www.newsobserver.com Open in urlscan Pro
104.96.161.200 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://apple.news/PwA9f0YPMD6d-kRQnoIDfYI?articleList=ATb0A_RitQeOqvXyztUNA1g
Effective URL:
https://www.newsobserver.com/news/local/article265792376.html
Submission: On September 23 via api (September 23rd 2022, 10:47:35 pm UTC) from US — Scanned from DE

Summary HTTP 161 Redirects Links 53 Behaviour Indicators

Summary

This website contacted 47 IPs in 5 countries across 36 domains to perform 161 HTTP transactions. The main IP is 104.96.161.200, located in Vienna, Austria and belongs to AKAMAI-AS, US. The main domain is www.newsobserver.com. The Cisco Umbrella rank of the primary domain is 108823.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on July 1st 2022. Valid for: 5 months.

This is the only time www.newsobserver.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2a02:26f0:f70... 2a02:26f0:f700:290::3277	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	2a02:26f0:350... 2a02:26f0:3500:584::1aca	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
32	104.96.161.200 104.96.161.200	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400d:80a::2004	15169 (GOOGLE) (GOOGLE)
2	3.213.88.240 3.213.88.240	14618 (AMAZON-AES) (AMAZON-AES)
1	15.188.95.229 15.188.95.229	16509 (AMAZON-02) (AMAZON-02)
1	2600:1901:0:7... 2600:1901:0:7e2f::1	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	52.222.236.104 52.222.236.104	16509 (AMAZON-02) (AMAZON-02)
3	13.36.218.177 13.36.218.177	16509 (AMAZON-02) (AMAZON-02)
1 1	34.248.32.199 34.248.32.199	16509 (AMAZON-02) (AMAZON-02)
2	52.30.247.235 52.30.247.235	16509 (AMAZON-02) (AMAZON-02)
2 2	142.251.39.66 142.251.39.66	15169 (GOOGLE) (GOOGLE)
9	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:400d:807::2003	15169 (GOOGLE) (GOOGLE)
3	205.185.216.42 205.185.216.42	20446 (STACKPATH...) (STACKPATH-CDN)
1	2a00:1450:400... 2a00:1450:400d:806::200a	15169 (GOOGLE) (GOOGLE)
2	13.32.110.81 13.32.110.81	16509 (AMAZON-02) (AMAZON-02)
1 6	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
1	199.232.198.217 199.232.198.217	54113 (FASTLY) (FASTLY)
1	2606:4700:440... 2606:4700:4400::6812:2962	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.215.40 143.204.215.40	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:206... 2600:9000:206f:1200:11:b309:9100:21	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:206... 2600:9000:206f:c400:5:82fd:2500:21	16509 (AMAZON-02) (AMAZON-02)
2	151.101.65.194 151.101.65.194	54113 (FASTLY) (FASTLY)
1	2600:9000:223... 2600:9000:223f:c800:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.120.253.250 34.120.253.250	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	13.32.99.23 13.32.99.23	16509 (AMAZON-02) (AMAZON-02)
1	96.16.147.243 96.16.147.243	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	107.178.250.234 107.178.250.234	15169 (GOOGLE) (GOOGLE)
1	65.9.61.60 65.9.61.60	16509 (AMAZON-02) (AMAZON-02)
1	184.51.9.197 184.51.9.197	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.32.99.122 13.32.99.122	16509 (AMAZON-02) (AMAZON-02)
1	3.236.169.39 3.236.169.39	14618 (AMAZON-AES) (AMAZON-AES)
6	34.98.72.95 34.98.72.95	15169 (GOOGLE) (GOOGLE)
2	2600:1901:0:2... 2600:1901:0:2de6::1	15169 (GOOGLE) (GOOGLE)
1	63.34.81.234 63.34.81.234	16509 (AMAZON-02) (AMAZON-02)
1	54.175.195.64 54.175.195.64	14618 (AMAZON-AES) (AMAZON-AES)
1	35.186.239.245 35.186.239.245	15169 (GOOGLE) (GOOGLE)
1	34.120.133.69 34.120.133.69	15169 (GOOGLE) (GOOGLE)
1	34.102.180.93 34.102.180.93	15169 (GOOGLE) (GOOGLE)
8	52.16.246.173 52.16.246.173	16509 (AMAZON-02) (AMAZON-02)
2	3.120.48.214 3.120.48.214	16509 (AMAZON-02) (AMAZON-02)
1	34.107.191.194 34.107.191.194	15169 (GOOGLE) (GOOGLE)
1	34.111.8.32 34.111.8.32	15169 (GOOGLE) (GOOGLE)
1	34.102.193.48 34.102.193.48	15169 (GOOGLE) (GOOGLE)
161	47

3 2a02:26f0:f700:290::3277 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

apple.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:26f0:3500:584::1aca (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 104.96.161.200 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-161-200.deploy.static.akamaitechnologies.com

www.newsobserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.heraldsun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.213.88.240 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-88-240.compute-1.amazonaws.com

trinitymedia.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.188.95.229 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

adobedc.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:7e2f::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)

flowerstreatment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-104.fra56.r.cloudfront.net

mcclatchy-newsobserver.zeustechnology.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

edge.adobedc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.32.199 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-32-199.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.247.235 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-247-235.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.39.66 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s39-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.66.49 (United States)

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lasteventf-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

vd.trinitymedia.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::200a (Ireland)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.110.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-81.vie50.r.cloudfront.net

mcclatchy-newsobserver.cdn.zephr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.130.137 (United States) 1 redirects

ASN54113 (FASTLY, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.198.217 (United States)

ASN54113 (FASTLY, US)

static.scroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2962 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-40.fra53.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:1200:11:b309:9100:21 (United States)

ASN16509 (AMAZON-02, US)

d15kdpgjg3unno.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:c400:5:82fd:2500:21 (United States)

ASN16509 (AMAZON-02, US)

dyv1bugovvq1g.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.194 (United States)

ASN54113 (FASTLY, US)

confiant-integrations.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:c800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.253.250 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 250.253.120.34.bc.googleusercontent.com

tag.wknd.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-23.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.16.147.243 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-147-243.deploy.static.akamaitechnologies.com

www.everestjs.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.250.234 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com

js.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.61.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-61-60.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.51.9.197 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-9-197.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-122.fra60.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.236.169.39 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-236-169-39.compute-1.amazonaws.com

sqs.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.98.72.95 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 95.72.98.34.bc.googleusercontent.com

assets.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:2de6::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)

scissorsstatement.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.34.81.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-81-234.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.175.195.64 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-195-64.compute-1.amazonaws.com

www.i.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.239.245 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 245.239.186.35.bc.googleusercontent.com

data.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.69 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 69.133.120.34.bc.googleusercontent.com

page.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.180.93 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 93.180.102.34.bc.googleusercontent.com

view.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.16.246.173 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-246-173.eu-west-1.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.48.214 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-48-214.eu-central-1.compute.amazonaws.com

depart.trinitymedia.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.191.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.191.107.34.bc.googleusercontent.com

ids.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.8.32 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 32.8.111.34.bc.googleusercontent.com

api.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.193.48 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 48.193.102.34.bc.googleusercontent.com

e.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	newsobserver.com www.newsobserver.com — Cisco Umbrella Rank: 108823	5 MB
10	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1036 sync-tm.everesttech.net — Cisco Umbrella Rank: 562 lasteventf-tm.everesttech.net — Cisco Umbrella Rank: 6631	1 KB
8	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1218	6 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	373 KB
8	apple.com www.apple.com — Cisco Umbrella Rank: 278	792 KB
7	bounceexchange.com assets.bounceexchange.com — Cisco Umbrella Rank: 2202 api.bounceexchange.com — Cisco Umbrella Rank: 2463	205 KB
7	trinitymedia.ai trinitymedia.ai — Cisco Umbrella Rank: 12006 vd.trinitymedia.ai — Cisco Umbrella Rank: 15076 depart.trinitymedia.ai — Cisco Umbrella Rank: 13799	332 KB
6	connatix.com 1 redirects cd.connatix.com — Cisco Umbrella Rank: 3546 cds.connatix.com — Cisco Umbrella Rank: 3689 capi.connatix.com — Cisco Umbrella Rank: 3850	291 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 40 imasdk.googleapis.com — Cisco Umbrella Rank: 424	129 KB
3	cdnbasket.net data.cdnbasket.net — Cisco Umbrella Rank: 5826 page.cdnbasket.net — Cisco Umbrella Rank: 5828 view.cdnbasket.net — Cisco Umbrella Rank: 5832	1014 B
3	matheranalytics.com 1 redirects js.matheranalytics.com — Cisco Umbrella Rank: 12509 www.i.matheranalytics.com — Cisco Umbrella Rank: 12450	42 KB
3	adobedc.net edge.adobedc.net — Cisco Umbrella Rank: 7004	2 KB
3	demdex.net adobedc.demdex.net — Cisco Umbrella Rank: 10262 dpm.demdex.net — Cisco Umbrella Rank: 208	4 KB
3	apple.news apple.news — Cisco Umbrella Rank: 240	17 KB
2	cdnwidget.com ids.cdnwidget.com — Cisco Umbrella Rank: 4512 e.cdnwidget.com — Cisco Umbrella Rank: 14210	304 B
2	scissorsstatement.com scissorsstatement.com — Cisco Umbrella Rank: 56743	729 B
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 2822 p1.parsely.com — Cisco Umbrella Rank: 2187	24 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 153	2 KB
2	fastly.net confiant-integrations.global.ssl.fastly.net — Cisco Umbrella Rank: 1310	94 KB
2	cloudfront.net d15kdpgjg3unno.cloudfront.net dyv1bugovvq1g.cloudfront.net	21 KB
2	zephr.com mcclatchy-newsobserver.cdn.zephr.com — Cisco Umbrella Rank: 409867	988 B
2	doubleclick.net 2 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 210	711 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	88 KB
1	amazonaws.com sqs.us-east-1.amazonaws.com — Cisco Umbrella Rank: 4890	658 B
1	privacymanager.io geo.privacymanager.io — Cisco Umbrella Rank: 1400	593 B
1	ntv.io s.ntv.io — Cisco Umbrella Rank: 3145	137 KB
1	everestjs.net www.everestjs.net — Cisco Umbrella Rank: 6261	3 KB
1	wknd.ai tag.wknd.ai — Cisco Umbrella Rank: 6235	37 KB
1	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 575	465 B
1	rlcdn.com ats.rlcdn.com — Cisco Umbrella Rank: 1358	35 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 678	306 B
1	scroll.com static.scroll.com — Cisco Umbrella Rank: 5555	7 KB
1	zeustechnology.com mcclatchy-newsobserver.zeustechnology.com — Cisco Umbrella Rank: 291049	53 KB
1	heraldsun.com www.heraldsun.com — Cisco Umbrella Rank: 303947	4 KB
1	flowerstreatment.com flowerstreatment.com — Cisco Umbrella Rank: 56349	28 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	966 B
161	36

	Domain	Requested by
31	www.newsobserver.com	apple.news www.newsobserver.com
8	jadserve.postrelease.com	s.ntv.io www.newsobserver.com
8	sync-tm.everesttech.net	www.newsobserver.com
8	www.apple.com	apple.news www.apple.com
7	fonts.gstatic.com	fonts.googleapis.com
6	assets.bounceexchange.com	tag.wknd.ai assets.bounceexchange.com
3	cds.connatix.com	www.newsobserver.com cd.connatix.com
3	vd.trinitymedia.ai	trinitymedia.ai
3	edge.adobedc.net	www.newsobserver.com
3	fonts.googleapis.com	www.newsobserver.com vd.trinitymedia.ai
3	apple.news	apple.news
2	depart.trinitymedia.ai	vd.trinitymedia.ai
2	scissorsstatement.com	flowerstreatment.com
2	js.matheranalytics.com	1 redirects www.newsobserver.com
2	sb.scorecardresearch.com	www.newsobserver.com
2	confiant-integrations.global.ssl.fastly.net	www.newsobserver.com confiant-integrations.global.ssl.fastly.net
2	capi.connatix.com	www.newsobserver.com cd.connatix.com
2	mcclatchy-newsobserver.cdn.zephr.com	www.newsobserver.com
2	cm.g.doubleclick.net	2 redirects
2	dpm.demdex.net	www.newsobserver.com
2	trinitymedia.ai	www.newsobserver.com vd.trinitymedia.ai
2	connect.facebook.net	www.newsobserver.com connect.facebook.net
1	e.cdnwidget.com	www.newsobserver.com
1	api.bounceexchange.com	assets.bounceexchange.com
1	ids.cdnwidget.com	assets.bounceexchange.com
1	view.cdnbasket.net	assets.bounceexchange.com
1	page.cdnbasket.net	assets.bounceexchange.com
1	data.cdnbasket.net	assets.bounceexchange.com
1	www.i.matheranalytics.com	www.newsobserver.com
1	p1.parsely.com	www.newsobserver.com
1	lasteventf-tm.everesttech.net	www.everestjs.net
1	sqs.us-east-1.amazonaws.com	d15kdpgjg3unno.cloudfront.net
1	geo.privacymanager.io	ats.rlcdn.com
1	s.ntv.io	www.newsobserver.com
1	cdn.parsely.com	www.newsobserver.com
1	www.everestjs.net	www.newsobserver.com
1	tag.wknd.ai	www.newsobserver.com
1	static.adsafeprotected.com	flowerstreatment.com
1	dyv1bugovvq1g.cloudfront.net	www.newsobserver.com
1	d15kdpgjg3unno.cloudfront.net	www.newsobserver.com
1	ats.rlcdn.com	www.newsobserver.com
1	geolocation.onetrust.com	www.newsobserver.com
1	static.scroll.com	www.newsobserver.com
1	cd.connatix.com	1 redirects
1	imasdk.googleapis.com	www.newsobserver.com
1	www.gstatic.com	www.google.com
1	cm.everesttech.net	1 redirects
1	mcclatchy-newsobserver.zeustechnology.com	www.newsobserver.com
1	www.heraldsun.com	www.newsobserver.com
1	flowerstreatment.com	www.newsobserver.com
1	adobedc.demdex.net	www.newsobserver.com
1	www.google.com	www.newsobserver.com
161	52

This site contains links to these domains. Also see Links.

