.11

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e403519d23bf3823766a2e4e2615efe5e7b0924d354e37898f5317905bb7521e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Wed, 24 Apr 2024 15:29:56 GMT
server: nginx
x-rq: hhn2 111 254 443
etag: W/"66292574-435"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 delay-load.js Show response
observer.com/wp-content/plugins/xcurrent/assets/js/ 3 KB
1 KB 19ms
15ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/plugins/xcurrent/assets/js/delay-load.js?ver=8f7693010179fc5007dacef632d329a6

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ef5f8d6a9ea52bd9b20497b837b74bde31586062d5b0e16be75f8bbdffc29840

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Thu, 08 Dec 2022 11:26:06 GMT
server: nginx
x-rq: hhn2 96 184 443
etag: W/"6391c9ce-b50"
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 lazy-load.js Show response
observer.com/wp-content/plugins/xcurrent/assets/js/ 8 KB
4 KB 19ms
15ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/plugins/xcurrent/assets/js/lazy-load.js?ver=6bd186b35f60946321703040eae7bccf

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6c05e433ca10b433edfc856fd903cb5f2da848a54e4507642a48981deed8bb05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Thu, 08 Dec 2022 11:26:06 GMT
server: nginx
x-rq: hhn2 96 184 443
etag: W/"6391c9ce-214a"
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 e-202417.js Show response
stats.wp.com/ 7 KB
3 KB 38ms
6ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202417.js
Requested by: Host: observer.com
URL: https://observer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-minify-cache: hit
x-nc: HIT hhn
date: Thu, 25 Apr 2024 18:31:07 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/14377-1704402356565.5398
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
expires: Sat, 19 Apr 2025 13:52:42 GMT

GET
H2 200 script-queue.js Show response
observer.com/wp-content/plugins/xcurrent/assets/js/ 3 KB
2 KB 19ms
16ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/plugins/xcurrent/assets/js/script-queue.js?ver=bebcad848e998ab9ae82c8431c754b8a

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a384a78bc8bee6afceab3ff107315b1bdcc0fd2622246826d16b503e742a8cdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Thu, 08 Dec 2022 11:26:06 GMT
server: nginx
x-rq: hhn2 96 185 443
etag: W/"6391c9ce-dd9"
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 40ms
7ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 25 Apr 2024 17:41:00 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3007
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 25 Apr 2024 19:41:00 GMT

GET
H2 200 22bdf0221b6555de6cdadcba Show response
truculentrate.com/scripts/3f92345fab9c/ 68 KB
25 KB 63ms
20ms Script
text/javascript 2600:1901:0:7416::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://truculentrate.com/scripts/3f92345fab9c/22bdf0221b6555de6cdadcba

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:7416::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

0e5d8531aedae1051fb0901d9912ad820054c1405cec3b23c523a90a32538054

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: zstd
via: 1.1 google
date: Thu, 25 Apr 2024 18:31:07 GMT
x-datacenter: gce-europe-west1
etag: "e2ab72fac2e46b9ea5f6d6f34a382123397f23a8ea114758d41eb3b93017cfdc"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-spot-nj4h
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
x-buildnumber: 1205290244
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 advertising.js Show response
www.npttech.com/ 6 KB
3 KB 50ms
19ms Script
application/javascript 172.67.155.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.npttech.com/advertising.js
Requested by: Host: observer.com
URL: https://observer.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.155.215 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:07 GMT
x-amz-version-id: AqISHxpKTQvORh8RqBdMoHK.Vq6tURDV
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: QDFSB6FRD3Z20Z0Y
age: 1791
alt-svc: h3=":443"; ma=86400
x-amz-id-2: eXXrKPA63xEBNCCd8SfGHPEjD+zigmR+Z29th5SLpuKq8PXBJ5z56aS+8FuqC3H28bAlS9U5QqQ=
last-modified: Tue, 18 Oct 2022 13:20:01 GMT
server: cloudflare
etag: W/"df0e1827cd8f289a645f38d8fecaf6e0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oV%2FtiaPkYUprG2KFkCZmrOg4N0zs6Vwmr8gl2OEJZ1C4UJueGVDse5cf3DofvELbjblylDdk9rzCN3xuZ1FFfoFM9CQ98TD9f0ChdoHWnwZCQGrALK84gDXX1Le5ES7svMc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=28800
cf-ray: 87a0687dda26195c-FRA

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 load Show response
sandbox.tinypass.com/xbuilder/experience/ 4 KB
1 KB 64ms
35ms Script
application/javascript 104.18.176.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox.tinypass.com/xbuilder/experience/load?aid=CMrLcDjZsu

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.176.126 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d55f7c21f317b20841033125e19ef280ff06aba9c8cb5ee2d6065220d8e5a30

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma
date: Thu, 25 Apr 2024 18:31:07 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 25 Apr 2024 17:58:33 GMT
server: cloudflare
age: 1954
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=1800
cf-ray: 87a0687dd84a2bb4-FRA
alt-svc: h3=":443"; ma=86400
x-request-id: 8nbyx6v41d
expires: Thu, 25 Apr 2024 19:01:07 GMT

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/37161820/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

17ms
17ms

Script
application/javascript

13.249.9.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: observer.com
URL: https://observer.com/
Protocol: H2
Server: 13.249.9.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-9-46.cdg53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://observer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Apr 2024 17:03:14 GMT
content-encoding: gzip
via: 1.1 35edfe00d0c28f55b85d2366a87b40f8.cloudfront.net (CloudFront)
last-modified: Thu, 07 Dec 2023 12:02:23 GMT
server: AmazonS3
x-amz-cf-pop: CDG53-C1
age: 32690
x-amz-server-side-encryption: AES256
etag: W/"77ff4ede4693897337a38594321529a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: T2aHesvF5eFF3NSNvKCx4Ealnh6KLIZoc8pZuhWXJCHLg5pyli8QDQ==

Redirect headers

date: Thu, 25 Apr 2024 18:31:07 GMT
via: 1.1 35edfe00d0c28f55b85d2366a87b40f8.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: CDG53-C1
x-cache: Miss from cloudfront
location: /internal-cs/default/beacon.js
content-length: 0
x-amz-cf-id: wrJWlapF3ggtYElU1UIo2g1gsE0MA7OZnF4e1kmK_q83rfrCgKCrfg==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 23ms
8ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

01e9582655224c83e6c075f44b7eecb135e108b6ad2150bf6f78a0a77c4ad5e0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 25 Apr 2024 18:31:07 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57850
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1294, tbw=2771, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: V/ZMhnE/sIuHqduoWEgkcZ13WW1pHN7PAd8fHQJwOh+1JLUP7coLGsZR8vJ2+Y3JXIZS5gXsFdNDPSWE1FCagg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 search-ffffff.svg
observer.com/wp-content/themes/newyorkobserver-2014/images/ 2 KB
1 KB 16ms
16ms Image
image/svg+xml 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://observer.com/wp-content/themes/newyorkobserver-2014/images/search-ffffff.svg

Requested by

Host: observer.com
URL: https://observer.com/wp-content/themes/newyorkobserver-2014/dist/css/main.min.css?ver=1.9.11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d17298826b7b7ed19af4942adf03fbcea7a7cd9cd5f25a5b9fb0674c71828c87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/wp-content/themes/newyorkobserver-2014/dist/css/main.min.css?ver=1.9.11
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Thu, 08 Dec 2022 11:26:07 GMT
server: nginx
x-rq: hhn2 96 185 443
etag: W/"6391c9cf-960"
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 observer-logo-white-2015.png
observer.com/wp-content/themes/newyorkobserver-2014/images/ 3 KB
3 KB 16ms
16ms Image
image/png 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://observer.com/wp-content/themes/newyorkobserver-2014/images/observer-logo-white-2015.png

Requested by

Host: observer.com
URL: https://observer.com/wp-content/themes/newyorkobserver-2014/dist/css/main.min.css?ver=1.9.11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

74e72473f970d838c52ed8c8fadf1c25883dd561d66df3856bfc137b9da2fea0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/wp-content/themes/newyorkobserver-2014/dist/css/main.min.css?ver=1.9.11
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:07 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn2 111 253 443
last-modified: Thu, 08 Dec 2022 11:26:07 GMT
server: nginx
etag: "6391c9cf-b7d"
x-cache: HIT
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2941

GET
DATA 200
OK truncated
/ 388 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e6f27c1cafd285e55e9a7507489d02e2780f88d3cf5838b0965dbfed021c9f4

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 source-serif-pro-v11-latin-regular.woff2
observer.com/wp-content/themes/newyorkobserver-2014/dist/fonts/ 19 KB
20 KB 7ms
7ms Font
application/font-woff2 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/themes/newyorkobserver-2014/dist/fonts/source-serif-pro-v11-latin-regular.woff2

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

97816b3ca3d676b5241a16fd6fb3f3e4050a3b99c914f0a66f0bcc074617ba80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Origin: https://observer.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:07 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn2 111 254 443
last-modified: Thu, 08 Dec 2022 11:26:07 GMT
server: nginx
etag: "6391c9cf-4df4"
x-cache: HIT
content-type: application/font-woff2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 19956

GET
H2 200 source-serif-pro-v11-latin-600.woff2
observer.com/wp-content/themes/newyorkobserver-2014/dist/fonts/ 20 KB
21 KB 7ms
7ms Font
application/font-woff2 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/themes/newyorkobserver-2014/dist/fonts/source-serif-pro-v11-latin-600.woff2

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

94192424866461cfb1b0e1684654325dd00e5581cbb395d507d613bbb22fdbf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Origin: https://observer.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:07 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn2 111 254 443
last-modified: Thu, 08 Dec 2022 11:26:07 GMT
server: nginx
etag: "6391c9cf-51d4"
x-cache: HIT
content-type: application/font-woff2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 20948

OPTIONS
H2 200 simple
api.sail-personalize.com/v1/personalize/ Frame 0
0 317ms
98ms Preflight
text/plain 75.2.40.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.40.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa7557bb34ea5624b.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-lib-version,x-referring-url
Access-Control-Request-Method: GET
Origin: https://observer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
access-control-allow-methods: OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin: https://observer.com
access-control-max-age: 1800
allow: HEAD,GET,OPTIONS
content-length: 18
content-type: text/plain
date: Thu, 25 Apr 2024 18:31:07 GMT