Domain
www.heraldsun.com
account.newsobserver.com
mycheckout.newsobserver.com
liveedition.newsobserver.com
jobs.newsobserver.com
www.legacy.com
newsobserver.newspapers.com
subscribe.newsobserver.com
myaccount.newsobserver.com
go.mcclatchy.com
t.news.newsobserver.com
www.facebook.com
twitter.com
instagram.com
www.youtube.com
www.votedraleighsbest.com
markets.financialcontent.com
games.newsobserver.com
placead.mcclatchy.com
www.accesousa.com
classifieds.mcclatchy.com
www.linkedin.com
www.pinterest.com
www.reddit.com
www.mcclatchyreprints.com
www.wintervillenc.com
www.witn.com
newsobserver.com
www.mcclatchy.com
privacy-central.securiti.ai

Subject Issuer	Validity	Valid
c.apple.news Apple Public Server RSA CA 12 - G1	`2022-02-10` - `2023-03-12`	a year	crt.sh
www.apple.com Apple Public EV Server RSA CA 2 - G1	`2022-04-19` - `2023-05-19`	a year	crt.sh
www.mcclatchydc.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-01` - `2022-12-14`	5 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-03` - `2022-10-01`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
trinitymedia.ai Sectigo RSA Domain Validation Secure Server CA	`2021-12-13` - `2022-12-15`	a year	crt.sh
adobedc.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
flowerstreatment.com R3	`2022-08-23` - `2022-11-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.zeustechnology.com Amazon	`2022-04-15` - `2023-05-14`	a year	crt.sh
edge.adobedc.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-18` - `2022-11-18`	a year	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-02-03` - `2023-03-07`	a year	crt.sh
vd.trinitymedia.ai Sectigo RSA Domain Validation Secure Server CA	`2021-12-13` - `2022-12-16`	a year	crt.sh
*.cdn.zephr.com Amazon	`2022-04-06` - `2023-05-04`	a year	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2022-08-22` - `2023-09-23`	a year	crt.sh
*.scroll.com R3	`2022-08-25` - `2022-11-23`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-05-04` - `2023-06-05`	a year	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
tag.wknd.ai R3	`2022-07-28` - `2022-10-26`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
www.everestjs.net DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.parsely.com Amazon	`2022-06-05` - `2023-07-04`	a year	crt.sh
*.ntv.io DigiCert SHA2 Secure Server CA	`2021-12-04` - `2022-12-06`	a year	crt.sh
*.privacymanager.io Amazon	`2022-08-26` - `2023-09-24`	a year	crt.sh
queue.amazonaws.com Amazon	`2022-08-19` - `2023-08-14`	a year	crt.sh
assets.bounceexchange.com GTS CA 1D4	`2022-08-07` - `2022-11-05`	3 months	crt.sh
scissorsstatement.com R3	`2022-08-23` - `2022-11-21`	3 months	crt.sh
www.i.matheranalytics.com Amazon	`2022-01-13` - `2023-02-11`	a year	crt.sh
*.cdnbasket.net Go Daddy Secure Certificate Authority - G2	`2021-09-27` - `2022-09-27`	a year	crt.sh
*.postrelease.com Amazon	`2022-02-17` - `2023-03-18`	a year	crt.sh
depart.trinitymedia.ai Sectigo RSA Domain Validation Secure Server CA	`2021-12-13` - `2022-12-28`	a year	crt.sh
ids.cdnwidget.com R3	`2022-08-05` - `2022-11-03`	3 months	crt.sh
*.wunderkind.co R3	`2022-08-13` - `2022-11-11`	3 months	crt.sh
e.cdnwidget.com R3	`2022-09-11` - `2022-12-10`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://www.newsobserver.com/news/local/article265792376.html
Frame ID: CA880456214FBAE9FAD9F3CE4CA21D1E
Requests: 138 HTTP requests in this frame

Frame: https://cds.connatix.com/p/184615/connatix.playspace.dc.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
Frame ID: 0AE83402A8B4F336134D722512CA10E4
Requests: 3 HTTP requests in this frame

Frame: blob://https://www.newsobserver.com/8cd249bd-f388-4b8c-bd69-29d915fd22f7
Frame ID: 0C652ACD7ACEB4B4374FCAA4B1270C7C
Requests: 1 HTTP requests in this frame

Frame: blob://https://www.newsobserver.com/a8fcca77-fd07-4903-9976-44add525b6cc
Frame ID: D0F2AC31AB5007AFC52BBF1FA7017C43
Requests: 3 HTTP requests in this frame

Frame: blob://https://www.newsobserver.com/af38e6bb-6a05-42cc-ae82-50a43263c689
Frame ID: 8153438FB20C669F5152C238241EB143
Requests: 3 HTTP requests in this frame

Frame: blob://https://www.newsobserver.com/6f24264d-5758-4217-aee5-0cec13728e91
Frame ID: FB53111BC48C60B5EF8E3F39094EE668
Requests: 3 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;600&display=swap
Frame ID: 6F569594B56C376DCEDF07564C9AB073
Requests: 2 HTTP requests in this frame

Frame: https://trinitymedia.ai/player/trinity-player.php?pageURL=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Flocal%2Farticle265792376.html&unitId=2900000552&userId=185ea88e-2a71-45d8-8190-2456bdf23e33&isLegacyBrowser=false&version=20220922_139f71f2dd9fc488416e0045a9aa1d66f91af207&useCFCDN=0&themeId=315
Frame ID: F980FAA4E827AC1C1D579D740D7E645C
Requests: 8 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame16.min.html
Frame ID: 0B449143174601C49935081D5BBDB702
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Black pastor robbery charges vacated, police withheld evidence | Raleigh News & ObserverClose navigation paneltwitteremailphoneVideo mediaVideo media

Page URL History Show full URLs

https://apple.news/PwA9f0YPMD6d-kRQnoIDfYI?articleList=ATb0A_RitQeOqvXyztUNA1g Page URL
https://www.newsobserver.com/news/local/article265792376.html Page URL

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

basket.js (JavaScript Libraries) Expand

Overall confidence: 10%
Detected patterns

basket.*\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

161
Requests

78 %
HTTPS

29 %
IPv6

36
Domains

52
Subdomains

47
IPs

5
Countries

7488 kB
Transfer

17287 kB
Size

14
Cookies

53 Outgoing links

These are links going to different origins than the main page.

URL: https://www.heraldsun.com/

Search URL Search Domain Scan URL

URL: https://account.newsobserver.com/auth0
Title: LOG IN

Search URL Search Domain Scan URL

URL: https://mycheckout.newsobserver.com/
Title: SUBSCRIBE

Search URL Search Domain Scan URL

URL: https://liveedition.newsobserver.com/#navlink=navbar
Title: Triangle Now

Search URL Search Domain Scan URL

URL: https://jobs.newsobserver.com/#navlink=navbar
Title: Jobs/Recruiting

Search URL Search Domain Scan URL

URL: https://www.legacy.com/us/obituaries/newsobserver/browse
Title: Obituaries

Search URL Search Domain Scan URL

URL: https://account.newsobserver.com/my-account/#navlink=subnav
Title: Account Management

Search URL Search Domain Scan URL

URL: https://newsobserver.newspapers.com/#navlink=subnav
Title: Archives

Search URL Search Domain Scan URL

URL: https://subscribe.newsobserver.com/beinformed
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://myaccount.newsobserver.com/ral_no/home#navlink=subnav
Title: Manage Print Subscription

Search URL Search Domain Scan URL

URL: https://go.mcclatchy.com/media-capabilities-https://go.mcclatchy.com/media-capabilities-raleigh/p/1/p/1#navlink=subnav
Title: Media Kit

Search URL Search Domain Scan URL

URL: http://t.news.newsobserver.com/webApp/mccSignupPage?siteName=newsobserver#navlink=subnav
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://www.facebook.com/newsandobserver/#navlink=subnav
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/newsobserver/#navlink=subnav
Title: Twitter

Search URL Search Domain Scan URL

URL: http://instagram.com/newsobserver/#navlink=subnav
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/TheNewsObserver#navlink=subnav
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.votedraleighsbest.com/
Title: Raleigh's Best

Search URL Search Domain Scan URL

URL: http://markets.financialcontent.com/mi.newsob/markets/#navlink=subnav
Title: Stocks Center

Search URL Search Domain Scan URL

URL: http://games.newsobserver.com/?arkpromo=site_subnav
Title: Games & Puzzles

Search URL Search Domain Scan URL

URL: https://www.legacy.com/obituaries/newsobserver/
Title: View Obituaries

Search URL Search Domain Scan URL

URL: https://placead.mcclatchy.com/obits/raleigh/home/listItems.html
Title: Place an Obituary

Search URL Search Domain Scan URL

URL: https://www.accesousa.com/
Title: Acceso USA

Search URL Search Domain Scan URL

URL: https://classifieds.mcclatchy.com/marketplace/raleigh/#navlink=subnav
Title: Classifieds

Search URL Search Domain Scan URL

URL: https://jobs.newsobserver.com/#navlink=subnav
Title: Jobs

Search URL Search Domain Scan URL

URL: https://classifieds.mcclatchy.com/marketplace/raleigh/category/Legals/Legals
Title: Legals

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Pastor+spent+8+years+in+prison+for+a+crime+he+didn%E2%80%99t+commit.+NC+finally+admits+mistake.&url=https://www.newsobserver.com/news/local/article265792376.html

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.newsobserver.com/news/local/article265792376.html

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.newsobserver.com/news/local/article265792376.html&title=Pastor%20spent%208%20years%20in%20prison%20for%20a%20crime%20he%20didn%E2%80%99t%20commit.%20NC%20finally%20admits%20mistake.

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https://www.newsobserver.com/news/local/article265792376.html&description=Pastor%20spent%208%20years%20in%20prison%20for%20a%20crime%20he%20didn%E2%80%99t%20commit.%20NC%20finally%20admits%20mistake.&media=https://www.newsobserver.com/wps/build/images/undefined/facebook.jpg

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https://www.newsobserver.com/news/local/article265792376.html

Search URL Search Domain Scan URL

URL: https://www.mcclatchyreprints.com/
Title: ORDER REPRINT →

Search URL Search Domain Scan URL

URL: https://www.wintervillenc.com/
Title: Winterville

Search URL Search Domain Scan URL

URL: https://www.witn.com/content/news/Town-names-a-day-in-honor-of-local-pastor-479100863.html
Title: WITN news

Search URL Search Domain Scan URL

URL: https://twitter.com/joshshaffer08
Title: twitter

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Photos%3A+Former+President+Trump+rallies+supporters+for+candidates+in+NC&url=https://www.newsobserver.com/news/politics-government/national-politics/article266235976.html

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.newsobserver.com/news/politics-government/national-politics/article266235976.html

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.newsobserver.com/news/politics-government/national-politics/article266235976.html&title=Photos:%20Former%20President%20Trump%20rallies%20supporters%20for%20candidates%20in%20NC

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https://www.newsobserver.com/news/politics-government/national-politics/article266235976.html&description=Photos:%20Former%20President%20Trump%20rallies%20supporters%20for%20candidates%20in%20NC&media=https://www.newsobserver.com/wps/build/images/undefined/facebook.jpg

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https://www.newsobserver.com/news/politics-government/national-politics/article266235976.html

Search URL Search Domain Scan URL

URL: https://mycheckout.newsobserver.com/subscribe?ofrgp_id=395&g2i_or_o=OnSite&g2i_or_p=CTA&cid=cta_dynamic-zone_3a_default-.99mo-2mo-15.99_202205
Title: CLAIM OFFER

Search URL Search Domain Scan URL

URL: https://newsobserver.com/mobile
Title: Raleigh News & Observer App

Search URL Search Domain Scan URL

URL: http://t.news.newsobserver.com/webApp/mccSignupPage?siteName=newsobserver
Title: View Newsletters

Search URL Search Domain Scan URL

URL: https://www.facebook.com/newsandobserver

Search URL Search Domain Scan URL

URL: https://twitter.com/newsobserver

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/newsobservertube

Search URL Search Domain Scan URL

URL: https://liveedition.newsobserver.com/#navlink=mi_footer
Title: Triangle Now

Search URL Search Domain Scan URL

URL: https://myaccount.newsobserver.com/ral_no/home#navlink=mi_footer
Title: Vacation Hold

Search URL Search Domain Scan URL

URL: https://www.mcclatchy.com/our-impact/markets/the-news-observer/#navlink=mi_footer
Title: About Us

Search URL Search Domain Scan URL

URL: http://t.news.newsobserver.com/webApp/mccSignupPage?siteName=newsobserver#navlink=mi_footer
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://classifieds.mcclatchy.com/marketplace/raleigh/category/Legals/Notices%202%20Creditors/#navlink=subnav
Title: Legal Notices

Search URL Search Domain Scan URL

URL: https://go.mcclatchy.com/media-capabilities-raleigh
Title: Advertise With Us

Search URL Search Domain Scan URL

URL: https://classifieds.mcclatchy.com/marketplace/raleigh/#navlink=mi_footer
Title: Place a Classified

Search URL Search Domain Scan URL

URL: https://privacy-central.securiti.ai/#/dsr-universal/0a979fab-900d-4113-aab0-e2bf786400ac
Title: Do Not Sell My Personal Information

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://apple.news/PwA9f0YPMD6d-kRQnoIDfYI?articleList=ATb0A_RitQeOqvXyztUNA1g Page URL
https://www.newsobserver.com/news/local/article265792376.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

https://cm.everesttech.net/cm/dd?d_uuid=45336054618440511212270410555952944623 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yy43gwAAAIksUANx

Request Chain 59

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDUzMzYwNTQ2MTg0NDA1MTEyMTIyNzA0MTA1NTU5NTI5NDQ2MjM= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NDUzMzYwNTQ2MTg0NDA1MTEyMTIyNzA0MTA1NTU5NTI5NDQ2MjM=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPPotRcdkF6T-tcfoGDF9VU&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 89

https://cd.connatix.com/connatix.playspace.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a HTTP 302
https://cds.connatix.com/p/184615/connatix.playspace.dc.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a

Request Chain 116

https://js.matheranalytics.com/s/ma12095/74930332/all/ml.js?cb=1605 HTTP 301
https://js.matheranalytics.com/static/ltm/ma12095/all/8/ml.br.js

161 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK PwA9f0YPMD6d-kRQnoIDfYI Show response
apple.news/ 8 KB
3 KB 1038ms
839ms Document
text/html 2a02:26f0:f700:290::3277
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://apple.news/PwA9f0YPMD6d-kRQnoIDfYI?articleList=ATb0A_RitQeOqvXyztUNA1g

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:f700:290::3277 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AppleHttpServer/0716b0c1a3a0f9c2fa220619c9901ea42a9aac04 /

Resource Hash

ae37cfc83ca4a628dddc0f42532c80fb7313eb84381d40b6379634d3c416a94b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: public, no-transform, max-age=300
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2437
Content-Type: text/html
Date: Fri, 23 Sep 2022 22:47:28 GMT
Server: AppleHttpServer/0716b0c1a3a0f9c2fa220619c9901ea42a9aac04
Strict-Transport-Security: max-age=31536000; includeSubDomains max-age=31536000
Vary: Accept-Encoding
X-B3-TraceId: f8352ec0e4e53ec8
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1

GET
H2 200 fonts
www.apple.com/wss/ 15 KB
2 KB 246ms
40ms Stylesheet
text/css 2a02:26f0:3500:584::1aca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1

Requested by

Host: apple.news
URL: https://apple.news/PwA9f0YPMD6d-kRQnoIDfYI?articleList=ATb0A_RitQeOqvXyztUNA1g

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:584::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apple /

Resource Hash

433ba35f0585ad9b09e08d422a99881fd47f621650587251e7f59555131d5ef9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: data: .akamaized.net .apple.com .apple-mapkit.com .cdn-apple.com .organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: .apple.com .apple-mapkit.com .cdn-apple.com .mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: .apple.com .apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' .apple.com
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apple.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
content-encoding: gzip
x-content-type-options: nosniff
x-cache: TCP_MEM_HIT from a23-36-160-136.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
vary: Accept-Encoding
content-length: 913
x-xss-protection: 1; mode=block
cteonnt-length: 15185
server: Apple
x-frame-options: SAMEORIGIN
date: Fri, 23 Sep 2022 22:47:29 GMT
strict-transport-security: max-age=31536000; includeSubdomains
content-type: text/css;charset=UTF-8
cache-control: max-age=1969
etag: 433ba35f0585ad9b09e08d422a99881fd47f621650587251e7f59555131d5ef9
expires: Fri, 23 Sep 2022 23:20:18 GMT

GET
H/1.1 200
OK index.css
apple.news/css/ 7 KB
3 KB 220ms
219ms Stylesheet
text/css 2a02:26f0:f700:290::3277
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://apple.news/css/index.css

Requested by

Host: apple.news
URL: https://apple.news/PwA9f0YPMD6d-kRQnoIDfYI?articleList=ATb0A_RitQeOqvXyztUNA1g

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:f700:290::3277 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AppleHttpServer/0716b0c1a3a0f9c2fa220619c9901ea42a9aac04 /

Resource Hash

dee7e43b051bd156b70a40ac0e5c532f372d0f2d71632b41e79ec1f517c3c112

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apple.news/PwA9f0YPMD6d-kRQnoIDfYI?articleList=ATb0A_RitQeOqvXyztUNA1g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-B3-TraceId: 5675af0b6d8966cc
Connection: keep-alive
Content-Length: 2100
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Sat, 17 Sep 2022 00:23:25 GMT
Server: AppleHttpServer/0716b0c1a3a0f9c2fa220619c9901ea42a9aac04
X-Frame-Options: DENY
Date: Fri, 23 Sep 2022 22:47:29 GMT
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=0, no-cache, no-store
Accept-Ranges: bytes
Expires: Fri, 23 Sep 2022 22:47:29 GMT

GET
H/1.1 200
OK Appicon_v6.png
apple.news/images/ 11 KB
12 KB 801ms
685ms Image
image/png 2a02:26f0:f700:290::3277
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apple.news/images/Appicon_v6.png

Requested by

Host: apple.news
URL: https://apple.news/PwA9f0YPMD6d-kRQnoIDfYI?articleList=ATb0A_RitQeOqvXyztUNA1g