GET
H2 200 simple Show response
api.sail-personalize.com/v1/personalize/ 10 KB
2 KB 103ms
102ms Fetch
application/json 75.2.40.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Requested by: Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js?ver=5.5.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.40.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa7557bb34ea5624b.awsglobalaccelerator.com
Software: /
Resource Hash: b124286a54721ec239d0e986d2e12d75b5ada2d7b3afed181d7f129896c680ff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
x-lib-version: v1.0.1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
authorization: Bearer eddd21a32bf5284abd9bc8ac7ddeec34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: application/json
accept: application/json
Referer: https://observer.com/
x-referring-url: https://observer.com/
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 25 Apr 2024 18:31:07 GMT
content-encoding: gzip
allowedorigins: *
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
allowedmethods: GET,OPTIONS
cache-control: no-store
access-control-allow-credentials: true
allowedheaders: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
expires: -1

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
259 B 146ms
33ms Image
image/gif 63.34.81.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1714069867277&plid=45526102&idsite=observer.com&url=https%3A%2F%2Fobserver.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fobserver.com%2F&sref=&sts=1714069867275&slts=0&title=News%2C+data+and+insight+about+the+powerful+forces+that+shape+the+world.+%7C+Observer&date=Thu+Apr+25+2024+20%3A31%3A07+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&action=pageview&pvid=92985250&u=pid%3D294ce0229b62d88d62495c0af1244361
Requested by: Host: observer.com
URL: https://observer.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.81.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-81-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 25 Apr 2024 18:31:07 GMT
Cache-Control: no-cache
Last-Modified: Thursday, 25-Apr-2024 18:31:07 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 g.gif
pixel.wp.com/ 50 B
177 B 23ms
6ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=168679389&post=1329211&tz=-4&srv=observer.com&hp=vip&j=1%3A13.3.1&host=observer.com&ref=&fcp=0&rand=0.3693072946940361
Requested by: Host: observer.com
URL: https://observer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Thu, 25 Apr 2024 18:31:07 GMT
cache-control: no-cache
server: nginx
alt-svc: h3=":443"; ma=86400
content-length: 50
content-type: image/gif

GET
H2 200 jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
fonts.gstatic.com/s/librefranklin/v14/ 28 KB
28 KB 29ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librefranklin/v14/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Franklin:wght@400;500;600;700&family=Source+Serif+Pro&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edbf37f6db3f632faaeeeee4aa127c204d0bcc52e940682bc5d4b0fa48ded96b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://observer.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 11:44:26 GMT
x-content-type-options: nosniff
age: 110801
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28224
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:23:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Apr 2025 11:44:26 GMT

GET
H3 200 tinypass.min.js Show response
sandbox.tinypass.com/api/ 399 KB
118 KB 45ms
45ms Script
application/javascript 104.18.176.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox.tinypass.com/api/tinypass.min.js

Requested by

Host: sandbox.tinypass.com
URL: https://sandbox.tinypass.com/xbuilder/experience/load?aid=CMrLcDjZsu

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.176.126 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ada854a2ed3e67a9aec6ef16309a559a0a80f1211e867c3d2f69f8740ebd0583

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:07 GMT
x-amz-version-id: wOjmohSPzQAgUNCUZbKXwv.GIvbyptnp
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=86400; includeSubDomains
x-amz-request-id: F9TMX7W4QPN38HS5
age: 12851
x-amz-server-side-encryption: AES256
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: BiL37SspIldHKFO37d9RojRNMef7MToFPMvPptAh/29nB/T8TQMyfmMmqhyus/ABaf0vhWh/P2sXxPQ7gHeL5g==
last-modified: Mon, 22 Apr 2024 07:28:16 GMT
server: cloudflare
etag: W/"d193f2d2734ca810b12fe540ea0a7d4b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 87a0687ea9632bb4-FRA
expires: Thu, 25 Apr 2024 22:31:07 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 123 KB
48 KB 35ms
35ms Script
application/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-NXSTMDF&cid=72813716.1714069867

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e1c3df7003442cd90241468aba4bd1c592bb932eec8e50164470b43f21901b61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48385
x-xss-protection: 0
last-modified: Thu, 25 Apr 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 25 Apr 2024 18:31:07 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
882 B 37ms
21ms Script
text/javascript 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=en&render=6LexvRggAAAAAF1HvCWrHtG4UAa7m0WIdyIgstAo

Requested by

Host: observer.com
URL: https://observer.com/wp-content/themes/newyorkobserver-2014/dist/js/theme.js?ver=1.9.11.04282045

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f4.1e100.net

Software

GSE /

Resource Hash

da647cc58cb47f8297cdc2adae55deefd11954516476e8717671c4910f96d201

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 25 Apr 2024 18:31:07 GMT

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
482 B 58ms
16ms Image
image/gif 2600:9000:2450:b600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?adslot=ad_300x250_7764548
Requested by: Host: observer.com
URL: https://observer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2450:b600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 17:45:37 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 36376b65972305e899227563992d580e.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P4
age: 2731
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: Hi4JbhwheVJgzkSovm6Zgz-MytkT60B2xRNSzLDcPYIoNFWOn_MBFw==

GET
H2 200 htlbid.js Show response
htlbid.com/build/a4dc3601-aa39-440a-98ea-c2dd444c1e0b/ 576 KB
137 KB 429ms
429ms Script
application/javascript 52.84.174.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/build/a4dc3601-aa39-440a-98ea-c2dd444c1e0b/htlbid.js
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/observer.com/htlbid.js?ver=3.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.174.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-174-23.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d1fb21122f0c73e6ee3447d1b28ae8d7abf2d77c8626e4ce0ebf7bb52d1facf5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:08 GMT
content-encoding: br
via: 1.1 f71686f416809921055425c79026dd70.cloudfront.net (CloudFront)
last-modified: Wed, 03 Apr 2024 16:33:31 GMT
server: AmazonS3
x-amz-cf-pop: CDG50-P1
x-amz-server-side-encryption: AES256
etag: W/"0fb54749139e1c9a2081766145a0f668"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=600
x-amz-cf-id: kf_tMlCbW9vNlLSQYDBEPfDANtxRMnQt2lK_99p2XiW2S1nTkgRASQ==

GET
H2 200 618909876214345 Show response
connect.facebook.net/signals/config/ 56 KB
12 KB 174ms
174ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/618909876214345?v=2.9.154&r=stable&domain=observer.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

af45f246a7204aeafd97d5b7d2952bb4da61778eacf0f7cbfe286ad8874a7c61

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 25 Apr 2024 18:31:07 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=11, rtx=0, c=64, mss=1294, tbw=63219, tp=-1, tpl=-1, uplat=167, ullat=0
pragma: public
x-fb-debug: h9zwjst1wFeKyOmQ2LTFVAag+IdrbHRHnMEWToTsRaMb8UTYwpRKUW1vFG/ZdxmHXSbV2Ni1e+oUqbnw1xCZyQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
252 B 40ms
16ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-T9PLB60R8S&gtm=45je44o0v878262212za200&_p=1714069867140&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=72813716.1714069867&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1714069867&sct=1&seg=0&dl=https%3A%2F%2Fobserver.com%2F&dt=News%2C%20data%20and%20insight%20about%20the%20powerful%20forces%20that%20shape%20the%20world.%20%7C%20Observer&en=page_view&_fv=1&_ss=1&_ee=1&tfd=287
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T9PLB60R8S
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 25 Apr 2024 18:31:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://observer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
252 B 59ms
19ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-T9PLB60R8S&cid=72813716.1714069867&gtm=45je44o0v878262212za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T9PLB60R8S
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 25 Apr 2024 18:31:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://observer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 69ms
53ms Image
image/gif 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-T9PLB60R8S&cid=72813716.1714069867&gtm=45je44o0v878262212za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=702030878

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 25 Apr 2024 18:31:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
225 B 28ms
28ms Image
text/plain 13.249.9.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=37161820&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1714069867362&ns_c=UTF-8&c7=https%3A%2F%2Fobserver.com%2F&c8=News%2C%20data%20and%20insight%20about%20the%20powerful%20forces%20that%20shape%20the%20world.%20%7C%20Observer&c9=
Requested by: Host: observer.com
URL: https://observer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.9.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-9-46.cdg53.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:07 GMT
via: 1.1 35edfe00d0c28f55b85d2366a87b40f8.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: CDG53-C1
x-amz-cf-id: 4ld7GeEeedwDDDsXq0O7vGxBGYk1J9xF747J0vBogi-FQFHFWDDYyg==
x-cache: Miss from cloudfront

POST
H3 200 execute Show response
c2-sandbox.piano.io/xbuilder/experience/ 2 KB
1 KB 146ms
123ms XHR
application/json 104.16.144.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c2-sandbox.piano.io/xbuilder/experience/execute?aid=CMrLcDjZsu

Requested by

Host: sandbox.tinypass.com
URL: https://sandbox.tinypass.com/api/tinypass.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.144.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

465cc2f8495abf31da70167333f686570bdffbce832932aed8c586987c34d75e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: application/json
Referer: https://observer.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:07 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
x-request-id: os6uw1wp2w
pragma: no-cache
server: cloudflare
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://observer.com
access-control-expose-headers: Composer-Request-Control-Policy
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 87a0687f6bdd3674-FRA

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/ 506 KB
202 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en&render=6LexvRggAAAAAF1HvCWrHtG4UAa7m0WIdyIgstAo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

231336ed913a5ebd4445b85486e053caf2b81cab91318241375f3f7a245b6c6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Origin: https://observer.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:01:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1770
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205803
x-xss-protection: 0
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Apr 2025 18:01:37 GMT

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame D5C7 0
0 61ms
46ms Document
text/html 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LexvRggAAAAAF1HvCWrHtG4UAa7m0WIdyIgstAo&co=aHR0cHM6Ly9vYnNlcnZlci5jb206NDQz&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=f97lhjglbgiy

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4I_y7PpuXUsxD3R6e1an5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://observer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-4I_y7PpuXUsxD3R6e1an5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 25 Apr 2024 18:31:07 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 IMG_3766-e1714055809382.jpg
observer.com/wp-content/uploads/sites/2/2024/04/ 6 KB
6 KB 7ms
7ms Image
image/webp 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://observer.com/wp-content/uploads/sites/2/2024/04/IMG_3766-e1714055809382.jpg?quality=80&w=300

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

883553c0f119a1d0b10f230aa90a395ccc85fadcb17e50295dc36ce1379130e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:07 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn2 109 83 443
last-modified: Thu, 25 Apr 2024 14:45:25 GMT
server: nginx
etag: "6c42466e205fb9a4"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 6342

GET
H2 200 Claude-Monet-Meules-a-Giverny.jpg
observer.com/wp-content/uploads/sites/2/2024/04/ 18 KB
18 KB 8ms
8ms Image
image/webp 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://observer.com/wp-content/uploads/sites/2/2024/04/Claude-Monet-Meules-a-Giverny.jpg?resize=300,195

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ba7adb6ed12d9d3bb22cbbfb4075ac7d5ca7e96a0f69ed30403d320f3aeb3ecf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:07 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn2 109 196 443
last-modified: Thu, 25 Apr 2024 14:43:41 GMT
server: nginx
etag: "5995790e61ffc070"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 18504

GET
H2 200 RS80202_kimcontay0398.jpg
observer.com/wp-content/uploads/sites/2/2024/04/ 8 KB
8 KB 8ms
8ms Image
image/webp 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://observer.com/wp-content/uploads/sites/2/2024/04/RS80202_kimcontay0398.jpg?resize=300,240

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

381ff64a0a5b63cf96ac734d0b8a7d113de46c751f1d13a7919a2b02964b1d7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:07 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn2 109 195 443
last-modified: Wed, 24 Apr 2024 23:44:13 GMT
server: nginx
etag: "74abaeea386e5d77"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 8328

GET
H2 200 Whitechapel-Gallery-Is-This-Tomorrow_-pv_Dan-Weill-Photography-45.jpg
observer.com/wp-content/uploads/sites/2/2024/04/ 12 KB
12 KB 9ms
8ms Image
image/webp 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://observer.com/wp-content/uploads/sites/2/2024/04/Whitechapel-Gallery-Is-This-Tomorrow_-pv_Dan-Weill-Photography-45.jpg?resize=300,200

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2c31c1abaa3915e26174ac591888e93e45713747dd20ffa548dff3ee533e6dd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:07 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn2 109 84 443
last-modified: Wed, 24 Apr 2024 12:54:10 GMT
server: nginx
etag: "a2ad5bcd957c0bae"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 11950

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 31ms
10ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=618909876214345&ev=PageView&dl=https%3A%2F%2Fobserver.com%2F&rl=&if=false&ts=1714069867523&sw=1600&sh=1200&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714069867523.1667317607&ler=empty&cdl=API_unavailable&it=1714069867331&coo=false&rqm=GET

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1294, tbw=2764, tp=-1, tpl=-1, uplat=1, ullat=1
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 25 Apr 2024 18:31:07 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 552bd85c4b6223ca05ec90648f1ee31f47f80 Show response
truculentrate.com/7b747834b617d2e/ 303 B
330 B 49ms
30ms Fetch
application/json 34.149.178.20
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://truculentrate.com/7b747834b617d2e/552bd85c4b6223ca05ec90648f1ee31f47f80

Requested by

Host: truculentrate.com
URL: https://truculentrate.com/scripts/3f92345fab9c/22bdf0221b6555de6cdadcba

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.178.20 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

20.178.149.34.bc.googleusercontent.com

Software

Resource Hash

4b6155e5f0fdadaeafe2764fde5e47ed93e4ebfc87aa25cf7abb93ca0e77cc50

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Thu, 25 Apr 2024 18:31:07 GMT
via: 1.1 google
x-buildnumber: 1205290244
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 303
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://observer.com
x-hostname: fen-hoothoot-europe-west1-xmqk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Thu, 25 Apr 2024 18:31:06 GMT

GET
H2 200 Gianluca-Costantini-e1714059788606.jpg
observer.com/wp-content/uploads/sites/2/2024/04/ 6 KB
6 KB 8ms
7ms Image
image/webp 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://observer.com/wp-content/uploads/sites/2/2024/04/Gianluca-Costantini-e1714059788606.jpg?quality=80&w=300

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e780157a9cf6ec568aa60261b0694c2967add35226ed1c7a465c699f1ecc2594

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:07 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn2 109 83 443
last-modified: Thu, 25 Apr 2024 17:31:58 GMT
server: nginx
etag: "33b090481abb4447"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 6082

POST
H3 200 1f61cf905f5b044bd081bfaea1c9e0137de83a626a26c7 Show response
truculentrate.com/3a7a75/ 3 B
29 B 23ms
23ms Fetch
application/json 34.149.178.20
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://truculentrate.com/3a7a75/1f61cf905f5b044bd081bfaea1c9e0137de83a626a26c7

Requested by

Host: truculentrate.com
URL: https://truculentrate.com/scripts/3f92345fab9c/22bdf0221b6555de6cdadcba

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.178.20 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

20.178.149.34.bc.googleusercontent.com

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Thu, 25 Apr 2024 18:31:07 GMT
via: 1.1 google
x-buildnumber: 1205290244
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://observer.com
x-hostname: fen-hoothoot-europe-west1-xmqk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Thu, 25 Apr 2024 18:31:06 GMT

OPTIONS
H/1.1 200
OK view
overlay-track.sailthru.cloud/v1/overlay/ Frame 0
0 402ms
93ms Preflight
text/plain 52.21.67.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://overlay-track.sailthru.cloud/v1/overlay/view
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.67.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-67-129.compute-1.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-lib-version
Access-Control-Request-Method: POST
Origin: https://observer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 13
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://observer.com
access-control-max-age: 1800
allow: POST,OPTIONS
content-type: text/plain
date: Thu, 25 Apr 2024 18:31:07 GMT
server: envoy
x-envoy-upstream-service-time: 0

POST
H/1.1 200
OK view Show response
overlay-track.sailthru.cloud/v1/overlay/ 17 B
422 B 93ms
92ms Fetch
application/json 52.21.67.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://overlay-track.sailthru.cloud/v1/overlay/view
Requested by: Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js?ver=5.5.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.67.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-67-129.compute-1.amazonaws.com
Software: envoy /
Resource Hash: 5f4871b277dbebec4d8490673a48154537dc6f1969140f67c333e85704b50564

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-Lib-Version: v1.0.1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Bearer eddd21a32bf5284abd9bc8ac7ddeec34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://observer.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:08 GMT
allowedorigins: *
server: envoy
vary: Origin
content-type: application/json
access-control-allow-origin: *
allowedmethods: GET,OPTIONS
access-control-allow-credentials: true
allowedheaders: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
x-envoy-upstream-service-time: 1
Connection: keep-alive
Content-Length: 17

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 95 KB
30 KB 71ms
48ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: htlbid.com
URL: https://htlbid.com/build/a4dc3601-aa39-440a-98ea-c2dd444c1e0b/htlbid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac612ff993ea195af47c46aef917a2d1e044f99b46ee6c51b165bf57ddcd59a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30163
x-xss-protection: 0
server: cafe
etag: 859 / 19838 / m202404220101 / config-hash: 1852115046722027093
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 25 Apr 2024 18:31:07 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 303 KB
75 KB 35ms
7ms Script
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: htlbid.com
URL: https://htlbid.com/build/a4dc3601-aa39-440a-98ea-c2dd444c1e0b/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e544c0243ce3eb74dadf47f4dcda9e975502dc0ce5d59dea7dcb76397e403925

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 17:43:11 GMT
content-encoding: gzip
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront), 1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
last-modified: Wed, 24 Apr 2024 20:29:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 2877
x-amz-server-side-encryption: AES256
etag: W/"6105a53f37b3579acb3324e9fac88e22"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: i2KtGqVtEK-IlBr6hiZNXdxCQ7_ICwj22Zxos9Xxpd06l1fMR3_Ibg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 22ms
7ms XHR
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding: gzip
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
date: Thu, 25 Apr 2024 02:18:07 GMT
x-amz-cf-pop: FRA56-P6
age: 59065
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: DFEGY8VdvWxdUNu7c6TsW0M-B6Rc2B3a4TjT-N1n6ZgiL0tumAm1EA==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404220101/ 451 KB
141 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404220101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

64a6292aa44ac001a7c6026ff4e1a84752c43bb8bacecc61cf0cb1fec6d2a98e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 10:27:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29041
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 143663
x-xss-protection: 0
server: cafe
etag: 12023246194401291214
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 25 Apr 2025 10:27:06 GMT

GET
H2 200 .js Show response
dyv1bugovvq1g.cloudfront.net/79/observer.com/ 4 KB
1 KB 473ms
431ms Fetch
application/json 2600:9000:2394:da00:5:82fd:2500:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dyv1bugovvq1g.cloudfront.net/79/observer.com/.js
Requested by: Host: htlbid.com
URL: https://htlbid.com/build/a4dc3601-aa39-440a-98ea-c2dd444c1e0b/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2394:da00:5:82fd:2500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 131ab8c9c680e2be5a66a9261dc4dc672abd61ba2b5d09e58337023f0fdf7388

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 25 Apr 2024 18:31:09 GMT
content-encoding: gzip
via: 1.1 01abec7ece24959c09067a58477de9ee.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 553
x-amz-expiration: expiry-date="Tue, 25 Jun 2024 00:00:00 GMT", rule-id="cleanup"
last-modified: Thu, 25 Apr 2024 18:30:57 GMT
server: AmazonS3
etag: "0edac20fc0cb397ae8ccb3897dc9dc3b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://observer.com
cache-control: max-age=300
access-control-allow-credentials: true
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: d1_-DyxyoW1jD3aa2-MdZislcpQpCkqhv3NwwZN8dmcw3jdvfBt-ow==

GET
H2 200 30787d05-7895-471e-9cdf-d931d7b5ea5d Show response
config.aps.amazon-adsystem.com/configs/ 563 B
830 B 32ms
6ms Script
application/javascript 18.245.31.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/30787d05-7895-471e-9cdf-d931d7b5ea5d
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.31.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-31-123.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: d960ec924eb69e567c94f9ba13ed16056553c7ae133c0c489a5805307e04e3d0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:18:23 GMT
via: 1.1 1e0f88a39289286be3e03ff93487da80.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P8
age: 764
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 563
x-amz-cf-id: Q0qeIbnSrTwS8Yu_aMhTqPxkYIuSacWq4wApjQNCWdmAmdazbi3yxQ==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 1 KB
1 KB 8ms
8ms XHR
application/json 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fobserver.com&pubid=30787d05-7895-471e-9cdf-d931d7b5ea5d
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 5ae4511cca9105f1d4a785b54345acc66ba7a06dd9352fa9b5b280475cb05d63

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 15:50:40 GMT
via: 1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 9626
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://observer.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1029
x-amz-cf-id: zUryZ_YeCHjhCnfHEPqhWmHyIdYqaiES9Eg3EWH_9SwXIUv5_O6Z8g==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
356 B 105ms
61ms XHR
text/javascript 18.66.143.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fobserver.com%2F&pid=IO4GNbx7gc0rO&cb=0&ws=1600x1200&v=24.418.2211&t=2000&slots=%5B%7B%22sd%22%3A%22htlad-1-gpt%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F22133348250%2Fobserver_leaderboard_atf%22%7D%5D&schain=1.0%2C1%21hashtag-labs.com%2C1010%2C1%2C%2C%2C&pubid=30787d05-7895-471e-9cdf-d931d7b5ea5d&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&_c=1
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.143.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-143-149.fra60.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:07 GMT
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://observer.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: z5OpbrdiVC3ZgCB5qahzGb2AMZzH7daRujwnxBFSSL7ZUvN7RtWldg==