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:f700:290::3277 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AppleHttpServer/0716b0c1a3a0f9c2fa220619c9901ea42a9aac04 /

Resource Hash

b29623f7b2ecfc69dc402ccfc1a0c73e1889ffdd4c13840a723fcc02bf550136

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apple.news/PwA9f0YPMD6d-kRQnoIDfYI?articleList=ATb0A_RitQeOqvXyztUNA1g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Sat, 17 Sep 2022 00:23:25 GMT
Server: AppleHttpServer/0716b0c1a3a0f9c2fa220619c9901ea42a9aac04
X-B3-TraceId: 53c166a87eb63841
Date: Fri, 23 Sep 2022 22:47:29 GMT
X-Frame-Options: DENY
Content-Type: image/png
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11329
X-XSS-Protection: 1; mode=block
Expires: Fri, 23 Sep 2022 22:47:29 GMT

GET
H2 200 sf-pro-display_heavy.woff2
www.apple.com/wss/fonts/SF-Pro-Display/v1/ 159 KB
160 KB 148ms
37ms Font
font/woff2 2a02:26f0:3500:584::1aca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.apple.com/wss/fonts/SF-Pro-Display/v1/sf-pro-display_heavy.woff2

Requested by

Host: www.apple.com
URL: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:584::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apple /

Resource Hash

abe1b56150adaf5a63a856eeb4f9e83fd5ab7f036d2a6bd608ae41f407bc3909

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: data: .akamaized.net .apple.com .apple-mapkit.com .cdn-apple.com .organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: .apple.com .apple-mapkit.com .cdn-apple.com .mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: .apple.com .apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' .apple.com
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Origin: https://apple.news
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
last-modified: Thu, 16 Jun 2022 22:54:44 GMT
server: Apple
date: Fri, 23 Sep 2022 22:47:29 GMT
x-frame-options: SAMEORIGIN
x-cache: TCP_HIT from a23-36-160-136.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=1655
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
content-length: 162416
x-xss-protection: 1; mode=block
expires: Fri, 23 Sep 2022 23:15:04 GMT

GET
H2 200 sf-pro-display_bold.woff2
www.apple.com/wss/fonts/SF-Pro-Display/v1/ 150 KB
151 KB 245ms
134ms Font
font/woff2 2a02:26f0:3500:584::1aca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.apple.com/wss/fonts/SF-Pro-Display/v1/sf-pro-display_bold.woff2

Requested by

Host: www.apple.com
URL: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:584::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apple /

Resource Hash

d373cdc98dd21157916f450a67b90653c4a5333eca71a4c0c2cba47c642ded25

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: data: .akamaized.net .apple.com .apple-mapkit.com .cdn-apple.com .organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: .apple.com .apple-mapkit.com .cdn-apple.com .mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: .apple.com .apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' .apple.com
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Origin: https://apple.news
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
last-modified: Thu, 16 Jun 2022 22:54:44 GMT
server: Apple
date: Fri, 23 Sep 2022 22:47:29 GMT
x-frame-options: SAMEORIGIN
x-cache: TCP_HIT from a23-36-160-136.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (A)
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=321
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
content-length: 153880
x-xss-protection: 1; mode=block
expires: Fri, 23 Sep 2022 22:52:50 GMT

GET
H2 200 sf-pro-display_regular.woff2
www.apple.com/wss/fonts/SF-Pro-Display/v1/ 138 KB
139 KB 193ms
82ms Font
font/woff2 2a02:26f0:3500:584::1aca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.apple.com/wss/fonts/SF-Pro-Display/v1/sf-pro-display_regular.woff2

Requested by

Host: www.apple.com
URL: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:584::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apple /

Resource Hash

1cd2500f652e5f7611dc8735b1455d572a7aa1ccede57d8e375ff88023cf9ccd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: data: .akamaized.net .apple.com .apple-mapkit.com .cdn-apple.com .organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: .apple.com .apple-mapkit.com .cdn-apple.com .mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: .apple.com .apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' .apple.com
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Origin: https://apple.news
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
last-modified: Thu, 16 Jun 2022 22:54:44 GMT
server: Apple
date: Fri, 23 Sep 2022 22:47:29 GMT
x-frame-options: SAMEORIGIN
x-cache: TCP_HIT from a23-36-160-136.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=896
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
content-length: 141324
x-xss-protection: 1; mode=block
expires: Fri, 23 Sep 2022 23:02:25 GMT

GET
H2 200 SFProIcons_semibold.woff
www.apple.com/wss/fonts/SF-Pro-Icons/v1/ 9 KB
9 KB 241ms
130ms Font
application/font-woff 2a02:26f0:3500:584::1aca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.apple.com/wss/fonts/SF-Pro-Icons/v1/SFProIcons_semibold.woff

Requested by

Host: www.apple.com
URL: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:584::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apple /

Resource Hash

41daac81421329b7091d3ea33d91959ee08135224c28f3dcb523341fa2e90393

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: data: .akamaized.net .apple.com .apple-mapkit.com .cdn-apple.com .organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: .apple.com .apple-mapkit.com .cdn-apple.com .mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: .apple.com .apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' .apple.com
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Origin: https://apple.news
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
last-modified: Thu, 16 Jun 2022 22:54:50 GMT
server: Apple
date: Fri, 23 Sep 2022 22:47:29 GMT
x-frame-options: SAMEORIGIN
x-cache: TCP_MEM_HIT from a23-36-160-136.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=2221
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
content-length: 8868
x-xss-protection: 1; mode=block
expires: Fri, 23 Sep 2022 23:24:30 GMT

GET
H2 200 SFProIcons_regular.woff
www.apple.com/wss/fonts/SF-Pro-Icons/v1/ 10 KB
11 KB 229ms
119ms Font
application/font-woff 2a02:26f0:3500:584::1aca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.apple.com/wss/fonts/SF-Pro-Icons/v1/SFProIcons_regular.woff

Requested by

Host: www.apple.com
URL: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:584::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apple /

Resource Hash

3b7d2b4c5417a697678081ed3b344955f0b25e694171178b0c01e029b4a18e8b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: data: .akamaized.net .apple.com .apple-mapkit.com .cdn-apple.com .organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: .apple.com .apple-mapkit.com .cdn-apple.com .mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: .apple.com .apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' .apple.com
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Origin: https://apple.news
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
last-modified: Thu, 16 Jun 2022 22:54:50 GMT
server: Apple
date: Fri, 23 Sep 2022 22:47:29 GMT
x-frame-options: SAMEORIGIN
x-cache: TCP_MEM_HIT from a23-36-160-136.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=1454
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
content-length: 10380
x-xss-protection: 1; mode=block
expires: Fri, 23 Sep 2022 23:11:43 GMT

GET
H2 200 sf-pro-text_semibold.woff2
www.apple.com/wss/fonts/SF-Pro-Text/v1/ 166 KB
167 KB 234ms
123ms Font
font/woff2 2a02:26f0:3500:584::1aca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.apple.com/wss/fonts/SF-Pro-Text/v1/sf-pro-text_semibold.woff2

Requested by

Host: www.apple.com
URL: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:584::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apple /

Resource Hash

970e676c52b275a819ab9170ec4427370cc6c7033aa2e6b0b9cb71b977b72542

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: data: .akamaized.net .apple.com .apple-mapkit.com .cdn-apple.com .organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: .apple.com .apple-mapkit.com .cdn-apple.com .mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: .apple.com .apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' .apple.com
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Origin: https://apple.news
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
last-modified: Thu, 16 Jun 2022 22:55:03 GMT
server: Apple
date: Fri, 23 Sep 2022 22:47:29 GMT
x-frame-options: SAMEORIGIN
x-cache: TCP_HIT from a23-36-160-136.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=632
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
content-length: 169880
x-xss-protection: 1; mode=block
expires: Fri, 23 Sep 2022 22:58:01 GMT

GET
H2 200 sf-pro-text_regular.woff2
www.apple.com/wss/fonts/SF-Pro-Text/v1/ 152 KB
153 KB 221ms
111ms Font
font/woff2 2a02:26f0:3500:584::1aca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.apple.com/wss/fonts/SF-Pro-Text/v1/sf-pro-text_regular.woff2

Requested by

Host: www.apple.com
URL: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:584::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apple /

Resource Hash

78f1a8f3787f77f7ab4fcbb12c87f5cd412556c04991cdadaacddcd9b5a3e68a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: data: .akamaized.net .apple.com .apple-mapkit.com .cdn-apple.com .organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: .apple.com .apple-mapkit.com .cdn-apple.com .mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: .apple.com .apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' .apple.com
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Origin: https://apple.news
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
last-modified: Thu, 16 Jun 2022 22:55:03 GMT
server: Apple
date: Fri, 23 Sep 2022 22:47:29 GMT
x-frame-options: SAMEORIGIN
x-cache: TCP_HIT from a23-36-160-136.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=3341
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
content-length: 155504
x-xss-protection: 1; mode=block
expires: Fri, 23 Sep 2022 23:43:10 GMT

GET
H2 200 Primary Request article265792376.html Show response
www.newsobserver.com/news/local/ 112 KB
23 KB 1240ms
1068ms Document
text/html 104.96.161.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/news/local/article265792376.html
Requested by: Host: apple.news
URL: https://apple.news/PwA9f0YPMD6d-kRQnoIDfYI?articleList=ATb0A_RitQeOqvXyztUNA1g
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.161.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-161-200.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 93ef77e02fd437e966b31913ffd474d27dd040ab300cc91919f54c83d85b34ed

Request headers

Referer: https://apple.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 22406
content-type: text/html;charset=utf-8
date: Fri, 23 Sep 2022 22:47:31 GMT
etag: W/"1be51-b16jhkC2xB7DDJBhiaNve8yu2sQ"
expires: Fri, 23 Sep 2022 22:47:31 GMT
mi-api: WPS
mi-cache: HIT
mi-cache-age: 791
pragma: no-cache
server: MI
surrogate-control: varnish=ESI/2.1
vary: Accept-Encoding
x-akamai-transformed: 9 114197 0 pmb=mTOE,2
x-meter: s
x-mi-in-market: 0
x-proxy-forwarding-type: WhiteList
x-varnish: 589387767, 978883370 961883380

GET
H2 200 newsobservercore.js Show response
www.newsobserver.com/onsozyb-li/ 213 KB
63 KB 55ms
51ms Script
application/javascript 104.96.161.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/onsozyb-li/newsobservercore.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/local/article265792376.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.161.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-161-200.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 259d08d606ef0556bb9d8f4d7a8363b29d3f3d2196bab48d9fa6141ea378d3d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/news/local/article265792376.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 22:47:31 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 45
content-length: 63907
last-modified: Thu, 22 Sep 2022 16:00:44 GMT
server: MI
etag: W/"3525d-5e94629ee0300"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 726489096 740005462
access-control-allow-origin: *
cache-control: max-age=29
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript
access-control-allow-headers: *

GET
H2 200 vendor.bundle-e8bf89b42a8198ff411c.js Show response
www.newsobserver.com/wps/build/webpack/ 99 KB
34 KB 126ms
122ms Script
application/javascript 104.96.161.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/build/webpack/vendor.bundle-e8bf89b42a8198ff411c.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/local/article265792376.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.161.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-161-200.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 798b67bb2ea3243fac61fc7df7e5585a5adc40887e278bdf62598ca5d7629903

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/news/local/article265792376.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 22:47:31 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 148431
content-length: 34371
last-modified: Thu, 08 Sep 2022 21:20:42 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"18ca4-1831ef9f810"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 528266552, 354481225 312527260
access-control-allow-origin: *
cache-control: max-age=155175
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 mi-header.bundle-f1cf6d91883037775ac3.js Show response
www.newsobserver.com/wps/build/webpack/ 9 KB
4 KB 126ms
122ms Script
application/javascript 104.96.161.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/build/webpack/mi-header.bundle-f1cf6d91883037775ac3.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/local/article265792376.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.161.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-161-200.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 13bdd60367cdfb1dabfa95acdca27b9317b84704608f95a83a4635d94c429eb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/news/local/article265792376.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 22:47:31 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 22415
content-length: 3275
last-modified: Tue, 20 Sep 2022 14:59:14 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"25a6-1835b6909d0"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 626532350, 867710820 832256641
access-control-allow-origin: *
cache-control: max-age=559360
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 134ms
49ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/local/article265792376.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a0107a6693b6ccde2883d4ad8f80a8a19a8278c5deb30f75f7dcd10292258e60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 23 Sep 2022 22:47:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 23 Sep 2022 22:47:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 23 Sep 2022 22:47:31 GMT

GET
H2 200 mi-styles.71794683c20a6d02214f.css
www.newsobserver.com/wps/build/webpack/css/ 207 KB
45 KB 113ms
110ms Stylesheet
text/css 104.96.161.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/build/webpack/css/mi-styles.71794683c20a6d02214f.css
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/local/article265792376.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.161.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-161-200.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 476bebd9e2c354e15fe184b3141be29368747d02a62d27c3f5207acaf0fd1ae0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/news/local/article265792376.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 22:47:31 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 160
content-length: 45253
last-modified: Thu, 08 Sep 2022 21:21:00 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"33cff-1831efa3e60"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 341813772, 318476218 306820181
access-control-allow-origin: *
cache-control: max-age=239588
access-control-allow-credentials: false
mi-cache: HIT
content-type: text/css;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 guid.js Show response
www.newsobserver.com/wps/source/scripts/libs/ 1 KB
965 B 125ms
122ms Script
application/javascript 104.96.161.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/source/scripts/libs/guid.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/local/article265792376.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.161.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-161-200.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ac53400c04ca28a29467c3b6cf8f0be2f9d4333a518574fba32cc239195117db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/news/local/article265792376.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 22:47:31 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 24740
content-length: 547
last-modified: Thu, 08 Sep 2022 21:17:26 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"505-1831ef6fa70"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 523219332, 84973294 67928100
access-control-allow-origin: *
cache-control: max-age=188982
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 118ms
38ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/local/article265792376.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

76f6a676250edeec130b5fb1470e9094934d1c93db7cb09c3065dba53990f88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: xPz0Jar6+tTFlg9FA6f6QQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: VMe5ObY/DSPPST4aZ0TwX6r10Pi6Gu+3W0V0vnBWDPxvrJq+p6VbTtCPD26gV6brqXhoTyNFUMlUJsMTOk6mEg==
x-fb-trip-id: 917726464
x-fb-content-md5: 7999afd41c844bc7393996b4ee070d6d
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 23 Sep 2022 22:47:31 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "57fba42538c98498387017d9d8d4ec70"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 23 Sep 2022 23:01:32 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
966 B 200ms
74ms Script
text/javascript 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/local/article265792376.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7d67f38229c8dac8429af4c162d42073e4abd4337a86ec54a18d3ad7e010b2a8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 22:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 553
x-xss-protection: 1; mode=block
expires: Fri, 23 Sep 2022 22:47:31 GMT

GET
H2 200 2a66218b Show response
www.newsobserver.com/akam/13/ 26 KB
9 KB 62ms
60ms Script
application/javascript 104.96.161.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/akam/13/2a66218b
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/local/article265792376.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.161.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-161-200.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e90e1c97d0b18a8e4f6bc41e09e7be70a8b1cbc6761fac9d4a4595ffd8145944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/news/local/article265792376.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 22:47:31 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 15:13:28 GMT
etag: "614329a801bd6b07a5551ca3feb020d01bc48c5491b1eca9ae250e79987ed1ae"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 8764
expires: Fri, 23 Sep 2022 22:47:31 GMT