GET
H2 200 22133348250 Show response
fundingchoicesmessages.google.com/i/ 181 KB
61 KB 54ms
32ms Script
application/javascript 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/22133348250?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cf50e6b50c2e03441b18e6b559f23825f66aa543d5bf7ef52d14fc19bd60785e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LB3gqxSvrJjmxgHpf39JIg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:08 GMT
content-security-policy: script-src 'report-sample' 'nonce-LB3gqxSvrJjmxgHpf39JIg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmII0pBiOHHrNtMFID7vdIfpOhDXMjxjagViA43nTBZALPH1JZMWEMc8n86aAsRO6TNYQ4DYp34GaxwQt948xzodiE8uOM96EYiT_p1nLQFiIW6ON4dWbWQTWHFzEycA0TEvzQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 0
0 287ms
92ms Preflight 23.20.111.240
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.20.111.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-20-111-240.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://observer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Thu, 25 Apr 2024 18:31:08 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 services.js Show response
js.gumgum.com/ 118 KB
43 KB 43ms
10ms Script
application/javascript 18.245.86.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.gumgum.com/services.js
Requested by: Host: observer.com
URL: https://observer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-118.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6f90222580ee23e209117a7b00b615ff1bdeb4662ddd3949cb3a44198bc36ce0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: YI8u9dehPPkd1Hc36pzJ90WuOOyYh9el
content-encoding: gzip
via: 1.1 b2340053ff948864db4d5e3c0ab3f3ea.cloudfront.net (CloudFront)
date: Thu, 25 Apr 2024 17:51:40 GMT
x-amz-cf-pop: FRA60-P6
age: 2369
x-cache: Hit from cloudfront
x-amz-meta-access-control-allow-origin: *
last-modified: Mon, 22 Apr 2024 21:14:23 GMT
server: AmazonS3
x-amz-meta-timing-allow-origin: *
etag: W/"e43163b76d91873aeb54a60df09c0ed8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: j1DgRyOs5afmlm0beWEXbjvutBNwAOtpiqlApdJpbTjRKllGj8wZmg==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 92 KB
27 KB 62ms
33ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5ea0b0db096a448f119be16ce2dbd9d5811db9470d79151605dd54e12bf7108

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:08 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 22 Apr 2024 12:18:50 GMT
server: cloudflare
x-amz-request-id: W7M8W8R23SHF1EP9
age: 3182
etag: W/"886c2a9bb057542911decd57257ef59a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 87a068831e0c1cbf-FRA
x-amz-id-2: d9WgKDG+Bv733G/eaK1m7sQPQ5FZC25nzPET2pKKz1OaNwIPSQN58c98+/AgflH4X247OWAL7DReW4y9b7vEjA==

POST
H2 200 recordVendorsLoaded Show response
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 0
128 B 91ms
91ms XHR
text/plain 23.20.111.240
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.20.111.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-20-111-240.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 25 Apr 2024 18:31:08 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 200 AGSKWxVgyR6JyhIV8iDr9AsSMjKWe42WQbVVQ5Uv1qwWBQgcXhnoad0bgKgBSdP0ymgNHqfj1dUD4L-8DG6zegu2uT8gdUx8Ajl-v2PPHK3xEz9JurhxfYVgwIVuKmpaPtkXLnQTOBTyfA== Show response
fundingchoicesmessages.google.com/f/ 402 KB
62 KB 107ms
106ms Script
application/javascript 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVgyR6JyhIV8iDr9AsSMjKWe42WQbVVQ5Uv1qwWBQgcXhnoad0bgKgBSdP0ymgNHqfj1dUD4L-8DG6zegu2uT8gdUx8Ajl-v2PPHK3xEz9JurhxfYVgwIVuKmpaPtkXLnQTOBTyfA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE0MDY5ODY4LDYxMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL29ic2VydmVyLmNvbS8iLG51bGwsW1s4LCJVb0FOdk5MX0R2QSJdLFs5LCJkZSJdLFsyMCwiW251bGwsbnVsbCxbOTUzMjk4NDNdLG51bGwsMl0iXSxbMTksIjEiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.UoANvNL_DvA.es5.O/am=gAE/d=1/rs=AJlcJMxAtIEYj-gt707IvSR2UBiaZ7_BWw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c25bfba09c2fb6a0cfe78ffe6df3f37db5b5a484f4ede8e0b716f6cea743b747

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-905aW3sZ3DQAshp6PHF_yQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:08 GMT
content-security-policy: script-src 'report-sample' 'nonce-905aW3sZ3DQAshp6PHF_yQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmJw0JBiOO90h-k6ENcyPGNqBWIDjedMFkAs8fUlkxYQxzyfzpoCxE7pM1hDgNinfgZrHBC33jzHOh2ITy44z3oRiJP-nWctAWIhbo43h1ZtZBPY8XC5DwDRGCr9"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 109 KB
6 KB 130ms
130ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.UoANvNL_DvA.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMy8e6J6akdkH1ndSG0vgfRXfSQTFA/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7df673e538998d7c9cf0962551f429a5903f021b4f3af4e5dd050f79224d3ef5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 25 Apr 2024 18:31:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 25 Apr 2024 18:31:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Apr 2024 18:31:08 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Origin: https://observer.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 23 Apr 2024 00:50:53 GMT
x-content-type-options: nosniff
age: 236415
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Apr 2025 00:50:53 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 125 KB
126 KB 11ms
11ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Origin: https://observer.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 11:51:26 GMT
x-content-type-options: nosniff
age: 110382
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Apr 2025 11:51:26 GMT

POST
H3 204 AGSKWxWpooZBA_EUNIqw8GsHR_U-cYcl8zrxO3mfsh2D_XSvOCdBlZWKZrLmY4hizkleZSnDpgS2BSFopO2fZ3rfdJ31dtlCqetGN55-OFsnIGuE91WBwIZBCXdB2VZCX8Vcg5LiXwk93w== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 39ms
20ms XHR
text/html 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWpooZBA_EUNIqw8GsHR_U-cYcl8zrxO3mfsh2D_XSvOCdBlZWKZrLmY4hizkleZSnDpgS2BSFopO2fZ3rfdJ31dtlCqetGN55-OFsnIGuE91WBwIZBCXdB2VZCX8Vcg5LiXwk93w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BqHLQOPwI6xTA8NH2IxyzA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Apr 2024 18:31:08 GMT
content-security-policy: script-src 'report-sample' 'nonce-BqHLQOPwI6xTA8NH2IxyzA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0pBiqGV4xtQKxE7pM1hDgFiIh-PNoVUb2QRmrDjZyQgAx-AMRQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://observer.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 trail-running-sneakers-2-skisuit-1.png
observer.com/wp-content/uploads/sites/2/2024/04/ 37 KB
38 KB 10ms
8ms Image
image/webp 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://observer.com/wp-content/uploads/sites/2/2024/04/trail-running-sneakers-2-skisuit-1.png?resize=300,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e28555470d56208a9945bc269e9e16d41a28d14442608ce40da281331492fce3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:08 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn2 109 28 443
last-modified: Thu, 25 Apr 2024 12:14:50 GMT
server: nginx
etag: "5d23b4d4c156ceb6"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 38228

GET
H2 200 image3.jpeg
observer.com/wp-content/uploads/sites/2/2024/04/ 11 KB
11 KB 9ms
8ms Image
image/webp 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://observer.com/wp-content/uploads/sites/2/2024/04/image3.jpeg?resize=300,205

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c2dcbc7a1fe3f33dcbc12f7061d22bfb2c4affa2f46210999dd39d05dc903550

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:08 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn2 109 86 443
last-modified: Wed, 24 Apr 2024 15:43:30 GMT
server: nginx
etag: "a5cefcab824d09ed"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 11248

GET
H2 200 Cynthia-Rowley-Rebecca-Hessel-Cohen-Libby-Klein-BFA_44644_6291932.jpg
observer.com/wp-content/uploads/sites/2/2024/04/ 15 KB
15 KB 11ms
10ms Image
image/webp 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://observer.com/wp-content/uploads/sites/2/2024/04/Cynthia-Rowley-Rebecca-Hessel-Cohen-Libby-Klein-BFA_44644_6291932.jpg?resize=300,200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e979ec51a65a695c3d1a8796dda3649fc4f8096b0c362c1459c6d9a75b9f9b95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:08 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn2 109 144 443
last-modified: Tue, 23 Apr 2024 17:38:38 GMT
server: nginx
etag: "dd74dee10f8369d7"
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 15190

GET
H2 200 favicon-32x32.png
observer.com/wp-content/themes/newyorkobserver-2014/images/favicons/ 650 B
885 B 8ms
8ms Other
image/png 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/themes/newyorkobserver-2014/images/favicons/favicon-32x32.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

21518ef157a10926512edff2d621b03c1a867affafe2f5247cfe3fb19e831edb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:08 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn2 111 253 443
last-modified: Thu, 08 Dec 2022 11:26:07 GMT
server: nginx
etag: "6391c9cf-28a"
x-cache: HIT
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 650

GET
H2 200 Joe-Garcia-2.jpeg
observer.com/wp-content/uploads/sites/2/2024/04/ 11 KB
11 KB 126ms
125ms Image
image/webp 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://observer.com/wp-content/uploads/sites/2/2024/04/Joe-Garcia-2.jpeg?resize=300,200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ba2892f2fcef62f8b3b171f3a42590519552d8a823e606ae281bfabac5dc4b52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:08 GMT
strict-transport-security: max-age=31536000;includeSubdomains;preload
x-rq: hhn2 109 195 443
last-modified: Thu, 25 Apr 2024 18:31:08 GMT
server: nginx
etag: "8f7e020cd81d3c4c"
x-cache: MISS
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes, bytes
content-length: 11204

GET
H2 200 oPS.js Show response
d15kdpgjg3unno.cloudfront.net/ 110 KB
25 KB 54ms
14ms Script
text/javascript 2600:9000:20ab:600:11:b309:9100:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=79
Requested by: Host: htlbid.com
URL: https://htlbid.com/build/a4dc3601-aa39-440a-98ea-c2dd444c1e0b/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:600:11:b309:9100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f53a1349c7e1b1bd2285747e1ffc2ccfd224dfdaf69e25177b9a450f64472fad