GET
H2 200 mastheadPage.bundle-221dc7a48ee40a004b1f.js Show response
www.newsobserver.com/wps/build/webpack/ 131 KB
44 KB 125ms
122ms Script
application/javascript 104.96.161.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/build/webpack/mastheadPage.bundle-221dc7a48ee40a004b1f.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/local/article265792376.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.161.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-161-200.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: c3d6b7f5fa1571ddb84301131280475cfa149e7c91e7c133f50c3845799bddb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/news/local/article265792376.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 22:47:31 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 195
content-length: 44152
last-modified: Thu, 08 Sep 2022 21:20:45 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"20d0b-1831efa03c8"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 342923101, 1070849115 1067015954
access-control-allow-origin: *
cache-control: max-age=240285
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 / Show response
trinitymedia.ai/player/trinity/2900000552/ 7 KB
3 KB 461ms
147ms Script
application/javascript 3.213.88.240
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trinitymedia.ai/player/trinity/2900000552/?pageURL=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Flocal%2Farticle265792376.html
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/local/article265792376.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.88.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-88-240.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 67d2d4a5546832ee5779868efd54f1f98ae40acc68d91a1340db67860e7feba1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 22:47:31 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store
content-length: 2493

GET
H2 200 mi-footer.bundle-9e59a31b822d120051b7.js Show response
www.newsobserver.com/wps/build/webpack/ 8 KB
3 KB 128ms
125ms Script
application/javascript 104.96.161.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/build/webpack/mi-footer.bundle-9e59a31b822d120051b7.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/local/article265792376.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.161.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-161-200.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 764df958623e81ae49b597536c4f788d01b6d7d5b6fa5933868a4fd691e379df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/news/local/article265792376.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 22:47:31 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 47255
content-length: 2925
last-modified: Thu, 08 Sep 2022 21:20:42 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"2137-1831ef9f810"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 509274921, 341648053 313989285
access-control-allow-origin: *
cache-control: max-age=480358
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 vue.bundle-eeca3ceab7d82993245e.js Show response
www.newsobserver.com/wps/build/webpack/ 107 KB
38 KB 134ms
131ms Script
application/javascript 104.96.161.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/build/webpack/vue.bundle-eeca3ceab7d82993245e.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/local/article265792376.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.161.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-161-200.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: bccdaeff95efbd6865f096373aed67124dbb2546b36310525ecc973f87590907

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/news/local/article265792376.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 22:47:31 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 292729
content-length: 38877
last-modified: Thu, 08 Sep 2022 21:21:22 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"1ad49-1831efa9450"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 306342843, 358100426 1069251425
access-control-allow-origin: *
cache-control: max-age=583726
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 videojs.bundle-224da68dbb9f131835ea.js Show response
www.newsobserver.com/wps/build/webpack/ 575 KB
152 KB 136ms
134ms Script
application/javascript 104.96.161.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/build/webpack/videojs.bundle-224da68dbb9f131835ea.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/local/article265792376.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.161.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-161-200.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 8dc09a3a94b83a88c6010dbb5dee0fd14feceda2f8a8cf1642bd11aba151f990

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/news/local/article265792376.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 22:47:31 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 132
content-length: 154949
last-modified: Thu, 08 Sep 2022 21:21:22 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"8fd16-1831efa9450"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 310152836, 315301398 315662212
access-control-allow-origin: *
cache-control: max-age=238473
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 videoStory.bundle-c4c80ed7dc0bfec2439e.js Show response
www.newsobserver.com/wps/build/webpack/ 177 KB
54 KB 139ms
137ms Script
application/javascript 104.96.161.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-c4c80ed7dc0bfec2439e.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/local/article265792376.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.161.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-161-200.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: d802ce053a4f5c9d6459f819c842094a1dd40c7741b9e89499adcf7b5bfe55b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/news/local/article265792376.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 22:47:31 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 98
content-length: 54293
last-modified: Thu, 08 Sep 2022 21:21:22 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"2c369-1831efa9450"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 307091144, 1070094676 3551987
access-control-allow-origin: *
cache-control: max-age=238454
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 galleryStoryPage.bundle-a3f90af262303f33cc41.js Show response
www.newsobserver.com/wps/build/webpack/ 22 KB
7 KB 144ms
142ms Script
application/javascript 104.96.161.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/build/webpack/galleryStoryPage.bundle-a3f90af262303f33cc41.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/local/article265792376.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.161.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-161-200.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 8622e952a1692b913a7b4205563a0090479a008472611cb1000bf67272bb490b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/news/local/article265792376.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 22:47:31 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 292729
content-length: 6800
last-modified: Thu, 08 Sep 2022 21:21:22 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"5670-1831efa9450"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 309597116, 258834751 1036508176
access-control-allow-origin: *
cache-control: max-age=237939
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 footer.bundle-1f06f5f8ac3bfe589066.js Show response
www.newsobserver.com/wps/build/webpack/ 10 KB
3 KB 146ms
144ms Script
application/javascript 104.96.161.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/build/webpack/footer.bundle-1f06f5f8ac3bfe589066.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/local/article265792376.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.161.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-161-200.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 962633a9b2b7df607d091396cbe096cef615f8bd36ea627151254a5743c4e0c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/news/local/article265792376.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 22:47:31 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 99160
content-length: 2570
last-modified: Thu, 08 Sep 2022 21:20:42 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"284c-1831ef9f810"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 483933752, 278950234 248840552
access-control-allow-origin: *
cache-control: max-age=473201
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
BLOB 200
OK 3c28379e-19ba-430a-a557-ef1ac8d571d1 Show response
https://www.newsobserver.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/3c28379e-19ba-430a-a557-ef1ac8d571d1
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/onsozyb-li/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a027fcaf113da886af6e2d47ff998187a62a89a76ef0b44ddc14b33236db6e9a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK e812c03f-95b8-45dc-85d5-4ed8b856a5a5 Show response
https://www.newsobserver.com/ 268 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/e812c03f-95b8-45dc-85d5-4ed8b856a5a5
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/onsozyb-li/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2be366cbbe6eafde9ce18172b6d97fc57dca71a3040bff1f3160f2e1ed557ffb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 268
Content-Type: text/javascript

POST
H2 200 acquire Show response
adobedc.demdex.net/ee/v1/identity/ 3 KB
2 KB 195ms
75ms Fetch
application/json 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://adobedc.demdex.net/ee/v1/identity/acquire?configId=462177a8-1012-4e47-aee6-a4f6f3154a6b&requestId=b398ea99-7b1f-48ed-8fa9-1fdaa2905691

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/onsozyb-li/newsobservercore.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

f967dce6da34a6b1fb10b95b8fe8b9d5d328e53c01caa49055cb1a290311acde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newsobserver.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Fri, 23 Sep 2022 22:47:30 GMT
content-encoding: deflate
x-content-type-options: nosniff
x-rate-limit-remaining: 599
x-adobe-edge: IRL1;6
vary: Origin
x-xss-protection: 1; mode=block
x-request-id: b398ea99-7b1f-48ed-8fa9-1fdaa2905691
server: jag
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
x-konductor: 22.9.37:fc1cc715

GET
H2 200 v2lqwcGNtbZcnoCw0vMa0Addz7MRoJ7ADWPuZlhvzzozF1IDD97kKhDk Show response
flowerstreatment.com/ 92 KB
28 KB 331ms
190ms Script
text/javascript 2600:1901:0:7e2f::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://flowerstreatment.com/v2lqwcGNtbZcnoCw0vMa0Addz7MRoJ7ADWPuZlhvzzozF1IDD97kKhDk

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/local/article265792376.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:7e2f::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

b8719dc738709e53b4ea7ef71a324cd8512d5e9bc2eeafb0b71ea41ae9e35a94

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "52fbacbbb08f5f69932f86617fe22e3837c0881b65d6295a7de344ab22098254"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-spot-7ghk
content-type: text/javascript; charset=utf-8
via: 1.1 google
cache-control: private, must-revalidate, max-age=21600
date: Fri, 23 Sep 2022 22:47:31 GMT
x-buildnumber: 632800667
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 detail.3f7ba89fd9aa666b0b1c.js Show response
www.newsobserver.com/onsozyb-li/ 4 KB
2 KB 57ms
55ms Script
application/javascript 104.96.161.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/onsozyb-li/detail.3f7ba89fd9aa666b0b1c.js
Requested by: Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/3c28379e-19ba-430a-a557-ef1ac8d571d1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.161.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-161-200.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 50a146ed6d98f99dcfdf3feb1d687194939a89106d9caf83145e511bed18ee29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/news/local/article265792376.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 22:47:31 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 779
content-length: 1331
last-modified: Thu, 22 Sep 2022 16:00:41 GMT
server: MI
etag: W/"f8f-5e94629c03c40"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 739673666 732533734
access-control-allow-origin: *
cache-control: max-age=495271
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript
access-control-allow-headers: *

GET
H2 200 netdale.f4e229e203ded8028a5e.js Show response
www.newsobserver.com/onsozyb-li/ 80 KB
22 KB 62ms
61ms Script
application/javascript 104.96.161.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/onsozyb-li/netdale.f4e229e203ded8028a5e.js
Requested by: Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/e812c03f-95b8-45dc-85d5-4ed8b856a5a5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.161.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-161-200.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: cff6056084b7aaafc0fb38f90298fb4d5fbc4790061e158f8300d9b995eff518

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/news/local/article265792376.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 22:47:31 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 168
content-length: 22230
last-modified: Thu, 22 Sep 2022 16:00:41 GMT
server: MI
etag: W/"14008-5e94629c03c40"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 745868670, 640589413 637347275
access-control-allow-origin: *
cache-control: max-age=494488
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript
access-control-allow-headers: *

GET
H2 200 identityModulev3.min.js Show response
www.newsobserver.com/wps/source/scripts/libs/ 35 KB
11 KB 53ms
50ms XHR
application/javascript 104.96.161.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/source/scripts/libs/identityModulev3.min.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/onsozyb-li/newsobservercore.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.161.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-161-200.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 2969aa16b763893fa2f600de842a23475f8c0f1d58ebbed3c4f7f1a63edbc0b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/news/local/article265792376.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 22:47:31 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 330434
content-length: 11142
last-modified: Thu, 08 Sep 2022 21:17:26 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"8dbb-1831ef6fa70"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 530153917, 460856803 325353835
access-control-allow-origin: *
cache-control: max-age=337204
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript;charset=UTF-8
access-control-allow-headers: *

GET
H2 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v27/ 12 KB
13 KB 162ms
77ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.newsobserver.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 20:52:35 GMT
x-content-type-options: nosniff
age: 352496
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12684
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:28:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 20:52:35 GMT

GET
H2 200 ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2
fonts.gstatic.com/s/notoserif/v21/ 23 KB
24 KB 178ms
97ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v21/ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25475d82cc976fb2c71b15b3e416c22bf636dd247bbb268d312e7c076ec5b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.newsobserver.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 17:21:07 GMT
x-content-type-options: nosniff
age: 365184
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23948
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:47:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 17:21:07 GMT

GET
H2 200 logo.svg
www.newsobserver.com/wps/build/images/newsobserver/ 4 KB
2 KB 56ms
56ms Image
image/svg+xml 104.96.161.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/wps/build/images/newsobserver/logo.svg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/local/article265792376.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.161.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-161-200.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 3081cd5942a29f59f16b662f9487cdb95dc4473722804097a0d697bd72fb1693

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/news/local/article265792376.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 22:47:31 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 101365
content-length: 1605
last-modified: Tue, 20 Sep 2022 14:59:15 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"10fe-1835b690db8"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 566312542, 743481666 625656895
access-control-allow-origin: *
cache-control: max-age=594348
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/svg+xml;charset=ISO-8859-1
access-control-allow-headers: *

GET
H2 200 logo-tab.svg
www.heraldsun.com/wps/build/images/heraldsun/ 7 KB
4 KB 253ms
50ms Image
image/svg+xml 104.96.161.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldsun.com/wps/build/images/heraldsun/logo-tab.svg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/local/article265792376.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.161.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-161-200.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 8b4bf46a7ee17fa868ac3a6ed47a74783271577c926748bcdbe6327921fca200

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 22:47:31 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 325695
content-length: 3240
last-modified: Thu, 08 Sep 2022 21:20:42 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"1c45-1831ef9f810"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 317818546, 279426619 1069323914
access-control-allow-origin: *
cache-control: max-age=74201
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/svg+xml;charset=ISO-8859-1
access-control-allow-headers: *

GET
H2 200 wxicons-blk-1.svg
www.newsobserver.com/wps/source/images/widgets/weather/wxicons-blk/ 1 KB
788 B 51ms
50ms Image
image/svg+xml 104.96.161.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/wps/source/images/widgets/weather/wxicons-blk/wxicons-blk-1.svg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/local/article265792376.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.161.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-161-200.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: aa3345ec043f528c91a23a7dd57d53162321028618998eacc882214fada763d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/news/local/article265792376.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 22:47:31 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 283276
content-length: 368
last-modified: Thu, 08 Sep 2022 21:17:26 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"411-1831ef6fa70"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 335265866, 371237537 17767359
access-control-allow-origin: *
cache-control: max-age=564425
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/svg+xml;charset=ISO-8859-1
access-control-allow-headers: *

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v27/ 13 KB
13 KB 99ms
86ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.newsobserver.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 21:23:03 GMT
x-content-type-options: nosniff
age: 177868
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12860
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:27:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Sep 2023 21:23:03 GMT

GET
H2 200 ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2
fonts.gstatic.com/s/notoserif/v21/ 27 KB
27 KB 51ms
38ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v21/ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0a9ce1553fa74dad4d8cf55b7df7d012a3acdec01cd39d682fce0e5b52e99f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.newsobserver.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:20:47 GMT
x-content-type-options: nosniff
age: 347204
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27456
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:10:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 22:20:47 GMT

GET
H2 200 fontawesome-webfont.woff2
www.newsobserver.com/wps/source/sass/main/fonts/font-awesome/fonts/ 55 KB
56 KB 433ms
432ms Font
font/woff2 104.96.161.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/source/sass/main/fonts/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/css/mi-styles.71794683c20a6d02214f.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.161.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-161-200.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 41dd3e48dbef1ddbc59957d4e99ef7662c1702dd8b55d0900b02150f87af354a

Request headers

Referer: https://www.newsobserver.com/wps/build/webpack/css/mi-styles.71794683c20a6d02214f.css
Origin: https://www.newsobserver.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 22:47:31 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 67
content-length: 56780
last-modified: Tue, 20 Sep 2022 14:55:43 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: W/"ddcc-1835b65d198"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 565177619, 810487227 802038845
access-control-allow-origin: *
cache-control: max-age=180
access-control-allow-credentials: false
mi-cache: HIT
content-type: font/woff2;charset=ISO-8859-1
access-control-allow-headers: *

GET
H2 200 Camron1.png
www.newsobserver.com/latest-news/weexnz/picture265792031/alternates/LANDSCAPE_1140/ 1 MB
1 MB 436ms
436ms Image
image/png 104.96.161.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/weexnz/picture265792031/alternates/LANDSCAPE_1140/Camron1.png
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/local/article265792376.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.161.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-161-200.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 2dd858caa2ce558214589f74f1a1e62051ef22eabe1665a905f5c099bfab0e00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/news/local/article265792376.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 22:47:31 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 272271
content-length: 1491295
last-modified: Thu, 15 Sep 2022 15:58:48 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: "1eb6080d42848f33974d8d500e94d744"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 270411030, 963522296 525015726
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/png
access-control-allow-headers: *

GET
BLOB 200
OK 8cc560b5-a2de-4d27-b617-c99b54f019f6 Show response
https://www.newsobserver.com/ 268 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/8cc560b5-a2de-4d27-b617-c99b54f019f6
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/onsozyb-li/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0705237fcc2d88e9517df8381c0c06f8ac153e414150661b32192ba17ef4812c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 268
Content-Type: text/javascript

GET
H2 200 main.js Show response
mcclatchy-newsobserver.zeustechnology.com/ 234 KB
53 KB 164ms
45ms Script
application/javascript 52.222.236.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mcclatchy-newsobserver.zeustechnology.com/main.js
Requested by: Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/8cc560b5-a2de-4d27-b617-c99b54f019f6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-104.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fdf57c2d9d28c3696859df849dd089011b77dfff2bfdb86087441c5f64020d6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: A04duHnlppHZZcqyhJvzI.VyM0NwXglG
content-encoding: br
last-modified: Wed, 15 Jun 2022 19:54:28 GMT
server: AmazonS3
age: 3386
etag: W/"0e05ef10e2bddd43213b3f275cc83230"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
cache-control: max-age=600,s-maxage=3600
date: Fri, 23 Sep 2022 21:52:07 GMT
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: N9qFdy7-bOKyi-yK0tG9mym9575H9WmA-YoVrIWNUhGBwLwK_KGbsA==