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: mggrV7G7kc1FKqK6FbjFdMPekFPfBmS9
content-encoding: gzip
via: 1.1 b744839339b269ebb49818cc6c300b6a.cloudfront.net (CloudFront)
date: Thu, 25 Apr 2024 15:06:00 GMT
last-modified: Tue, 23 Apr 2024 16:05:55 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P3
age: 12309
x-amz-server-side-encryption: AES256
etag: W/"16bd97cfec0b9803bef28358fd90efc5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=84600
x-amz-cf-id: pAiyX5-ClxcynuKsvvd2gP5gcwfASqUsF6PvvFycEjgg7gYMrUhzEA==

GET
H/1.1 200
OK 1x1-pixel.png
ams-pageview-public.s3.amazonaws.com/ 68 B
460 B 380ms
98ms Image
image/png 3.5.11.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ams-pageview-public.s3.amazonaws.com/1x1-pixel.png?id=1e511584efcb
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 3.5.11.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 25 Apr 2024 18:31:10 GMT
Last-Modified: Mon, 26 Oct 2020 16:52:19 GMT
Server: AmazonS3
x-amz-request-id: 87AMF04ZT98SJMNG
ETag: "91e42db1c66c0b276abf6234dc50b2eb"
Content-Type: image/png
Cache-Control: no-store
Accept-Ranges: bytes
Content-Length: 68
x-amz-id-2: kZ8Lc36vaSW9Q0J9kiU3PiVr/QTpfT+6p20aCfLqYWTBXkgMWgxSByIVojyIAj/1J4yjJ1TWgQ//IXYRXIMInQ==

POST
H/1.1 200
OK Test_oPS_Script_Loads Show response
sqs.us-east-1.amazonaws.com/397719490216/ 378 B
682 B 380ms
94ms XHR
text/xml 3.239.232.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sqs.us-east-1.amazonaws.com/397719490216/Test_oPS_Script_Loads?Action=SendMessage&MessageBody=cid%3D79%26bt%3Dnull
Requested by: Host: d15kdpgjg3unno.cloudfront.net
URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=79
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.239.232.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-239-232-63.compute-1.amazonaws.com
Software: /
Resource Hash: 1c1655d5af19b9ba4d9bee84c8fe75ea37ffd33b80c0cc6d9aa8642077e0d06c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
Date: Thu, 25 Apr 2024 18:31:09 GMT
connection: keep-alive
x-amzn-RequestId: d2f1ed32-bc95-5be8-a66b-b3961f38c89c
Content-Length: 378
Content-Type: text/xml

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 578 KB
182 KB 168ms
50ms Script
application/x-javascript 104.103.207.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js?ver=1.0.0
Requested by: Host: observer.com
URL: https://observer.com/wp-content/plugins/xcurrent/assets/js/script-queue.js?ver=bebcad848e998ab9ae82c8431c754b8a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.103.207.236 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-103-207-236.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1eaa858a0906f3ff2fd5f328ddce3c4ee7e9d26402aa93d790901b8f6b5fb377

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 25 Apr 2024 18:31:09 GMT
Content-Encoding: gzip
x-amz-request-id: 571XKVPM4PHM8B1V
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: YdqaawsLPzoXdUOCYQcW+x+Z5cv/Oqt+Sg/J30en7xOErdl0ZdsNJ7tNKDFGXh/23uFWP3DWrnE=
Last-Modified: Wed, 17 Apr 2024 22:21:27 GMT
Server: AmazonS3
ETag: "1e7092b45f732f8991a5f902c4e79532"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 t Show response
jadserve.postrelease.com/ 4 KB
2 KB 542ms
180ms Script
text/javascript 34.216.236.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fobserver.com%2F&ntv_mvi
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js?ver=1.0.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.216.236.248 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-216-236-248.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 6785db2e9824cd6830d866138ae53bb7f4e7b674af917d5603ba7ae8e7ed4b91

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 25 Apr 2024 18:31:10 GMT
content-encoding: gzip
server: nginx
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 1408
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 app.js Show response
observer.com/wp-content/themes/newyorkobserver-2014/dist/js/ 5 KB
2 KB 7ms
6ms Script
application/javascript 192.0.66.160
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://observer.com/wp-content/themes/newyorkobserver-2014/dist/js/app.js?ver=1.9.11

Requested by

Host: observer.com
URL: https://observer.com/wp-content/plugins/xcurrent/assets/js/script-queue.js?ver=bebcad848e998ab9ae82c8431c754b8a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.160 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7b56af893358318f9825834c44e15ba72af5dd08fda34a56c0bd7b6ef1d9f355

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubdomains;preload
last-modified: Wed, 24 Apr 2024 15:29:56 GMT
server: nginx
x-rq: hhn2 111 254 443
etag: W/"66292574-15f6"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 291 KB
92 KB 48ms
48ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5BPNP6

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

579f4cac83f34e2345da9284c385e781a3b67651fbf07ad31141b4d759cc5704

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94142
x-xss-protection: 0
last-modified: Thu, 25 Apr 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 25 Apr 2024 18:31:09 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 74ms
10ms Script
application/javascript 2620:116:800d:21:62d6:bce2:3622:ab07
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5BPNP6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:62d6:bce2:3622:ab07 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:10 GMT
content-encoding: gzip
etag: "bvEECQq4Zy6gU9J/qv1O6Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 02 May 2024 18:31:10 GMT

GET
H2 200 hotjar-3537567.js Show response
static.hotjar.com/c/ 9 KB
4 KB 34ms
12ms Script
application/javascript 18.66.102.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3537567.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5BPNP6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-53.fra56.r.cloudfront.net

Software

Resource Hash

aa9dc3aec9b193b203f29f43be8b0fa8deb2a7e2eeff778df4103edf49d31506

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 25 Apr 2024 18:31:10 GMT
via: 1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 7
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/486c13bfe784683265d83cb8b00a02f5
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: _TCmSuqQ8X9L0IT3ravfn82E9rbMp_TCLCjL-vFXTAiO99uITcCapw==

GET
H3 200 832096553515722 Show response
connect.facebook.net/signals/config/ 29 KB
5 KB 153ms
153ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/832096553515722?v=2.9.154&r=stable&domain=observer.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105%2C184%2C183%2C185%2C190%2C191%2C192%2C188%2C180%2C122%2C150%2C179%2C181%2C113%2C144%2C135%2C139%2C119%2C174%2C216%2C106%2C217%2C152%2C110%2C133%2C126%2C114

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

4012b0cd05d90a3e3c3fdf098ac089acbfa390fd85dbf1733079178370e5ab7d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 25 Apr 2024 18:31:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4608, tp=11, tpl=0, uplat=144, ullat=1
pragma: public
x-fb-debug: HVM9E+F82OVAkhzoZUy55vXbGw5OGhDkYvcegmblUBxHGJgU09UtJQmS7mUCZa5QwXKot0c5oOSHz165AFoPfQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 21ms
21ms Script
application/javascript 13.249.9.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: observer.com
URL: https://observer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.9.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-9-46.cdg53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 01:18:57 GMT
content-encoding: gzip
via: 1.1 35edfe00d0c28f55b85d2366a87b40f8.cloudfront.net (CloudFront)
last-modified: Thu, 07 Dec 2023 12:13:41 GMT
server: AmazonS3
x-amz-cf-pop: CDG53-C1
age: 61933
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: hG1imqz2C8-7kpEVHWq-o2hhtL8aicyxSy1ZiX7Lak4qLxFji8g9eQ==

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
722 B 11ms
11ms Script
text/javascript 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:21:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 557
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 25 Apr 2024 19:21:53 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
0 0ms
0ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5BPNP6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 17:41:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3007
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 25 Apr 2024 19:41:00 GMT

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 15ms
14ms Ping
image/gif 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 25 Apr 2024 18:31:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://observer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 20ms
19ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-1212249-1&cid=72813716.1714069867&jid=1700722921&uid=72813716.1714069867&gjid=1474629916&_gid=1668534808.1714069867&npa=1&_u=aGDAgUAjQAAAAEAEK~&z=1384603072

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 25 Apr 2024 18:31:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://observer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 14ms
14ms Ping
image/gif 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 25 Apr 2024 18:31:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://observer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.25f289cf2c430c5f1dfb.js Show response
script.hotjar.com/ 221 KB
55 KB 26ms
7ms Script
application/javascript 13.32.27.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.25f289cf2c430c5f1dfb.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3537567.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-54.fra56.r.cloudfront.net

Software

Resource Hash

bcce269fe4e329e6aac07bda59f9f10948f0ff09a492146306f16bfc24a99e35

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 13:00:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 19864
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55734
last-modified: Thu, 25 Apr 2024 12:59:19 GMT
etag: "3ff5bf469e0b33aaa48641e0415af35f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: sSNZESas_E1slDihrJe2O5PsgWQQqligiduT5fFUn5IJA4OnYGLlww==

GET
H2 200 rules-p-UtaLhd9K6h6Mf.js Show response
rules.quantcount.com/ 160 B
643 B 81ms
23ms Script
application/javascript 2600:9000:25a2:3000:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-UtaLhd9K6h6Mf.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25a2:3000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3afad7944608ccb8f39bb022444e73be0d7d2bc03ade1aebd436d17c3c2eefc4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:10 GMT
via: 1.1 aca4cfc16ad0f84e78738cc400bfb7f4.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH55-P1
age: 127
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Fri, 14 Oct 2022 00:57:38 GMT
server: AmazonS3
etag: "5e639fe6c85b0bcfca5ebb1b7d3b3dec"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: cMkvJy0oRlD8ulNKaX56UZkRUUoEqWZ6mVAGGjSUaVChU1PbsmisGw==

GET
H2 204 services Show response
g2.gumgum.com/publishers/13011/ 0
244 B 105ms
32ms XHR
text/plain 54.170.58.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/publishers/13011/services?dp=https%3A%2F%2Fobserver.com%2F&pu=https%3A%2F%2Fobserver.com%2F&ogu=https%3A%2F%2Fobserver.com%2F&rf=&r=3.88.30&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A16%2C%22ren%22%3A2%2C%22fc%22%3A0%2C%22ctx%22%3A%5B2%5D%2C%22jsv%22%3A%223.88.30%22%2C%22pbv%22%3A%220.0.0%22%7D&ns=10240&bf=bce17fc43c6683277dff421ccab307a524fbca5e&ce=true&fs=false&dpr=1&sch=1200&scw=1600&lt=1714069870064&to=-120&vpii=false&vph=1200&vpw=1600&productIds=1&gdprApplies=1
Requested by: Host: js.gumgum.com
URL: https://js.gumgum.com/services.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.170.58.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-170-58-114.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://observer.com
date: Thu, 25 Apr 2024 18:31:10 GMT
access-control-allow-credentials: true
server: nginx
timing-allow-origin: *
etag: "0d41d8cd98f00b204e9800998ecf8427e"

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 41ms
41ms Image
image/gif 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1212249-1&cid=72813716.1714069867&jid=1700722921&npa=1&_u=aGDAgUAjQAAAAEAEK~&z=320155949

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 25 Apr 2024 18:31:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 49ms
48ms Image
image/gif 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1212249-1&cid=72813716.1714069867&jid=1700722921&npa=1&_u=aGDAgUAjQAAAAEAEK~&z=320155949

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 25 Apr 2024 18:31:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
126 B 9ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=832096553515722&ev=PageView&dl=https%3A%2F%2Fobserver.com%2F&rl=&if=false&ts=1714069870147&sw=1600&sh=1200&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714069867523.1667317607&ler=empty&cdl=API_unavailable&cs_est=true&it=1714069867331&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=11, rtx=0, c=10, mss=1294, tbw=3116, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 25 Apr 2024 18:31:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
421 B 180ms
179ms Image
image/gif 34.216.236.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=4207784&ntv_pl=1092087
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.216.236.248 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-216-236-248.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 25 Apr 2024 18:31:10 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 privacyConsent
jadserve.postrelease.com/ 43 B
421 B 178ms
177ms Image
image/gif 34.216.236.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/privacyConsent?ntv_pl=1127205&ntv_gdpr_consent=&ntv_it
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.216.236.248 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-216-236-248.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 25 Apr 2024 18:31:10 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 56ms
29ms Script
application/javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: observer.com
URL: https://observer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f08699117c1f15f6d35e7b4380d12d18a1881f075e177b5853b1017a3307544

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 25 Apr 2024 18:31:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: zgTRIDojRJmnmBTwUyI2Vw==
age: 7
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6882
x-ms-lease-status: unlocked
last-modified: Wed, 24 Apr 2024 02:34:14 GMT
server: cloudflare
etag: 0x8DC64070814D9A8
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 91415424-301e-0069-1b61-9600cf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87a06892bfe236dd-FRA
expires: Fri, 26 Apr 2024 18:31:10 GMT

GET
H2 200 3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js Show response
cdn.permutive.com/ 365 KB
87 KB 54ms
25ms Script
application/javascript 2606:4700::6811:7611
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js
Requested by: Host: observer.com
URL: https://observer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7611 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39727f9b7aca589784dccb043e74ad342e0e12d51574a6c56805258391383019

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:10 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: 3b5c18b9-96b7-48e4-a3ef-011eb84a970d
age: 0
x-guploader-uploadid: ABPtcPoN_Y3LgSzJxxaBy3MweMDSGo6OEOX2_CiMitTCqEKO9Gj00kZcDpdF9IeORf3JUQ6qjg
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
content-length: 88221
last-modified: Mon, 04 Dec 2023 18:06:56 GMT
server: cloudflare
etag: "7f7c522a45dee2d28cc83565b3c530ae"
vary: Accept-Encoding
x-goog-generation: 1701713216013437
content-type: application/javascript
x-goog-hash: crc32c=SOUSNA==, md5=f3xSKkXe4tKMyDVls8Uwrg==
cache-control: public, max-age=900
x-goog-stored-content-length: 88221
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 87a06892c8348f40-FRA
expires: Thu, 25 Apr 2024 18:46:10 GMT

GET
H2 200 6a95224d-e53b-4c23-b2a6-31faa3db3cc4.json Show response
cdn.cookielaw.org/consent/6a95224d-e53b-4c23-b2a6-31faa3db3cc4/ 3 KB
2 KB 56ms
38ms XHR
application/x-javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6a95224d-e53b-4c23-b2a6-31faa3db3cc4/6a95224d-e53b-4c23-b2a6-31faa3db3cc4.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cc8f8f131774a8405d79658e64366f7044e6f439cfccaf977aecf0deb4c052e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 25 Apr 2024 18:31:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 81753
content-md5: 0CCuNb2oi4MBXRI3Igqd4w==
content-length: 1135
x-ms-lease-status: unlocked
last-modified: Thu, 12 Nov 2020 16:47:25 GMT
server: cloudflare
etag: 0x8D8872AA28370D2
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 9ad88797-901e-0094-7055-148eea000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87a068930c9b2c79-FRA
expires: Fri, 26 Apr 2024 18:31:10 GMT

GET
H3 200 sdk-runtime-config.js Show response
sandbox.tinypass.com/api/v3/anon/assets/ 266 B
430 B 46ms
31ms XHR
application/json 104.18.176.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox.tinypass.com/api/v3/anon/assets/sdk-runtime-config.js?aid=CMrLcDjZsu

Requested by

Host: sandbox.tinypass.com
URL: https://sandbox.tinypass.com/api/tinypass.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.176.126 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aeeca7f7606664ffc7f5bc77a638613d793cba1e89b6fc250e50a5bbcedd0436

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:10 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 25 Apr 2024 15:00:27 GMT
server: cloudflare
age: 12643
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 87a068931fe4bb97-FRA
alt-svc: h3=":443"; ma=86400
x-request-id: Sr07ics63cA
expires: Thu, 25 Apr 2024 22:31:10 GMT

GET
H2 200 pxid Show response
3b5c18b9-96b7-48e4-a3ef-011eb84a970d.prmutv.co/v2.0/ 46 B
383 B 48ms
20ms XHR
application/json 35.241.9.51
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://3b5c18b9-96b7-48e4-a3ef-011eb84a970d.prmutv.co/v2.0/pxid?k=6b8d2782-a057-45b2-b2fd-5e7238c30400
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.9.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 51.9.241.35.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 751ab7f99b150c083477932738d2887ea11147d82a7e2e7548962ee2419e92ee

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 25 Apr 2024 18:31:10 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://observer.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66

GET
H2 200 getuidj Show response
ib.adnxs.com/ 11 B
698 B 75ms
14ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: cdn.permutive.com
URL: https://cdn.permutive.com/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 Apr 2024 18:31:10 GMT
an-x-request-uuid: da016ece-5a91-4393-9dcb-6fb1304ef020
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://observer.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.10.196; 80.255.10.196; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 11
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
BLOB 200
OK c43075f8-e4eb-4dea-9bd9-c2eed28a4de4
https://observer.com/ 76 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://observer.com/c43075f8-e4eb-4dea-9bd9-c2eed28a4de4
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2f0c89ae1b6ee5da942accbbf66c5853d64ff32b0d08247ebb4fb5fd025bc843

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 78105
Content-Type

GET
BLOB 200
OK 9da7eef8-4c95-43b4-9d73-e21ec803d699
https://observer.com/ 76 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://observer.com/9da7eef8-4c95-43b4-9d73-e21ec803d699
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2f0c89ae1b6ee5da942accbbf66c5853d64ff32b0d08247ebb4fb5fd025bc843

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 78105
Content-Type

GET
H2 200 geoip Show response
api.permutive.com/v2.0/ 260 B
361 B 46ms
17ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=6b8d2782-a057-45b2-b2fd-5e7238c30400
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 7091197f441ac5d7d26b49ce0528e9b4dd84a08cace92ba8ca896641d908e884

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 25 Apr 2024 18:31:10 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://observer.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177

POST
H2 200 watson Show response
api.permutive.com/v2.0/ 307 B
275 B 49ms
21ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/watson?k=6b8d2782-a057-45b2-b2fd-5e7238c30400
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 90d614055473a8d8bca4a7934c3b3cf482c6b8a021fdac29317880e499286eb5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 25 Apr 2024 18:31:10 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://observer.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 219

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 68 B
306 B 58ms
38ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9433f83f20500145850d5aabddced402dcfc94e310072e9a3f545df0bdb9f96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
accept: application/json
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 18:31:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 87a068936e1f9034-FRA
access-control-allow-headers: Content-Type

POST
H3 200 identify Show response
api.permutive.com/v2.0/ 50 B
88 B 37ms
28ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/identify?k=6b8d2782-a057-45b2-b2fd-5e7238c30400
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e8021101b7107539fd6ae30ed33cf6838d7ce7c92f023a540a0050605687a481

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 25 Apr 2024 18:31:10 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://observer.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70

POST
H2 200 segment Show response
api.permutive.com/adv/v2/ 36 B
91 B 27ms
26ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/adv/v2/segment?new-session=true&k=6b8d2782-a057-45b2-b2fd-5e7238c30400
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 95ad89143c22c60442bfab4646c8a5e85cef5f091e0f26405a160e2197f73706

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Thu, 25 Apr 2024 18:31:10 GMT
via: 1.1 google
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36
content-type: application/json

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.9.0/ 341 KB
74 KB 26ms
26ms Script
application/javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a13b93c05af6ec6255b737032aa3f5d1f4823ed2d57d12c0735bd2c4adc8efc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 25 Apr 2024 18:31:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 56jOXvghU3RiFIKiZ2Zh+g==
age: 1799
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 75725
x-ms-lease-status: unlocked
last-modified: Fri, 20 Nov 2020 16:34:12 GMT
server: cloudflare
etag: 0x8D88D721D404CB2
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 037c5acf-b01e-0083-4e54-2327e1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87a06893b93336dd-FRA

POST
H3 200 audiences Show response
api.permutive.com/audience-matching/v1/id/a5333ff7-578d-4d40-8809-eb81177db49b/ 12 B
25 B 77ms
76ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/audience-matching/v1/id/a5333ff7-578d-4d40-8809-eb81177db49b/audiences?k=6b8d2782-a057-45b2-b2fd-5e7238c30400
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: /
Resource Hash: 2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 25 Apr 2024 18:31:10 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12
content-type: application/json

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/6a95224d-e53b-4c23-b2a6-31faa3db3cc4/3f4fae5c-af44-4ce7-8f4d-cb1cf522c97c/ 73 KB
13 KB 37ms
37ms Fetch
application/x-javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6a95224d-e53b-4c23-b2a6-31faa3db3cc4/3f4fae5c-af44-4ce7-8f4d-cb1cf522c97c/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c724c4cb202cda5ac3fc5dd433b3403995f9c2ddd9b45f52713de38a62deedd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 25 Apr 2024 18:31:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 81752
content-md5: EBsOpg7Elu1REC0UgglQbw==
content-length: 12888
x-ms-lease-status: unlocked
last-modified: Thu, 12 Nov 2020 16:47:33 GMT
server: cloudflare
etag: 0x8D8872AA6D573E5
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 276d6e86-b01e-0058-7432-0de1dc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87a06893eda32c79-FRA
expires: Fri, 26 Apr 2024 18:31:10 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.9.0/assets/ 13 KB
3 KB 28ms
28ms Fetch
application/json 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.9.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb44400a61edda0b628ad2ff62cb5d299fab4e7a18d586ae7d70481c6c9550b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 25 Apr 2024 18:31:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: nLr4hEi4fuLY/p0DQsLcMA==
age: 55541
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3343
x-ms-lease-status: unlocked
last-modified: Fri, 20 Nov 2020 16:34:03 GMT
server: cloudflare
etag: 0x8D88D721792550E
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: b3cfae66-201e-005a-4d72-795f64000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87a068943e012c79-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.9.0/assets/ 62 KB
15 KB 23ms
23ms Fetch
application/json 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.9.0/assets/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.9.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84e13b47921ee79d3fab38b733e08dc04ca99b25c1880cb25475c9315ddc2146