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 313 KB
85 KB 79ms
38ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=4fce8475e0db7f7083f718611f847ef2

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f739348085fcea8409d3f4405c68d59062bc180de802cc7b3fdbf6f3f0a9a4fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.newsobserver.com/
Origin: https://www.newsobserver.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: KsaU4pZcmJUEwJWMxmsLRw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 87334
x-fb-rlafr: 0
x-fb-debug: zCm/MtFyqCQFo5JNqHm23BNdut0V+t9pDQTwrBNdHcyYdlge797vZUEZtKVyc9rQrIjyHkr4lYqEWnBpPJ8dhQ==
x-fb-content-md5: 16a1e421ff4f24f37a3e962792208af1
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 23 Sep 2022 22:47:31 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "c72c54fd4d648c9bdae70fb53a78c584"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 23 Sep 2023 22:38:12 GMT

GET
BLOB 200
OK 0b3d584f-1822-4435-aaac-f6a5fdb0e459 Show response
https://www.newsobserver.com/ 234 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/0b3d584f-1822-4435-aaac-f6a5fdb0e459
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/onsozyb-li/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: efe3fd5efc826195f921af10f830408f1752f7ee1a357da1ebd4e79ea313c853

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 234
Content-Type: [object object]

GET
BLOB 200
OK 9399972d-7623-4cec-889a-bb37fb2742ee Show response
https://www.newsobserver.com/ 311 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/9399972d-7623-4cec-889a-bb37fb2742ee
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/onsozyb-li/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c4ccc2fec1635866e832caed37784a724460917c2e147e66368ad162575fa9d7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 311
Content-Type: [object object]

GET
BLOB 200
OK d7fd8915-0ab2-4ffc-88a4-16a3ed646eb7 Show response
https://www.newsobserver.com/ 362 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/d7fd8915-0ab2-4ffc-88a4-16a3ed646eb7
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/onsozyb-li/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d89fcffc0f013b852144e04aa7a737bb546d07b34e548d8a4921ab04df726082

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 362
Content-Type: [object object]

GET
BLOB 200
OK 9984698b-a3d5-4f7f-8716-7bded43822a9 Show response
https://www.newsobserver.com/ 323 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/9984698b-a3d5-4f7f-8716-7bded43822a9
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/onsozyb-li/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 949b0b9bf6768359f6f85d4b5c112de352e47a7f476f0f47c1574a1e26f3f8e7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 323
Content-Type: [object object]

GET
BLOB 200
OK 9d892810-95c1-41da-a485-a023fb867fd8 Show response
https://www.newsobserver.com/ 313 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/9d892810-95c1-41da-a485-a023fb867fd8
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/onsozyb-li/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 830cac2a8908afc16e114cd8393040e1cf11977a968af0c0dd052d592868ea16

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 313
Content-Type: [object object]

GET
BLOB 200
OK f18846c1-05f7-4342-acf3-2de420628737 Show response
https://www.newsobserver.com/ 290 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/f18846c1-05f7-4342-acf3-2de420628737
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/onsozyb-li/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60c67b61c036e739d02f7ede3743012003c6bf06788c9fba601b65983c0a0ab3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 290
Content-Type: [object object]

GET
BLOB 200
OK 0632be5f-46a2-44e4-bbe6-2fc8ac4af147 Show response
https://www.newsobserver.com/ 299 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/0632be5f-46a2-44e4-bbe6-2fc8ac4af147
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/onsozyb-li/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a6a1024807e3504d93d0fc26e07281450105e97e36169a178243b9856dad356

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 299
Content-Type: [object object]

GET
BLOB 200
OK 5a747ded-3cd9-4562-9853-f5bf99cd944e Show response
https://www.newsobserver.com/ 359 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/5a747ded-3cd9-4562-9853-f5bf99cd944e
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/onsozyb-li/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 650587719d00d216eff81b7a8feade391863ace124e282d62018b1df5fd75f92

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 359
Content-Type: [object object]

GET
BLOB 200
OK 518ef502-4921-4c89-b7b5-2ca47716a768 Show response
https://www.newsobserver.com/ 313 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/518ef502-4921-4c89-b7b5-2ca47716a768
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/onsozyb-li/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: becd124e0894570d928778df3677413aa7c44cb86e63e4592ccb117d3f2a5b21

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 313
Content-Type: [object object]

GET
BLOB 200
OK 40f6ee47-5ee3-42ed-9976-1fa44f97f5b8 Show response
https://www.newsobserver.com/ 325 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/40f6ee47-5ee3-42ed-9976-1fa44f97f5b8
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/onsozyb-li/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 359ca6d9de759ae6cc10299b0952d454830da1b9f1109146dc4626685b898258

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 325
Content-Type: [object object]

POST
H2 200 interact Show response
edge.adobedc.net/ee/v1/ 2 KB
1 KB 220ms
103ms Fetch
application/json 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://edge.adobedc.net/ee/v1/interact?configId=462177a8-1012-4e47-aee6-a4f6f3154a6b&requestId=34dd2c9f-b736-4843-bbc7-b9677de41a43

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/onsozyb-li/newsobservercore.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

24ace0f221ba7849b0052ff1d3a77be24abfbe65f3ab532b852c295758ee872f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newsobserver.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Fri, 23 Sep 2022 22:47:31 GMT
content-encoding: deflate
x-content-type-options: nosniff
x-rate-limit-remaining: 599
x-adobe-edge: IRL1;6
vary: Origin
x-xss-protection: 1; mode=block
x-request-id: 34dd2c9f-b736-4843-bbc7-b9677de41a43
server: jag
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
x-konductor: 22.9.37:fc1cc715

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Yy43gwAAAIksUANx
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=45336054618440511212270410555952944623
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yy43gwAAAIksUANx

42 B
942 B

228ms
57ms

Image
image/gif

52.30.247.235
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yy43gwAAAIksUANx

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/local/article265792376.html

Protocol

HTTP/1.1

Server

52.30.247.235 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-247-235.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v042-0f4e36f9e.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 5tWuRiFoTw8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yy43gwAAAIksUANx
Date: Fri, 23 Sep 2022 22:47:31 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEPPotRcdkF6T-tcfoGDF9VU&google_cver=1
dpm.demdex.net/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDUzMzYwNTQ2MTg0NDA1MTEyMTIyNzA0MTA1NTU5NTI5NDQ2MjM=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NDUzMzYwNTQ2MTg0NDA1MTEyMTIyNzA0MTA1NTU5NTI5NDQ2MjM=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPPotRcdkF6T-tcfoGDF9VU&google_cver=1?gdpr=0&gdpr_consent=

42 B
942 B

88ms
56ms

Image
image/gif

52.30.247.235
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPPotRcdkF6T-tcfoGDF9VU&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/local/article265792376.html

Protocol

HTTP/1.1

Server

52.30.247.235 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-247-235.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v042-0897a31f8.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: fK4HWW8LQsA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 22:47:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPPotRcdkF6T-tcfoGDF9VU&google_cver=1?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 503 5w3jqr4k
sync-tm.everesttech.net/upi/pid/ 0
177 B 124ms
36ms Image
text/plain 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/local/article265792376.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 22:47:31 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1663973252.605204,VS0,VE0
x-cache: MISS
cache-control: no-cache
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-hhn4060-HHN

GET
H2 503 btu4jd3a
sync-tm.everesttech.net/upi/pid/ 0
59 B 125ms
38ms Image
text/plain 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/local/article265792376.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 22:47:31 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1663973252.605528,VS0,VE0
x-cache: MISS
cache-control: no-cache
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-hhn4060-HHN

GET
H2 503 ZMAwryCI
sync-tm.everesttech.net/upi/pid/ 0
59 B 125ms
37ms Image
text/plain 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/local/article265792376.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 22:47:31 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1663973252.605489,VS0,VE0
x-cache: MISS
cache-control: no-cache
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-hhn4060-HHN

GET
H2 503 UH6TUt9n
sync-tm.everesttech.net/upi/pid/ 0
59 B 125ms
38ms Image
text/plain 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/local/article265792376.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 22:47:31 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1663973252.605481,VS0,VE0
x-cache: MISS
cache-control: no-cache
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-hhn4060-HHN

GET
H2 503 ny75r2x0
sync-tm.everesttech.net/upi/pid/ 0
60 B 124ms
37ms Image
text/plain 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/local/article265792376.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 22:47:31 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1663973252.605460,VS0,VE0
x-cache: MISS
cache-control: no-cache
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-hhn4060-HHN

GET
H2 503 b9pj45k4
sync-tm.everesttech.net/upi/pid/ 0
59 B 125ms
39ms Image
text/plain 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/local/article265792376.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 22:47:31 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1663973252.605458,VS0,VE0
x-cache: MISS
cache-control: no-cache
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-hhn4060-HHN

GET
H2 503 h0r58thg
sync-tm.everesttech.net/upi/pid/ 0
59 B 38ms
37ms Image
text/plain 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/local/article265792376.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 22:47:31 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1663973252.646240,VS0,VE0
x-cache: MISS
cache-control: no-cache
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-hhn4060-HHN

GET
H2 503 r7ifn0SL
sync-tm.everesttech.net/upi/pid/ 0
59 B 38ms
37ms Image
text/plain 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/local/article265792376.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 22:47:31 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1663973252.646321,VS0,VE0
x-cache: MISS
cache-control: no-cache
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-hhn4060-HHN

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/ 391 KB
157 KB 177ms
52ms Script
text/javascript 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ad74b30972057e9efc8dd2c5d013ed97938050ceab38f1209780d584bcd6fb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
Origin: https://www.newsobserver.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 21:43:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 349430
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 159555
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Sep 2023 21:43:41 GMT

GET
H2 200 trinity-injector-script.js Show response
vd.trinitymedia.ai/trinity-player/tts-player/20220922_139f71f2dd9fc488416e0045a9aa1d66f91af207/ 638 KB
92 KB 373ms
59ms Script
application/javascript 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20220922_139f71f2dd9fc488416e0045a9aa1d66f91af207/trinity-injector-script.js
Requested by: Host: trinitymedia.ai
URL: https://trinitymedia.ai/player/trinity/2900000552/?pageURL=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Flocal%2Farticle265792376.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: AmazonS3 /
Resource Hash: 766ffb6b4aa381947d1e9f729c4f749c20055b396a5d59610bf9b9a08c615680

Request headers

Referer: https://www.newsobserver.com/
Origin: https://www.newsobserver.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 22:47:31 GMT
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 08:26:39 GMT
server: AmazonS3
x-amz-request-id: F2FTHT5H8AE431XV
etag: "b22523cd9c99e7c8b8da6a33aee674b2"
x-hw: 1663973251.dop220.fr8.t,1663973251.cds216.fr8.hn,1663973251.cds003.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 93730
x-amz-id-2: PoWYcFFmAvIZjLw9vS1P290tIbFlZkW6KfvDPzdRns2aJBQTOKDpHWiwfJzLGne/TrG6eBjubIw=

GET
H2 200 Camron2.png
www.newsobserver.com/latest-news/gyo840/picture265792146/alternates/FREE_1140/ 1 MB
0 431ms
430ms Image
image/png 104.96.161.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/gyo840/picture265792146/alternates/FREE_1140/Camron2.png
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/local/article265792376.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.161.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-161-200.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/news/local/article265792376.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 22:47:31 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 289251
content-length: 2679747
last-modified: Thu, 15 Sep 2022 10:44:28 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: "e3a271ea5d9c6d80e2ad8cc22880e620"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 393579781, 911314447 453641374
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/png
access-control-allow-headers: *

GET
H2 200 Camron3.png
www.newsobserver.com/latest-news/82blze/picture265792096/alternates/FREE_1140/ 1 MB
0 470ms
469ms Image
image/png 104.96.161.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/82blze/picture265792096/alternates/FREE_1140/Camron3.png
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/local/article265792376.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.161.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-161-200.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/news/local/article265792376.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 22:47:31 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 272271
content-length: 2498291
last-modified: Thu, 15 Sep 2022 10:45:40 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: "fdcdb7cfaa2c60d09e650c17b9d1744e"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 400333892, 915276317 459193894
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/png
access-control-allow-headers: *

GET
H2 200 Camron1.png
www.newsobserver.com/latest-news/weexnz/picture265792031/alternates/FREE_1140/ 3 MB
3 MB 61ms
60ms Image
image/png 104.96.161.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/weexnz/picture265792031/alternates/FREE_1140/Camron1.png
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/local/article265792376.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.161.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-161-200.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 4537bdc6968656bd84afaf5420475fedafc5195b99c5ef392ad21474a4827652

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/news/local/article265792376.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 22:47:31 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 26390
content-length: 2765880
last-modified: Thu, 15 Sep 2022 15:58:48 GMT
server: MI
x-proxy-forwarding-type: BlackList
etag: "38b35b2366a176f287731f592ac84d46"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 396397040 370530469
access-control-allow-origin: *
cache-control: max-age=322519
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/png
access-control-allow-headers: *

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 378 KB
127 KB 232ms
94ms Script
text/javascript 2a00:1450:400d:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/videoStory.bundle-c4c80ed7dc0bfec2439e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5b318376c54a718bcb2422a99b9a38435b3021e0871d7a0c1c4ad6a9f017b3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 22:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128888
x-xss-protection: 0
expires: Fri, 23 Sep 2022 22:47:31 GMT

OPTIONS
H2 200 decision-engine
mcclatchy-newsobserver.cdn.zephr.com/zephr/ Frame 0
0 462ms
349ms Preflight 13.32.110.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mcclatchy-newsobserver.cdn.zephr.com/zephr/decision-engine
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-81.vie50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.newsobserver.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
access-control-allow-methods: POST,PUT,PATCH,GET,DELETE,OPTIONS,HEAD
access-control-allow-origin: https://www.newsobserver.com
content-length: 0
date: Fri, 23 Sep 2022 22:47:32 GMT
via: 1.1 4ca98b546b8d71c72caf6a3d8f75dc24.cloudfront.net (CloudFront)
x-amz-cf-id: gSRqTTj-U-J6qcB_CtsKugaMj_ZJCjvXpGUL8a90b_WEWhD3HEQ49A==
x-amz-cf-pop: VIE50-C2
x-cache: Miss from cloudfront

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 157 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK bb18cb3c-3a15-42ec-b15c-65261d84391b Show response
https://www.newsobserver.com/ 356 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/bb18cb3c-3a15-42ec-b15c-65261d84391b
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/onsozyb-li/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9da2db0677b38166684e97c1883902f80cc695c426b880e98e2096bd72f34e11

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 356
Content-Type: [object object]

GET
BLOB 200
OK f08183ae-8105-4300-b635-a0d2614575b0 Show response
https://www.newsobserver.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/f08183ae-8105-4300-b635-a0d2614575b0
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/onsozyb-li/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 246cf13f66e7dd32630ae9bcca1441ae23c839570a33864a52ed9cdebaa5ce49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 44a7337b-1fd6-49b1-817f-2c1fbef3df7c Show response
https://www.newsobserver.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/44a7337b-1fd6-49b1-817f-2c1fbef3df7c
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/onsozyb-li/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef0b4cf4403a153b17a47cd3a16f02434188f6511cc524b13fbf7f4ff5f019c3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK ec07845a-835e-4bff-95a6-6e673c142c51 Show response
https://www.newsobserver.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/ec07845a-835e-4bff-95a6-6e673c142c51
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/onsozyb-li/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d5188d2b3f0193d1567da184d6560bafb019d979f10442317036986909abdba

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK b824272a-28ba-4064-be7b-a031862bbaff Show response
https://www.newsobserver.com/ 268 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/b824272a-28ba-4064-be7b-a031862bbaff
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/onsozyb-li/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e56ff0fa78653cec32ba2c667b271ef6b879bcdd63e6662d22bc3f467f421d27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 268
Content-Type: text/javascript

GET
BLOB 200
OK 9e8bbba7-52b3-42b6-a0e8-a6e1edec8f3e Show response
https://www.newsobserver.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/9e8bbba7-52b3-42b6-a0e8-a6e1edec8f3e
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/onsozyb-li/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c7a72176dc0acd18ad5fdb66f6eac24b0e08775139ec956a3af0d17cfa41afc5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