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 25 Apr 2024 18:31:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ue/MTNcIjSCNWtleQfbrzg==
age: 81752
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 14986
x-ms-lease-status: unlocked
last-modified: Fri, 20 Nov 2020 16:34:03 GMT
server: cloudflare
etag: 0x8D88D7217E98574
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 0a5af3cd-701e-0025-5690-1390ff000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87a068943e062c79-FRA

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 101 B
129 B 17ms
17ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=6b8d2782-a057-45b2-b2fd-5e7238c30400
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 7c38e8de0514c5c48ec66a034b1fe3a5b13f01ac56ea1eca3e98fe0637e54922

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 25 Apr 2024 18:31:11 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://observer.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111

POST
H3 200 state Show response
api.permutive.com/v1.0/ 0
34 B 50ms
50ms XHR
text/plain 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v1.0/state?fetch_unseen=true&k=6b8d2782-a057-45b2-b2fd-5e7238c30400
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/3b5c18b9-96b7-48e4-a3ef-011eb84a970d-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://observer.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Thu, 25 Apr 2024 18:31:11 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20

Verdicts & Comments Add Verdict or Comment

290 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
observer.com/	1970-01-21 05:43:49	Name: hcpermutive_uuid Value: ac579c2e-ce39-4114-8613-4207b87a7560
observer.com/	1970-01-20 20:07:51	Name: sailthru_pageviews Value: 1
.observer.com/	1970-01-20 20:07:51	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://observer.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1714069867275%2C%22slts%22:0}
.observer.com/	1970-01-21 05:37:13	Name: _parsely_visitor Value: {%22id%22:%22pid=294ce0229b62d88d62495c0af1244361%22%2C%22session_count%22:1%2C%22last_session_ts%22:1714069867275}
.observer.com/	1970-01-20 20:09:16	Name: _gid Value: GA1.2.1668534808.1714069867
.observer.com/	1970-01-21 05:43:49	Name: _ga_T9PLB60R8S Value: GS1.1.1714069867.1.0.1714069867.60.0.0
.observer.com/	1970-01-21 05:36:37	Name: _pcid Value: %7B%22browserId%22%3A%22lvfkxy81jx913863%22%7D
observer.com/	1970-01-20 20:07:50	Name: __adblocker Value: false
.observer.com/	1970-01-20 22:17:25	Name: _fbp Value: fb.1.1714069867523.1667317607
.piano.io/	1970-01-20 20:07:51	Name: __cf_bm Value: vSbNAsJWJZ9eGfwVqLzJ9CkeWuBTaftJ1UTbfDfE3Bs-1714069867-1.0.1.1-8Zmw.pcg2AVY8YHlMzPQVuknFk7D5mioVd2jvKPOmF53i3H.8e368rRxsrX9EPpRDjndptr_rzQI2aeSLsCRtA
.observer.com/	1970-01-21 05:43:49	Name: __tbc Value: %7Bkpex%7DYv7xnnkdm8OxsedHg1YSZVdTU3wEERCQM5U4cL1uHVdQ5UnP7_LkxLABlshujTYy
.observer.com/	1970-01-20 20:51:01	Name: __pat Value: -14400000
.observer.com/	1970-01-20 20:09:16	Name: __pvi Value: eyJpZCI6InYtMjAyNC0wNC0yNS0yMC0zMS0wNy0zOTYtUVo3UnRkdVZnM29UclFISS1iMjAyYTYwYjljNGYwZGU2MzYxNWUzYjY2MWViZjg2MSIsImRvbWFpbiI6Ii5vYnNlcnZlci5jb20iLCJ0aW1lIjoxNzE0MDY5ODY3NTUwfQ%3D%3D
.observer.com/	1970-01-21 05:36:37	Name: _pctx Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAE0RXQF8g
.observer.com/	1970-01-21 05:43:49	Name: xbc Value: %7Bkpex%7Dc91PSDFQ5TNyVMGTPhyD4oSBVbQWeLlSI8O1teMOGbE
.observer.com/	1970-01-21 05:36:37	Name: _awl Value: 2.1714069867.5-edb3bc129d77c684fc129eb9b08f7cac-6763652d6575726f70652d7765737431-0
observer.com/	1970-01-21 04:53:25	Name: sailthru_visitor Value: 3e745ce3-6fb8-496a-8fd8-dfde62fc07a7
observer.com/	1970-01-20 20:09:16	Name: userVisitTime Value: 1714069867700
observer.com/	1970-01-20 20:07:51	Name: sailthru_overlays Value: b1adba21-b19e-44b6-ae1f-9721d100122e
.observer.com/	1970-01-21 04:53:25	Name: _sharedID Value: 67b5575c-a939-4e45-8b70-fb868b06fc7d
.observer.com/	1970-01-21 04:53:25	Name: _sharedID_cst Value: zix7LPQsHA%3D%3D
.observer.com/	1970-01-21 05:43:49	Name: _ga Value: GA1.2.72813716.1714069867
.observer.com/	1970-01-20 20:07:49	Name: _dc_gtm_UA-1212249-1 Value: 1
.observer.com/	1970-01-21 04:53:25	Name: _hjSessionUser_3537567 Value: eyJpZCI6IjZmMTdjOWNhLTMyMzktNTJhZS1hZGExLWQ3NTRjY2Q5NTZlNCIsImNyZWF0ZWQiOjE3MTQwNjk4NzAxMTIsImV4aXN0aW5nIjpmYWxzZX0=
.observer.com/	1970-01-20 20:07:51	Name: _hjSession_3537567 Value: eyJpZCI6IjY2MjMwOTcyLWI0ZTEtNDhkYy05NGFiLTA0NTRkNmJhYzNjOSIsImMiOjE3MTQwNjk4NzAxMTMsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.gumgum.com/	1970-01-21 04:53:25	Name: cs Value: true
.postrelease.com/	1970-01-21 04:53:25	Name: opt_out Value: 1
observer.com/	1969-12-31 23:59:59	Name: ntvSession Value: {"id":4207784,"placementID":1092087,"lastInteraction":1714069870426,"sessionStart":1714069870426,"sessionEndDate":1714082400000,"experiment":""}
.observer.com/	1970-01-21 00:31:21	Name: permutive-id Value: a5333ff7-578d-4d40-8809-eb81177db49b
.3b5c18b9-96b7-48e4-a3ef-011eb84a970d.prmutv.co/	1970-01-20 22:18:52	Name: pxid Value: ea73e376-61cc-46ce-8ad1-038bb4d8160c
.adnxs.com/	1970-01-21 05:43:49	Name: receive-cookie-deprecation Value: 1
.observer.com/	1970-01-21 04:53:25	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Thu+Apr+25+2024+20%3A31%3A10+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=6.9.0&hosts=&landingPath=https%3A%2F%2Fobserver.com%2F&groups=C0003%3A1%2CC0001%3A1%2CC0002%3A1%2CC0004%3A1