POST
H2 200 decision-engine Show response
mcclatchy-newsobserver.cdn.zephr.com/zephr/ 131 B
988 B 357ms
357ms XHR
application/json 13.32.110.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mcclatchy-newsobserver.cdn.zephr.com/zephr/decision-engine
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/onsozyb-li/newsobservercore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-81.vie50.r.cloudfront.net
Software: /
Resource Hash: 2c8e9c17c51ac13646a59b8c82f28ddbc7567ae6c99a102904383d8fb3408c13

Request headers

Accept: application/json
Referer: https://www.newsobserver.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 23 Sep 2022 22:47:32 GMT
via: 1.1 4ca98b546b8d71c72caf6a3d8f75dc24.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
x-cache: Miss from cloudfront
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
content-length: 131
x-amz-cf-id: Ta9VgpZMJ5kY_4X1xJLVwUTkf99_CXdee7PiK1MYNqi4ZPTg3Boomg==
x-blaize-request: 38539828

GET
BLOB 200
OK de89713f-ac50-4436-8ef9-a3ea156d14f0 Show response
https://www.newsobserver.com/ 268 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/de89713f-ac50-4436-8ef9-a3ea156d14f0
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/onsozyb-li/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 574874d061c15358052033125865555efb49d99654105b3a5bf3c72fb480db65

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 268
Content-Type: text/javascript

GET
BLOB 200
OK c60d51fb-e86c-4bf4-a560-1b4142a4a129 Show response
https://www.newsobserver.com/ 268 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/c60d51fb-e86c-4bf4-a560-1b4142a4a129
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/onsozyb-li/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b30cf05c73b1002b847793a8bff40a1e3c6f1d0bccb9300b9707a71729ef9da4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 268
Content-Type: text/javascript

GET
BLOB 200
OK f59c47b6-0cf6-4398-b361-2d43dfbbf695 Show response
https://www.newsobserver.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/f59c47b6-0cf6-4398-b361-2d43dfbbf695
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/onsozyb-li/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cfebed284b96af00c82472111ad9c994c0b9a2a905596a5ffd691cc7ac19cd8f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 79f5253e-e05e-42c4-b0ff-c815b4df380a Show response
https://www.newsobserver.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/79f5253e-e05e-42c4-b0ff-c815b4df380a
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/onsozyb-li/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 58931b7c398b1b35c94d3a2e83c8bd3accfb434c1b58dd1013f2edfd02cbff2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 5353cb96-ebe1-4f22-8f67-5c4cdc14a0d8 Show response
https://www.newsobserver.com/ 268 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/5353cb96-ebe1-4f22-8f67-5c4cdc14a0d8
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/onsozyb-li/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a67784d24d5a1cc8d95d7038b3405623fbd809823bf509b368b8fff4b7cff361

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 268
Content-Type: text/javascript

GET
H2

200

connatix.playspace.dc.js Show response
cds.connatix.com/p/184615/ Frame 0AE8
Redirect Chain

https://cd.connatix.com/connatix.playspace.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
https://cds.connatix.com/p/184615/connatix.playspace.dc.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a

998 KB
228 KB

69ms
36ms

Script
application/javascript

151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/184615/connatix.playspace.dc.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/local/article265792376.html
Protocol: H2
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a8a4fbaedc1e8bd1900ffa0bfb545581dddeea8e5153f33f17c5104e7da506e3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 22:47:31 GMT
content-encoding: br
last-modified: Fri, 23 Sep 2022 15:19:59 GMT
age: 26624
etag: "a15e15bb177b024a8c927a48537fff59"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 232839

Redirect headers

location: https://cds.connatix.com/p/184615/connatix.playspace.dc.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
date: Fri, 23 Sep 2022 22:47:31 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
accept-ranges: bytes
content-length: 0
access-control-max-age: 86400

GET
H2 200 si
capi.connatix.com/tr/ 0
116 B 259ms
150ms Image
application/json 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.connatix.com/tr/si?token=a2369385-8156-497e-aa49-9d945b5e71b8&cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/local/article265792376.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 22:47:31 GMT
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 0
access-control-max-age: 86400
content-type: application/json

GET
H2 200 pdp.gif
www.newsobserver.com/onsozyb-li/ 42 B
385 B 440ms
438ms Image
image/gif 104.96.161.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/onsozyb-li/pdp.gif?z=eyJpZCI6Im1pX2FzX25hb180NDgyMjgzODAyMzQxNzgyMjc4MjI1OTg5MzQ3NTA3NzE2OTc1Ml8xXzBfMTY2Mzk3MzI1MTQ5OSIsIndpZGdldHMiOnsicmVsYXRlZF9zdG9yaWVzIjoxfX0=
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/local/article265792376.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.161.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-161-200.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/news/local/article265792376.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 22:47:32 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 204320
content-length: 42
last-modified: Wed, 21 Sep 2022 13:40:25 GMT
server: MI
etag: "2a-5e9301646e440"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 758070758 521373489
access-control-allow-origin: *
cache-control: max-age=604788
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/gif
access-control-allow-headers: *

GET
H2 200 scroll.js Show response
static.scroll.com/js/ 17 KB
7 KB 161ms
37ms Script
application/javascript 199.232.198.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.scroll.com/js/scroll.js
Requested by: Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/f08183ae-8105-4300-b635-a0d2614575b0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.198.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d7685d961a175a9df933dc1ecc9bb703db5496c5c442961232c2c204b126fcb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 22:47:31 GMT
content-encoding: gzip
age: 75129
x-guploader-uploadid: ADPycdsW5P_8RMJOa76UmUt4xD5euCqfwN1bl-6Qp9eM39N7hRaK55xc06GmcRkIReGPqj-kbR2I-6EH9h1yN1SnhTgkSr_e-m91
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 6181
x-served-by: cache-hhn4041-HHN
last-modified: Thu, 17 Mar 2022 20:05:53 GMT
server: UploadServer
x-timer: S1663973252.817713,VS0,VE0
etag: "1e95949e7c12b7ee6c5f4dd56d15b476"
vary: Origin
x-goog-hash: crc32c=S/xPEw==, md5=HpWUnnwSt+5sX03VbRW0dg==
x-goog-generation: 1647547553107114
via: 1.1 varnish
expires: Wed, 21 Sep 2022 01:55:20 GMT
cache-control: public, max-age=0, s-maxage=86400
access-control-allow-credentials: true
x-goog-stored-content-length: 6181
accept-ranges: bytes
content-type: application/javascript
x-scrolljs: 3
x-cache-hits: 17844

GET
H2 200 performance.30ecdb8581c4299904dd.js Show response
www.newsobserver.com/onsozyb-li/ 8 KB
3 KB 56ms
55ms Script
application/javascript 104.96.161.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/onsozyb-li/performance.30ecdb8581c4299904dd.js
Requested by: Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/44a7337b-1fd6-49b1-817f-2c1fbef3df7c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.161.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-161-200.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 05b2ab589acf28f07d1464cc232e583af8da87f19882a3e9f170d4404b5c0e5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/news/local/article265792376.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 22:47:31 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 167
content-length: 2640
last-modified: Thu, 22 Sep 2022 16:00:41 GMT
server: MI
etag: W/"1e9c-5e94629c03c40"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 637508622, 748519706 739580656
access-control-allow-origin: *
cache-control: max-age=494533
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript
access-control-allow-headers: *

GET
H2 200 quarantine.020bd25c914c7538f9c0.js Show response
www.newsobserver.com/onsozyb-li/ 25 KB
10 KB 59ms
57ms Script
application/javascript 104.96.161.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/onsozyb-li/quarantine.020bd25c914c7538f9c0.js
Requested by: Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/ec07845a-835e-4bff-95a6-6e673c142c51
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.161.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-161-200.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 81a2f536fd0fdf04b60dacd57c3d12a7c5a881d369f66d50157e5fca9b12a2e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/news/local/article265792376.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 22:47:31 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 342
content-length: 9493
last-modified: Thu, 22 Sep 2022 16:00:41 GMT
server: MI
etag: W/"6516-5e94629c03c40"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 606726261 635480393
access-control-allow-origin: *
cache-control: max-age=494751
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript
access-control-allow-headers: *

GET
H2 200 geofeed Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 162 B
306 B 154ms
56ms Script
text/javascript 2606:4700:4400::6812:2962
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/geofeed

Requested by

Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/b824272a-28ba-4064-be7b-a031862bbaff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2962 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d6aa0d1df9cfdddb4ba1c2e84627fbae84624b959ac448e02057a26df5c89ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
cf-ray: 74f6d297baa09296-FRA
date: Fri, 23 Sep 2022 22:47:31 GMT
vary: Accept-Encoding
content-type: text/javascript

GET
H2 200 parsely.85c1f7489150d4fc570b.js Show response
www.newsobserver.com/onsozyb-li/ 1 KB
986 B 70ms
68ms Script
application/javascript 104.96.161.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/onsozyb-li/parsely.85c1f7489150d4fc570b.js
Requested by: Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/9e8bbba7-52b3-42b6-a0e8-a6e1edec8f3e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.161.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-161-200.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: f8350cfbedd31687bc8c87eac0969704c740bdd986e7c28c5de915092a780830

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/news/local/article265792376.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 22:47:31 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 375
content-length: 612
last-modified: Thu, 22 Sep 2022 16:00:41 GMT
server: MI
etag: W/"4b7-5e94629c03c40"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 702533591 730304279
access-control-allow-origin: *
cache-control: max-age=494761
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript
access-control-allow-headers: *

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 109 KB
35 KB 151ms
43ms Script
application/x-javascript 143.204.215.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/de89713f-ac50-4436-8ef9-a3ea156d14f0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-40.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 10:05:48 GMT
content-encoding: br
age: 45704
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-sha256: 57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc
x-amz-meta-codebuild-content-md5: 58acf9e97c03c481f490be71338f7f57
last-modified: Tue, 17 May 2022 11:35:33 GMT
server: AmazonS3
etag: W/"148e21f812b555a13b2a9c6b616141f4"
vary: Accept-Encoding
x-amz-version-id: qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl
via: 1.1 6080b2713e502211e152f21f5c59c5a6.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=86400
x-amz-cf-pop: FRA53-C1
content-type: application/x-javascript
x-amz-cf-id: GPhxIIDla5xHjLxOd3D4HZbOpVQR2FBY86ylmZg7qoFGdsRIV-Ebkg==

GET
H2 200 oPS.js Show response
d15kdpgjg3unno.cloudfront.net/ 100 KB
21 KB 146ms
42ms Script
application/javascript 2600:9000:206f:1200:11:b309:9100:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=11
Requested by: Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/c60d51fb-e86c-4bf4-a560-1b4142a4a129
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1200:11:b309:9100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 051bc401da542c03c1addebfe9b686e83a9c04f56250e41bf28dce0fd6b6edd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: E3hZ_pNNEOcfcR3dSaFIMfHUAbf2q0D6
content-encoding: gzip
last-modified: Wed, 14 Sep 2022 22:06:42 GMT
server: AmazonS3
age: 79249
etag: W/"d1ea0fca3233bc6f8599239f96cc8050"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
cache-control: max-age=84600
date: Fri, 23 Sep 2022 00:46:44 GMT
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: rlJ4Pb47kpnVcmFJAt_3TixzGqjoO21AppQhB62iD3clZLdlO25c0Q==

GET
H2 200 article265792376.html.js Show response
dyv1bugovvq1g.cloudfront.net/11/www.newsobserver.com/news/local/ 1 KB
690 B 514ms
427ms Script
application/json 2600:9000:206f:c400:5:82fd:2500:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dyv1bugovvq1g.cloudfront.net/11/www.newsobserver.com/news/local/article265792376.html.js
Requested by: Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/f59c47b6-0cf6-4398-b361-2d43dfbbf695
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:c400:5:82fd:2500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6e2fcd81eb0776e0c05a01822b2a5aa2c3f2177018643ff1f77e0733aa36480b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 22:47:33 GMT
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 21:01:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: "7326aac4e1eb5c935a3442f1454085db"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
cache-control: max-age=300
accept-ranges: bytes
content-length: 319
x-amz-cf-id: yGEPDxQWGm_9VuD7eYtcIEZ3LVDj_9JXkGwRrJnr3fg3bHiSCD0goQ==

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/awMxVZLpNW6K6EG6WC5S8oR_a68/gpt_and_prebid/ 128 KB
29 KB 127ms
37ms Script
text/javascript 151.101.65.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/awMxVZLpNW6K6EG6WC5S8oR_a68/gpt_and_prebid/config.js
Requested by: Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/79f5253e-e05e-42c4-b0ff-c815b4df380a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e356e562d2fb8fd054e1fc66ae3ae4be09d008069c47beb2b0e9c1eb2e2705a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 22:47:31 GMT
Content-Encoding: gzip
Age: 104
X-Cache: HIT
Connection: keep-alive
Content-Length: 29565
x-amz-id-2: 96WfrPZ/cZklWn1YDZSHvBF+Mr5vd8fRXQdY5/1rEwfz6lw7H7c+Ys8E6TcfSPBWSNkZ9nF2z8w=
X-Served-By: cache-hhn4052-HHN
Last-Modified: Fri, 23 Sep 2022 22:02:14 GMT
Server: AmazonS3
X-Timer: S1663973252.939657,VS0,VE0
ETag: "53cd6ff7063b49dc31045d189f21947b"
x-amz-request-id: DFPP298RDMTJJ5XF
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 2

GET
H2 200 sponsored.63d711df470f05a784a3.js Show response
www.newsobserver.com/onsozyb-li/ 1 KB
865 B 69ms
68ms Script
application/javascript 104.96.161.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/onsozyb-li/sponsored.63d711df470f05a784a3.js
Requested by: Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/5353cb96-ebe1-4f22-8f67-5c4cdc14a0d8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.161.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-161-200.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 429dbf2802f79472c84f2a75fa7afffed7c4e7a0d8aa10478fcf817bf795c2ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/news/local/article265792376.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 22:47:31 GMT
content-encoding: gzip
vary: Accept-Encoding
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 375
content-length: 483
last-modified: Thu, 22 Sep 2022 16:00:41 GMT
server: MI
etag: W/"431-5e94629c03c40"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 832246145, 708097525 704755813
access-control-allow-origin: *
cache-control: max-age=494738
access-control-allow-credentials: false
mi-cache: HIT
content-type: application/javascript
access-control-allow-headers: *

GET
H2 200 skeleton.js Show response
static.adsafeprotected.com/ 17 B
465 B 179ms
50ms Script
application/javascript 2600:9000:223f:c800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: flowerstreatment.com
URL: https://flowerstreatment.com/v2lqwcGNtbZcnoCw0vMa0Addz7MRoJ7ADWPuZlhvzzozF1IDD97kKhDk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:c800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 13:58:04 GMT
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
age: 19039768
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 5g0YObdSCX6c4hxCVqcjRUrxs1w3yQsfXJiSOK-wAEnAmFvD_oyVhQ==

POST
H2 200 interact Show response
edge.adobedc.net/ee/v1/ 587 B
433 B 81ms
81ms Fetch
application/json 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://edge.adobedc.net/ee/v1/interact?configId=462177a8-1012-4e47-aee6-a4f6f3154a6b&requestId=1ec523a0-fcc2-4930-aca2-405463ebaa73

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/onsozyb-li/newsobservercore.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

03895dd098d8b8ea70cb4eeee4cb64e4deb6ad1b86e28a91ea37fe37f4c1c2b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newsobserver.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Fri, 23 Sep 2022 22:47:30 GMT
content-encoding: deflate
x-content-type-options: nosniff
x-rate-limit-remaining: 599
x-adobe-edge: IRL1;6
vary: Origin
x-xss-protection: 1; mode=block
x-request-id: 1ec523a0-fcc2-4930-aca2-405463ebaa73
server: jag
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
x-konductor: 22.9.37:fc1cc715

POST
H2 200 interact Show response
edge.adobedc.net/ee/v1/ 522 B
383 B 78ms
77ms Fetch
application/json 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://edge.adobedc.net/ee/v1/interact?configId=462177a8-1012-4e47-aee6-a4f6f3154a6b&requestId=53fef1db-6b91-42fe-ad49-8f58a16b1bbe

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/onsozyb-li/newsobservercore.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