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/618909876214345?v=2.9.154&r=stable&domain=observer.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 97) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://observer.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://observer.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://observer.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://observer.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://observer.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://observer.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://observer.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://observer.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3b5c18b9-96b7-48e4-a3ef-011eb84a970d.prmutv.co
aax.amazon-adsystem.com
ak.sail-horizon.com
ams-pageview-public.s3.amazonaws.com
api.permutive.com
api.sail-personalize.com
c.amazon-adsystem.com
c2-sandbox.piano.io
cdn.cookielaw.org
cdn.id5-sync.com
cdn.parsely.com
cdn.permutive.com
config.aps.amazon-adsystem.com
connect.facebook.net
d15kdpgjg3unno.cloudfront.net
dyv1bugovvq1g.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
g2.gumgum.com
geolocation.onetrust.com
htlbid.com
ib.adnxs.com
jadserve.postrelease.com
js.gumgum.com
observer.com
overlay-track.sailthru.cloud
p1.parsely.com
pixel.wp.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
region1.analytics.google.com
rules.quantcount.com
s.ntv.io
sandbox.tinypass.com
sb.scorecardresearch.com
script.hotjar.com
secure.quantserve.com
securepubads.g.doubleclick.net
sqs.us-east-1.amazonaws.com
static.adsafeprotected.com
static.hotjar.com
stats.g.doubleclick.net
stats.wp.com
truculentrate.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.npttech.com
104.103.207.236
104.16.144.111
104.18.176.126
108.138.6.136
13.249.9.46
13.32.27.54
142.250.181.238
142.250.185.206
142.250.186.35
142.250.186.36
157.240.252.13
172.67.155.215
18.245.31.123
18.245.86.118
18.66.102.53
18.66.112.84
18.66.143.149
185.89.210.212
192.0.66.160
192.0.76.3
2001:4860:4802:32::36
23.20.111.240
2600:1901:0:7416::1
2600:9000:20ab:600:11:b309:9100:21
2600:9000:2394:da00:5:82fd:2500:21
2600:9000:2450:b600:8:48e:53c0:93a1
2600:9000:25a2:3000:6:44e3:f8c0:93a1
2606:4700:10::6816:3556
2606:4700:4400::6812:2089
2606:4700::6811:7611
2606:4700::6813:b234
2620:116:800d:21:62d6:bce2:3622:ab07
2a00:1450:4001:80f::2002
2a00:1450:4001:812::200e
2a00:1450:4001:81c::2003
2a00:1450:4001:81d::200e
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2003
2a00:1450:400c:c00::9d
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
3.161.77.50
3.239.232.63
3.5.11.188
34.107.254.252
34.149.178.20
34.216.236.248
35.241.9.51
52.21.67.129
52.84.174.23
54.170.58.114
63.34.81.234
75.2.40.13
01e9582655224c83e6c075f44b7eecb135e108b6ad2150bf6f78a0a77c4ad5e0
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08137d731439f76c8cd0193d46327d52c4502db4021386720da4be5137edcb54
092ba44b604265b3a250eb85cbc4ae21492592b8cd7fa29b50a727bd6a16b9f3
0e5d8531aedae1051fb0901d9912ad820054c1405cec3b23c523a90a32538054
131ab8c9c680e2be5a66a9261dc4dc672abd61ba2b5d09e58337023f0fdf7388
14b27b959663f40325736814b0a55096dbcf0d1cbd2dea1e862d9ce8240376cc
1889f65ec8711c38d9f5789d2fcd4d2f13fa1d1e4b8b3bc4d4a7193c0fae5f1e
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1c1655d5af19b9ba4d9bee84c8fe75ea37ffd33b80c0cc6d9aa8642077e0d06c
1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c
1eaa858a0906f3ff2fd5f328ddce3c4ee7e9d26402aa93d790901b8f6b5fb377
21518ef157a10926512edff2d621b03c1a867affafe2f5247cfe3fb19e831edb
231336ed913a5ebd4445b85486e053caf2b81cab91318241375f3f7a245b6c6b
262fbcc7922dfabfbb72c1c366ae208230efbed08f7fc16988db51650c1e01ba
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78
2c31c1abaa3915e26174ac591888e93e45713747dd20ffa548dff3ee533e6dd2
2cb546fbdda7995d374fffa4b2f6530bbcf57d014639ddf76de45df43d593045
2cbc6c13af45bc311311531d579cd7e529376564ba3eef9af1f50e02f0998db0
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2ec23484fae47980001eed8805ef2fa389d25d6b9db0a5aaeb41ecb76c411905
2f0c89ae1b6ee5da942accbbf66c5853d64ff32b0d08247ebb4fb5fd025bc843
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
36e24dc06e51fdd9b13497039bf3c286b61476669c715a274b9a6703b4000a2b
381ff64a0a5b63cf96ac734d0b8a7d113de46c751f1d13a7919a2b02964b1d7a
39727f9b7aca589784dccb043e74ad342e0e12d51574a6c56805258391383019
3a7ab362bfd8cc11527812e52f934f1676932bd373d931d87d91cd78a6ea6f50
3afad7944608ccb8f39bb022444e73be0d7d2bc03ade1aebd436d17c3c2eefc4
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
4012b0cd05d90a3e3c3fdf098ac089acbfa390fd85dbf1733079178370e5ab7d
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
465cc2f8495abf31da70167333f686570bdffbce832932aed8c586987c34d75e
4b6155e5f0fdadaeafe2764fde5e47ed93e4ebfc87aa25cf7abb93ca0e77cc50
4ce1f595ea044b955619f6839a22ac34a22d80efde699f84f044976baa4831e3
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a
579f4cac83f34e2345da9284c385e781a3b67651fbf07ad31141b4d759cc5704
57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37
5ae4511cca9105f1d4a785b54345acc66ba7a06dd9352fa9b5b280475cb05d63
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1
5c724c4cb202cda5ac3fc5dd433b3403995f9c2ddd9b45f52713de38a62deedd
5d55f7c21f317b20841033125e19ef280ff06aba9c8cb5ee2d6065220d8e5a30
5dcc91d8afece472ec1fa7b0c35200cd3f4b253678726472dff6a60fee20b6e4
5f1af9bac81d90cae055dc049058b0038311d9a828cd2685d11b8cd2fa400bb9
5f4871b277dbebec4d8490673a48154537dc6f1969140f67c333e85704b50564
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
64a6292aa44ac001a7c6026ff4e1a84752c43bb8bacecc61cf0cb1fec6d2a98e
6785db2e9824cd6830d866138ae53bb7f4e7b674af917d5603ba7ae8e7ed4b91
6a13b93c05af6ec6255b737032aa3f5d1f4823ed2d57d12c0735bd2c4adc8efc
6c05e433ca10b433edfc856fd903cb5f2da848a54e4507642a48981deed8bb05
6eb7a18174bf6a3ba003999e45eecbb81059c52b2c7b2da91b85e944e948c6e6
6f08699117c1f15f6d35e7b4380d12d18a1881f075e177b5853b1017a3307544
6f90222580ee23e209117a7b00b615ff1bdeb4662ddd3949cb3a44198bc36ce0
7091197f441ac5d7d26b49ce0528e9b4dd84a08cace92ba8ca896641d908e884
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74cd24ddc81aa3ee59910410a00b9fb31dfba22b8f185de0a8a9f46103b97f4a
74e72473f970d838c52ed8c8fadf1c25883dd561d66df3856bfc137b9da2fea0
751ab7f99b150c083477932738d2887ea11147d82a7e2e7548962ee2419e92ee
752d88609fbe6d78c2ff1add6b15af083d4749d3d7a1123a14b16680a1d46737
7b56af893358318f9825834c44e15ba72af5dd08fda34a56c0bd7b6ef1d9f355
7becc09d43b550e2a43e20e0037f1283c9830a62c7d0e5cab6ee9ee50998ec0b
7c38e8de0514c5c48ec66a034b1fe3a5b13f01ac56ea1eca3e98fe0637e54922
7cc8f8f131774a8405d79658e64366f7044e6f439cfccaf977aecf0deb4c052e
7df673e538998d7c9cf0962551f429a5903f021b4f3af4e5dd050f79224d3ef5
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84e13b47921ee79d3fab38b733e08dc04ca99b25c1880cb25475c9315ddc2146
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
883553c0f119a1d0b10f230aa90a395ccc85fadcb17e50295dc36ce1379130e4
90d614055473a8d8bca4a7934c3b3cf482c6b8a021fdac29317880e499286eb5
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
94192424866461cfb1b0e1684654325dd00e5581cbb395d507d613bbb22fdbf9
95ad89143c22c60442bfab4646c8a5e85cef5f091e0f26405a160e2197f73706
97816b3ca3d676b5241a16fd6fb3f3e4050a3b99c914f0a66f0bcc074617ba80
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
9d5e418b5750653e02058cfa67d6b8f6311359cb276229f2d7307ffa05b3f840
9e6f27c1cafd285e55e9a7507489d02e2780f88d3cf5838b0965dbfed021c9f4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a384a78bc8bee6afceab3ff107315b1bdcc0fd2622246826d16b503e742a8cdf
a7b23f357530667a4d5d574a7b9141f0858db9f3dc49ad1e676bd850b8093c22
aa9dc3aec9b193b203f29f43be8b0fa8deb2a7e2eeff778df4103edf49d31506
ac612ff993ea195af47c46aef917a2d1e044f99b46ee6c51b165bf57ddcd59a7
ada854a2ed3e67a9aec6ef16309a559a0a80f1211e867c3d2f69f8740ebd0583
aeeca7f7606664ffc7f5bc77a638613d793cba1e89b6fc250e50a5bbcedd0436
af45f246a7204aeafd97d5b7d2952bb4da61778eacf0f7cbfe286ad8874a7c61
b124286a54721ec239d0e986d2e12d75b5ada2d7b3afed181d7f129896c680ff
b5ea0b0db096a448f119be16ce2dbd9d5811db9470d79151605dd54e12bf7108
b6cf23ed282a5cb25c43c5923908a43cc8c4c9e92b23a1f73eb7b0af46ef6534
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b7e6db8dfe79e6581a5accc07438706f2ff043bc6f9cb4f61f549a4f5d0ee4e8
ba2892f2fcef62f8b3b171f3a42590519552d8a823e606ae281bfabac5dc4b52
ba7adb6ed12d9d3bb22cbbfb4075ac7d5ca7e96a0f69ed30403d320f3aeb3ecf
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc1718bf9b04dc8fcdf7c1ef4ed00516bbce6de5f8ee489669fc83e9d7c726ac
bcce269fe4e329e6aac07bda59f9f10948f0ff09a492146306f16bfc24a99e35
c0eb09d747f4cb0d61057afe50609d7419873b0bdbc56f6965f3098a1cf6d975
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c25bfba09c2fb6a0cfe78ffe6df3f37db5b5a484f4ede8e0b716f6cea743b747
c2dcbc7a1fe3f33dcbc12f7061d22bfb2c4affa2f46210999dd39d05dc903550
c46b033d7688f2f46e87a04634a1389db91ceea1be9cb70d1ae9205819739a7e
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf50e6b50c2e03441b18e6b559f23825f66aa543d5bf7ef52d14fc19bd60785e
d17298826b7b7ed19af4942adf03fbcea7a7cd9cd5f25a5b9fb0674c71828c87
d1fb21122f0c73e6ee3447d1b28ae8d7abf2d77c8626e4ce0ebf7bb52d1facf5
d747bc0ec8a549bb25f0bab199d8e3019bcea7cfaf1438d55da2fabcff48f2c3
d960ec924eb69e567c94f9ba13ed16056553c7ae133c0c489a5805307e04e3d0
da6374c9a2081446ee989dd64ecb74c2286bdef1e60d1e087472718421b8ef2b
da647cc58cb47f8297cdc2adae55deefd11954516476e8717671c4910f96d201
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1c3df7003442cd90241468aba4bd1c592bb932eec8e50164470b43f21901b61
e28555470d56208a9945bc269e9e16d41a28d14442608ce40da281331492fce3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e403519d23bf3823766a2e4e2615efe5e7b0924d354e37898f5317905bb7521e
e544c0243ce3eb74dadf47f4dcda9e975502dc0ce5d59dea7dcb76397e403925
e780157a9cf6ec568aa60261b0694c2967add35226ed1c7a465c699f1ecc2594
e8021101b7107539fd6ae30ed33cf6838d7ce7c92f023a540a0050605687a481
e9433f83f20500145850d5aabddced402dcfc94e310072e9a3f545df0bdb9f96
e979ec51a65a695c3d1a8796dda3649fc4f8096b0c362c1459c6d9a75b9f9b95
edbf37f6db3f632faaeeeee4aa127c204d0bcc52e940682bc5d4b0fa48ded96b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5f8d6a9ea52bd9b20497b837b74bde31586062d5b0e16be75f8bbdffc29840
f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f53a1349c7e1b1bd2285747e1ffc2ccfd224dfdaf69e25177b9a450f64472fad
fb44400a61edda0b628ad2ff62cb5d299fab4e7a18d586ae7d70481c6c9550b2

observer.com Open in urlscan Pro 192.0.66.160 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

145 Requests

98 %HTTPS

39 %IPv6

38 Domains

51 Subdomains

55 IPs

6 Countries

2425 kBTransfer

7942 kBSize

32 Cookies

14 Outgoing links

Page URL History

Redirected requests

145 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

observer.com Open in urlscan Pro
192.0.66.160 Public Scan

Screenshot
Live screenshot

Full Image

145
Requests

98 %
HTTPS

39 %
IPv6

38
Domains

51
Subdomains

55
IPs

6
Countries

2425 kB
Transfer

7942 kB
Size

32
Cookies

145 HTTP transactions
3 data transactions