94fd366fd589e5a99b9a07fbf1e4f71f56cfc0e687a9af3cf96f2034be1a89de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newsobserver.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Fri, 23 Sep 2022 22:47:31 GMT
content-encoding: deflate
x-content-type-options: nosniff
x-rate-limit-remaining: 599
x-adobe-edge: IRL1;6
vary: Origin
x-xss-protection: 1; mode=block
x-request-id: 53fef1db-6b91-42fe-ad49-8f58a16b1bbe
server: jag
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
x-konductor: 22.9.37:fc1cc715

GET
BLOB 200
OK 3b075fde-4de1-40f6-83f1-b5d406c44990 Show response
https://www.newsobserver.com/ 368 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/3b075fde-4de1-40f6-83f1-b5d406c44990
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/onsozyb-li/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d95d28a28e3c00533de70feafbfc9559c7c323f217680a69aa639f6123873fc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 368
Content-Type: [object object]

GET
H2 200 pdp.gif
www.newsobserver.com/onsozyb-li/ 42 B
392 B 428ms
428ms Image
image/gif 104.96.161.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/onsozyb-li/pdp.gif?k=eyJpZCI6Im1pX2FzX25hb180NDgyMjgzODAyMzQxNzgyMjc4MjI1OTg5MzQ3NTA3NzE2OTc1Ml8xXzBfMTY2Mzk3MzI1MTQ5OSIsImRvbUludGVyYWN0aXZlIjoxNzg0LCJyZXF1ZXN0U3RhcnQiOjE3Mn0=
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/local/article265792376.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.161.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-161-200.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/news/local/article265792376.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 22:47:32 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 204320
content-length: 42
last-modified: Wed, 21 Sep 2022 13:40:25 GMT
server: MI
etag: "2a-5e9301646e440"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
x-varnish: 521373488, 912035797 605945868
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: false
mi-cache: HIT
content-type: image/gif
access-control-allow-headers: *

GET
BLOB 200
OK 8cd249bd-f388-4b8c-bd69-29d915fd22f7 Show response
https://www.newsobserver.com/ Frame 0C65 327 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/8cd249bd-f388-4b8c-bd69-29d915fd22f7
Requested by: Host: apple.news
URL: https://apple.news/PwA9f0YPMD6d-kRQnoIDfYI?articleList=ATb0A_RitQeOqvXyztUNA1g
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c5da5b819a648f050990e8263079f394127cdc137148128afdbc7978753644cd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 327
Content-Type: text/javascript

GET
BLOB 200
OK a8fcca77-fd07-4903-9976-44add525b6cc Show response
https://www.newsobserver.com/ Frame D0F2 344 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/a8fcca77-fd07-4903-9976-44add525b6cc
Requested by: Host: apple.news
URL: https://apple.news/PwA9f0YPMD6d-kRQnoIDfYI?articleList=ATb0A_RitQeOqvXyztUNA1g
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2535815833746fe6683a50cac72e5025b099db7b21e6a5b3896e01973c91050

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 344
Content-Type: text/javascript

GET
BLOB 200
OK af38e6bb-6a05-42cc-ae82-50a43263c689 Show response
https://www.newsobserver.com/ Frame 8153 642 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/af38e6bb-6a05-42cc-ae82-50a43263c689
Requested by: Host: apple.news
URL: https://apple.news/PwA9f0YPMD6d-kRQnoIDfYI?articleList=ATb0A_RitQeOqvXyztUNA1g
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d52f67fe232e73a8cb967fa7876bc7e837f24670b70e06ef408afbb33e15b48e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 642
Content-Type: text/javascript

GET
BLOB 200
OK 6f24264d-5758-4217-aee5-0cec13728e91 Show response
https://www.newsobserver.com/ Frame FB53 433 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/6f24264d-5758-4217-aee5-0cec13728e91
Requested by: Host: apple.news
URL: https://apple.news/PwA9f0YPMD6d-kRQnoIDfYI?articleList=ATb0A_RitQeOqvXyztUNA1g
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f4ae576ccd01e5da81892ccc8381b9b75621f1c981769e4df4165f3058a47623

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 433
Content-Type: text/javascript

GET
H2 200 i.js Show response
tag.wknd.ai/3581/ 85 KB
37 KB 120ms
38ms Script
text/plain 34.120.253.250
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.wknd.ai/3581/i.js
Requested by: Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/8cd249bd-f388-4b8c-bd69-29d915fd22f7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 250.253.120.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: 0b8bc94e4167975932513bde76695ff6e4f001bf1dab8a4880f884192af8797f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 22:46:36 GMT
content-encoding: gzip
age: 55
x-envoy-upstream-service-time: 3
x-region: us-central1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37318
access-control-allow-origin: *
server: istio-envoy
etag: ab685bee0c0474
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
via: 1.1 google
cache-control: public,max-age=60
timing-allow-origin: *
link: <https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://data.cdnbasket.net>; rel=dns-prefetch, <https://page.cdnbasket.net>; rel=dns-prefetch, <https://view.cdnbasket.net>; rel=dns-prefetch, <https://ids.cdnwidget.com>; rel=dns-prefetch, <https://u.cdnwidget.com>; rel=dns-prefetch, <https://pix.cdnwidget.com>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect, <https://pd.cdnwidget.com>; rel=preconnect

GET
BLOB 200
OK 5c8f66f0-cfb1-4721-8bb2-e66333be963c Show response
https://www.newsobserver.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/5c8f66f0-cfb1-4721-8bb2-e66333be963c
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/onsozyb-li/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8291cb64968b31193ea17b222eb4fa479469169b8bfbf549e732d0b9e05f49f7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK c2a1c454-148c-4de8-bc89-f81db59e4b82 Show response
https://www.newsobserver.com/ 268 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/c2a1c454-148c-4de8-bc89-f81db59e4b82
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/onsozyb-li/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e11f2191120d053c38a64fca3dc4b0e74877daf20e237238b6c4b0b411788658

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length: 268
Content-Type: text/javascript

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame D0F2 4 KB
2 KB 156ms
45ms Script
application/javascript 13.32.99.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/a8fcca77-fd07-4903-9976-44add525b6cc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-23.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 05:38:47 GMT
content-encoding: gzip
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
age: 61726
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: mW2vpoKI5kRtZqZyjepH09BnRizqn7apw-OSqsHrEHg9d2xfOl6r0w==

GET
H/1.1 200
OK last-event-tag-latest.min.js Show response
www.everestjs.net/static/le/ Frame 8153 7 KB
3 KB 149ms
44ms Script
application/javascript 96.16.147.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.everestjs.net/static/le/last-event-tag-latest.min.js
Requested by: Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/af38e6bb-6a05-42cc-ae82-50a43263c689
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.147.243 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-147-243.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: abb45ae4b3a896ae99132c1786a9676218c119ea552d3fbb5ab6d40d9e05e43c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: null
Content-Encoding: gzip
Last-Modified: Wed, 16 Jun 2021 15:18:41 GMT
Server: AmazonS3
x-amz-request-id: R6X1Z4GZMHQJ34R0
ETag: "d5991c18a0042eb33f92c6b5b44ffe8d"
Vary: Accept-Encoding
Content-Type: application/javascript
Date: Fri, 23 Sep 2022 22:47:32 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2663
x-amz-id-2: jm8UZxXlNwBRe5MV76nXmfeJxyOsHxAxlRqx4Yx6Lk22skfaD1o6r2gLlsQkG8CibRTuc9Pz10M=

GET
H3

200

ml.br.js Show response
js.matheranalytics.com/static/ltm/ma12095/all/8/ Frame FB53
Redirect Chain

https://js.matheranalytics.com/s/ma12095/74930332/all/ml.js?cb=1605
https://js.matheranalytics.com/static/ltm/ma12095/all/8/ml.br.js

143 KB
42 KB

116ms
40ms

Script
application/x-javascript

107.178.250.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.matheranalytics.com/static/ltm/ma12095/all/8/ml.br.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/local/article265792376.html
Protocol: H3
Server: 107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.250.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: b4e8ce318f935b3a426d31961c37589ee76626ff62b65e6be06764a3ca6862ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 00:36:27 GMT
via: 1.1 google
last-modified: Wed, 02 Mar 2022 19:26:52 GMT
server: nginx
age: 79865
etag: "014a97acdf06a1d13b98c864ad2adf46"
vary: Accept-Encoding
x-cache: HIT Wed, 02 Mar 2022 19:44:10 GMT
content-type: application/x-javascript
cache-control: public,max-age=3600
content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42494

Redirect headers

date: Fri, 23 Sep 2022 22:47:32 GMT
via: 1.1 google
server: nginx
vary: Accept-Encoding
location: https://js.matheranalytics.com/static/ltm/ma12095/all/8/ml.br.js
cache-control: public, max-age=269200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by: 7-gc-euw1-10929

GET
H2 200 p.js Show response
cdn.parsely.com/keys/newsobserver.com/ 66 KB
23 KB 148ms
51ms Script
application/javascript 65.9.61.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/newsobserver.com/p.js
Requested by: Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/5c8f66f0-cfb1-4721-8bb2-e66333be963c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.61.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-61-60.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 2ff8dc4161b9a017745c29cdc9594fdff3e16b981f87664a6c3868bf4424ef3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: public
date: Fri, 23 Sep 2022 03:29:20 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 18:59:58 GMT
server: nginx
age: 69492
etag: W/"620d49ae-1070c"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: rDKQkWsoRfAxJBfi3UbTEMKMHx-PhzLPA3SyDMCc5riM3cMfae481g==
expires: Sat, 24 Sep 2022 03:29:20 GMT

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 479 KB
137 KB 286ms
60ms Script
application/x-javascript 184.51.9.197
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/c2a1c454-148c-4de8-bc89-f81db59e4b82
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.197 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-197.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 9e877167f6f54a122bd114c9429ffdcac4704c20443c9a0aca0fa4b90a86aca9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 22:47:32 GMT
Content-Encoding: gzip
x-amz-request-id: R084R8TMAJ5XTS9W
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: 6aErGEpJyv3NlvzTrk/b+fGF9MOeNQ3JYxgW6vUsAwEw0HnFM6btS92pkjGDC6L/rk4DckT6P88=
Last-Modified: Mon, 19 Sep 2022 22:01:53 GMT
Server: AmazonS3
ETag: "304142478e3c49065ff794612c24a84b"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 / Show response
geo.privacymanager.io/ 28 B
593 B 140ms
38ms Fetch
application/json 13.32.99.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-122.fra60.r.cloudfront.net
Software: /
Resource Hash: 3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 03:51:45 GMT
via: 1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront), 1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
age: 68146
x-amzn-requestid: 03bbb42f-3df0-4e6d-a63f-a7c52c283035
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-632d2d51-3833a6c41258663f494653ee;Sampled=0
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P3, FRA60-P3
x-amz-apigw-id: Y5QEuGzHDoEFXbw=
content-length: 28
x-amz-cf-id: B5idqLByARWSw5e9eKKJsDXzyzXnLz7vOms6e2bLVzNu-waFqQ5slA==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

POST
H/1.1 200
OK Test_oPS_Script_Loads Show response
sqs.us-east-1.amazonaws.com/397719490216/ 378 B
658 B 526ms
133ms XHR
text/xml 3.236.169.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sqs.us-east-1.amazonaws.com/397719490216/Test_oPS_Script_Loads?Action=SendMessage&MessageBody=cid%3D11%26bt%3Dnull
Requested by: Host: d15kdpgjg3unno.cloudfront.net
URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.236.169.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-236-169-39.compute-1.amazonaws.com
Software: /
Resource Hash: 4a545ca92f93cf77493a523b85f2155a1ac335202faec1faecc732790a015a11

Request headers

Referer: https://www.newsobserver.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-RequestId: e12a0ca2-dc1f-52b9-b573-570ae5db7066
Date: Fri, 23 Sep 2022 22:47:32 GMT
Content-Length: 378
Content-Type: text/xml

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202209061116/ 202 KB
65 KB 37ms
37ms Script
application/javascript 151.101.65.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202209061116/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/awMxVZLpNW6K6EG6WC5S8oR_a68/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4dd9a0a89a6f744f971d703a692ba46ac458994d236cff82a8f79a0d1980d4d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 22:47:32 GMT
Content-Encoding: gzip
Age: 80411
X-Cache: HIT
Connection: keep-alive
Content-Length: 65932
x-amz-id-2: ngZ6pxjjczHY0u7YqE1bIxYw0LWZvYegA9szd02uJZFuzAIryNjj7UaegkzpKukqNXuC3nV8vcFuAa1eap3XTw==
X-Served-By: cache-hhn4052-HHN
Last-Modified: Tue, 06 Sep 2022 17:14:03 GMT
Server: AmazonS3
X-Timer: S1663973252.011007,VS0,VE0
ETag: "ff03fa033abd214ac10b94ea9d102f86"
x-amz-request-id: AYGP566NEH6T1319
Via: 1.1 varnish
Cache-Control: public, max-age=864000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 245276

GET
H3 200 css2
fonts.googleapis.com/ Frame 6F56 2 KB
465 B 127ms
47ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;600&display=swap

Requested by

Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20220922_139f71f2dd9fc488416e0045a9aa1d66f91af207/trinity-injector-script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5a86202154ecfb9982c0120080d31c74c687082897186120bd4e3a2caabb42d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 23 Sep 2022 22:09:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 23 Sep 2022 22:47:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 23 Sep 2022 22:47:32 GMT

GET
H2 200 trinity-player.php Show response
trinitymedia.ai/player/ Frame F980 14 KB
6 KB 187ms
186ms Document
text/html 3.213.88.240
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trinitymedia.ai/player/trinity-player.php?pageURL=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Flocal%2Farticle265792376.html&unitId=2900000552&userId=185ea88e-2a71-45d8-8190-2456bdf23e33&isLegacyBrowser=false&version=20220922_139f71f2dd9fc488416e0045a9aa1d66f91af207&useCFCDN=0&themeId=315
Requested by: Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20220922_139f71f2dd9fc488416e0045a9aa1d66f91af207/trinity-injector-script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.88.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-88-240.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e0f5a4e9926f5d109f7f458444e19cc597d3ee993cf7d447dc5acc173d51634f

Request headers

Referer: https://www.newsobserver.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-length: 5530
content-type: text/html; charset=UTF-8
date: Fri, 23 Sep 2022 22:47:32 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 main_aa957ce8751576e86fed4735719284d6.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 346 KB
69 KB 132ms
42ms Script
text/javascript 34.98.72.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main_aa957ce8751576e86fed4735719284d6.br.js
Requested by: Host: tag.wknd.ai
URL: https://tag.wknd.ai/3581/i.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: fe3a5fd44202fabb1ed0bae0562a07c92fd9e8678d4ff4a2b5852b1b933175f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 20:44:47 GMT
content-encoding: br
age: 7365
x-guploader-uploadid: ADPycdsPys9cW8eATWCc0GEMh6z8Mi19-renhX5DCoKdSXVU3DsIgjs8IDGT1C7dgFJMWZpBHK7xS90_XSmsXyGq0I-84TaOV74V
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69912
last-modified: Fri, 23 Sep 2022 20:44:35 GMT
server: UploadServer
etag: "698b1dda56132e8c58af5e3545a81fb4"
x-goog-hash: crc32c=1E1rVw==, md5=aYsd2lYTLoxYr141RagftA==
x-goog-generation: 1663965875509043
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 69912
accept-ranges: bytes
content-type: text/javascript
expires: Sat, 23 Sep 2023 20:44:47 GMT

GET
H2 200 cjs_min_93e18f8d92a3704ae302522cde927999.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 46 KB
15 KB 171ms
81ms Script
text/javascript 34.98.72.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_93e18f8d92a3704ae302522cde927999.js
Requested by: Host: tag.wknd.ai
URL: https://tag.wknd.ai/3581/i.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f91a7a5baacde1a440359f91663eede5cff90eb02b6dbfc76792d83e5779667b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 19:50:29 GMT
content-encoding: gzip
age: 97023
x-guploader-uploadid: ADPycdsXaWw5YkQV-055IHSHnwoo5cmtH31asCyitTEmOlSqan3nJuHEuYmr124ieFkQCMKRZytpIUr6CgsZqthC3vA79Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14850
last-modified: Tue, 23 Aug 2022 19:50:06 GMT
server: UploadServer
etag: "158c4f91896e8d16c51d2221e14dc869"
x-goog-hash: crc32c=S5gI1w==, md5=FYxPkYlujRbFHSIh4U3IaQ==
x-goog-generation: 1661284206245542
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000,no-transform
x-goog-stored-content-length: 14850
accept-ranges: bytes
content-type: text/javascript; charset=utf-8
expires: Fri, 22 Sep 2023 19:50:29 GMT

GET
H2 204 b
sb.scorecardresearch.com/ Frame D0F2 0
190 B 38ms
37ms Image
text/plain 13.32.99.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6035363&cs_it=b3&cv=3.8.0.210223&ns__t=1663973252130&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Flocal%2Farticle265792376.html&c8=Black%20pastor%20robbery%20charges%20vacated%2C%20police%20withheld%20evidence%20%7C%20Raleigh%20News%20%26%20Observer&c9=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Flocal%2Farticle265792376.html
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/local/article265792376.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-23.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 22:47:32 GMT
via: 1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: aCuwUKed0bqMVLqvQwou02ENWs0NuWzfsMqWYcSNM2UYCWR06olizw==
x-cache: Miss from cloudfront

GET
H2 200 / Show response
lasteventf-tm.everesttech.net/ Frame 8153 0
137 B 66ms
37ms XHR
text/plain 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://lasteventf-tm.everesttech.net/?_les_imsOrgId=3B6E35F15A82BBB00A495D91@AdobeOrg&_les_sdid=0376601438A26E89-78DD4EDADE0FF4C1&_les_last_search_click=&_les_rsid=mccltallmcclatchy&_les_mid=44822838023417822782259893475077169752&_les_url=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Flocal%2Farticle265792376.html
Requested by: Host: www.everestjs.net
URL: https://www.everestjs.net/static/le/last-event-tag-latest.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 22:47:32 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1663973252.166021,VS0,VE0
x-cache: MISS
content-type: text/plain
access-control-allow-origin: https://www.newsobserver.com
access-control-allow-credentials: true
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-hhn4060-HHN

GET
H2 200 hls.29b1ff4c2227d65c148f.js
cds.connatix.com/p/184615/ Frame 0AE8 0
47 KB 39ms
39ms Other
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/184615/hls.29b1ff4c2227d65c148f.js
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 22:47:32 GMT
content-encoding: br
last-modified: Fri, 23 Sep 2022 15:19:59 GMT
age: 26628
etag: "e5fe8d4634de636d5a9d4be6c94dfe3d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 48328

GET
H2 200 connatix.playspace.css
cds.connatix.com/p/184615/ 106 KB
14 KB 45ms
45ms Stylesheet
text/css 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/184615/connatix.playspace.css
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e5cd3c768d9ba5bb2e0b97853890d4aefc85c84898721b993374d62d989b9ced

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 22:47:32 GMT
content-encoding: br
last-modified: Fri, 23 Sep 2022 15:19:59 GMT
age: 26629
etag: "5633b7e1fdc71bcd77ed89d392c37b85"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 14616

POST
H2 200 v2suezw0Exn_ZVJpibueRGO_-s1alSb0by6lFtNPy2zS7FXoT49Gu3qiad1X92lMN5IhrZ0Dp Show response
scissorsstatement.com/ 191 B
702 B 184ms
82ms Fetch
application/json 2600:1901:0:2de6::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://scissorsstatement.com/v2suezw0Exn_ZVJpibueRGO_-s1alSb0by6lFtNPy2zS7FXoT49Gu3qiad1X92lMN5IhrZ0Dp

Requested by

Host: flowerstreatment.com
URL: https://flowerstreatment.com/v2lqwcGNtbZcnoCw0vMa0Addz7MRoJ7ADWPuZlhvzzozF1IDD97kKhDk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:2de6::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

b71f7e94b4a50521160f7f2bc15b11b13713b10b917594bff5d3ad1f32fd89eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.newsobserver.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
via: 1.1 google
x-buildnumber: 632800667
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 191
x-datacenter: gce-europe-west1
date: Fri, 23 Sep 2022 22:47:32 GMT
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: fen-hoothoot-europe-west1-spot-7ghk
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Fri, 23 Sep 2022 22:47:31 GMT

GET
H3 200 QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v18/ Frame 6F56 47 KB
47 KB 114ms
38ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.newsobserver.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 19:48:08 GMT
x-content-type-options: nosniff
age: 269964
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47728
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 17:55:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Sep 2023 19:48:08 GMT

POST
H2 200 pixel_2a66218b Show response
www.newsobserver.com/akam/13/ 0
776 B 51ms
51ms XHR
text/html 104.96.161.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/akam/13/pixel_2a66218b
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/akam/13/2a66218b
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.161.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-161-200.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsobserver.com/news/local/article265792376.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 22:47:32 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=0, no-cache
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 0
expires: Fri, 23 Sep 2022 22:47:32 GMT

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
257 B 253ms
55ms Image
image/gif 63.34.81.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1663973252208&plid=55174563&idsite=newsobserver.com&url=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Flocal%2Farticle265792376.html&urlref=https%3A%2F%2Fapple.news%2F&screen=1600x1200%7C1600x1200%7C24&data=%7B%22subscriber%22%3Afalse%7D&sid=1&surl=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Flocal%2Farticle265792376.html&sref=https%3A%2F%2Fapple.news%2F&sts=1663973252205&slts=0&title=Black+pastor+robbery+charges+vacated%2C+police+withheld+evidence+%7C+Raleigh+News+%26+Observer&date=Fri+Sep+23+2022+22%3A47%3A32+GMT%2B0000+(GMT)&action=pageview&pvid=38471461&u=pid%3D1d7510425875569ba5a08212886a564d
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/local/article265792376.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.81.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-81-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 22:47:32 GMT
Cache-Control: no-cache
Last-Modified: Friday, 23-Sep-2022 22:47:32 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 forbes-484fef5e39bd1f12260ad07d5cc3499d.js Show response
vd.trinitymedia.ai/trinity-player/buttons/ Frame F980 2 KB
1 KB 40ms
39ms Script
application/javascript 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://vd.trinitymedia.ai/trinity-player/buttons/forbes-484fef5e39bd1f12260ad07d5cc3499d.js
Requested by: Host: trinitymedia.ai
URL: https://trinitymedia.ai/player/trinity-player.php?pageURL=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Flocal%2Farticle265792376.html&unitId=2900000552&userId=185ea88e-2a71-45d8-8190-2456bdf23e33&isLegacyBrowser=false&version=20220922_139f71f2dd9fc488416e0045a9aa1d66f91af207&useCFCDN=0&themeId=315
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: AmazonS3 /
Resource Hash: 8ca8411cecd01b97b8475a045b40a053f69226e4abc4359613f6985801a24da0

Request headers

Referer: https://trinitymedia.ai/
Origin: https://trinitymedia.ai
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 22:47:32 GMT
content-encoding: gzip
last-modified: Mon, 22 Aug 2022 08:54:16 GMT
server: AmazonS3
x-amz-request-id: XE7PSDZ0SXKT00ST
etag: "689ebdde685a511ab98013e5b4bc6f33"
x-hw: 1663973252.dop220.fr8.t,1663973252.cds216.fr8.hn,1663973252.cds286.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=44795
accept-ranges: bytes
content-length: 815
x-amz-id-2: zM258FKwQzdak4inAB3iIriffbNO16HQyZPhWbo/M7+MrseFI9JP35NBp4PeDeXhzbaRSeMvv7A=

GET
H2 200 trinity-player.js Show response
vd.trinitymedia.ai/trinity-player/tts-player/20220922_139f71f2dd9fc488416e0045a9aa1d66f91af207/ Frame F980 2 MB
230 KB 135ms
53ms Script
application/javascript 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20220922_139f71f2dd9fc488416e0045a9aa1d66f91af207/trinity-player.js
Requested by: Host: trinitymedia.ai
URL: https://trinitymedia.ai/player/trinity-player.php?pageURL=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Flocal%2Farticle265792376.html&unitId=2900000552&userId=185ea88e-2a71-45d8-8190-2456bdf23e33&isLegacyBrowser=false&version=20220922_139f71f2dd9fc488416e0045a9aa1d66f91af207&useCFCDN=0&themeId=315
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: AmazonS3 /
Resource Hash: a139411d4d3916bcbaa5f58551f58343a740d4434dce5722b7f45b3c38f8ff31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trinitymedia.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 22:47:32 GMT
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 08:26:39 GMT
server: AmazonS3
x-amz-request-id: 1095K3805K6KWKX6
etag: "5b2bffce764f56ce299cbd279b3a076d"
x-hw: 1663973252.dop056.fr8.t,1663973252.cds241.fr8.hn,1663973252.cds243.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 235267
x-amz-id-2: d7fX7lBfDxRShkyNeRDiDl0/NZsT4D2GKi4rPPXeEThuHeKaybnQsNedKjYT15azH/xoIirXXu4=

POST
H2 200 story Show response
capi.connatix.com/core/ Frame 0AE8 2 KB
1 KB 154ms
154ms XHR
application/x-protobuf 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/story?v=184615&cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4a4646bab393be045c6e9257e4a37437ae4df52e79e72e08ae987c969cd44765

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Fri, 23 Sep 2022 22:47:32 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.newsobserver.com
access-control-max-age: 86400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 947

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ Frame FB53 43 B
245 B 998ms
124ms Image
image/gif 54.175.195.64
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pv&page=ml&sec=Local&prem=metered&ptype=Story&auth=Josh%20Shaffer&artpubt=1663257491&tv=js-3.0.148&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=8&tvcfg=all&tid=781e39ca-9995-47b7-841c-cba6a29a20f9&pid=f7075242-38be-49a5-be00-d11161de504c&dtm=1663973252283&qnm=_matherq&visible=1&tabid=6d1c5cb6-6a70-4ab3-a860-56de6b626d5c&refr=https%3A%2F%2Fapple.news%2F&url=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Flocal%2Farticle265792376.html&vrefr=https%3A%2F%2Fapple.news%2F&vp=0x0&ds=0x0&tofa=1663973252&vid=1&lvidt=1663973252&duid=67f39809614fb6ec&fp=577415770&cid=ma12095&mrk=74930332&cx=eyJjYXRlZ29yeSI6eyJjYXRlZ29yaWVzIjpbWyJOZXdzfExvY2FsfHx8Il1dfSwicGVyZiI6eyJzdGFydCI6IjE2NjM5NzMyNTE3NzQiLCJyZWRpckNudCI6IjAiLCJuYXZUeXBlIjoibGluayIsImhlYXBVIjoiMzMuMW1iIiwiaGVhcFQiOiIzNy4zbWIiLCJyZXNwRSI6IjQiLCJkb21Mb2FkIjoiMCIsImRvbUludGVyIjoiNCIsImRvbUxvYWRTIjoiNCIsImRvbUxvYWRFIjoiNCIsImRvbUNtcGx0IjoiNCIsImxvYWRTIjoiNCIsImxvYWRFIjoiNCJ9fQ
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/local/article265792376.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.175.195.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-175-195-64.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 22:47:33 GMT
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK / Show response
data.cdnbasket.net/ 14 B
338 B 898ms
150ms XHR
application/json 35.186.239.245
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data.cdnbasket.net/
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_93e18f8d92a3704ae302522cde927999.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.239.245 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 245.239.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 2a4c7c267e13cb415e00efd4f2c520b8ad1ffa6780b5b991f4d592aced593978

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 22:47:33 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1 200
OK / Show response
page.cdnbasket.net/ 14 B
338 B 870ms
148ms XHR
application/json 34.120.133.69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://page.cdnbasket.net/
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_93e18f8d92a3704ae302522cde927999.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.133.69 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 69.133.120.34.bc.googleusercontent.com
Software: /
Resource Hash: 5574532d69bb584af2c97a352490144fabcd7b2baa861ceb16d746a61669d97e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 22:47:33 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1 200
OK / Show response
view.cdnbasket.net/ 14 B
338 B 870ms
150ms XHR
application/json 34.102.180.93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://view.cdnbasket.net/
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_93e18f8d92a3704ae302522cde927999.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.180.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.180.102.34.bc.googleusercontent.com
Software: /
Resource Hash: 6744210f688494b27c48e2efd47f4bc07c2b3213dcb7cd9562243821f598e8f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 22:47:33 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H3 200 inbox_ff39b67feb7efb3b74df724f531434eb.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 73 KB
19 KB 122ms
44ms Script
text/javascript 34.98.72.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/inbox_ff39b67feb7efb3b74df724f531434eb.br.js
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main_aa957ce8751576e86fed4735719284d6.br.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0a3207ed6ac144bb58e9ea8a9a44d3e121e1ffb5444e72256017e2d5e7266873

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:19:51 GMT
content-encoding: br
age: 109661
x-guploader-uploadid: ADPycduneHgl8SI1gcA2J_I5JGQTCqIaWdjE4WWirzswYnfrXF1v2CeW-tSR2l7DE94tnGqibVpbxTJBPLA4c-bgZMoXnA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19115
last-modified: Thu, 22 Sep 2022 16:19:42 GMT
server: UploadServer
etag: "64072da428f642ac6e49b3f040ae2f9b"
x-goog-hash: crc32c=lXMscA==, md5=ZActpCj2QqxuSbPwQK4vmw==
x-goog-generation: 1663863582142952
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 19115
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 22 Sep 2023 16:19:51 GMT

GET
H3 200 onsite_594abc2b6ab7a4163a442e0f8acebf61.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 160 KB
34 KB 116ms
39ms Script
text/javascript 34.98.72.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/onsite_594abc2b6ab7a4163a442e0f8acebf61.br.js
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main_aa957ce8751576e86fed4735719284d6.br.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ce4f517240bd5934346fb0891d1eda77fb7c4f6f3ca14524023f07c595c0c037

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:19:58 GMT
content-encoding: br
age: 109654
x-guploader-uploadid: ADPycdszcj5boZijKyt42U2Lrh4esOIyeHaz9nf7cgCOzoqPisagh9jYdtPyd7q31RhXdGgUUfsL7Xmui3pgV_MhcL4fGWAtCl8o
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34621
last-modified: Thu, 22 Sep 2022 16:19:51 GMT
server: UploadServer
etag: "395f1d51ae9e6c756a05a0ccf843c744"
x-goog-hash: crc32c=yu2Mig==, md5=OV8dUa6ebHVqBaDM+EPHRA==
x-goog-generation: 1663863591209163
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 34621
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 22 Sep 2023 16:19:58 GMT

GET
H3 200 ads_bdd8f022ca0f38884fc9419202873919.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 360 KB
67 KB 134ms
57ms Script
text/javascript 34.98.72.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ads_bdd8f022ca0f38884fc9419202873919.br.js
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main_aa957ce8751576e86fed4735719284d6.br.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e49d8ab2920de58c7afc655e8830ba3ae2c838d17455a932e0beb85a8b3e7aa1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:19:57 GMT
content-encoding: br
age: 109655
x-guploader-uploadid: ADPycdvXVEwdrG4msof-EhV3damzDFr4K1z4O9RhZBcPr70cjlYzWdW_H3DVUzLryLgt6JGiKcs5s8_5PMG9NwCYnk6cTQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68527
last-modified: Thu, 22 Sep 2022 16:19:37 GMT
server: UploadServer
etag: "62bbcc48b21e5b45dd65f806e2328303"
x-goog-hash: crc32c=38yyEg==, md5=YrvMSLIeW0XdZfgG4jKDAw==
x-goog-generation: 1663863577673961
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 68527
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 22 Sep 2023 16:19:57 GMT

POST
H3 200 v2nngQPPtx3v9xQS4jjuxxborEP-2rowhFf8Vv4Nz9gTRFEpk3K-FSzq66g45q5slgllULCak Show response
scissorsstatement.com/ 3 B
27 B 228ms
144ms Fetch
application/json 2600:1901:0:2de6::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://scissorsstatement.com/v2nngQPPtx3v9xQS4jjuxxborEP-2rowhFf8Vv4Nz9gTRFEpk3K-FSzq66g45q5slgllULCak

Requested by

Host: flowerstreatment.com
URL: https://flowerstreatment.com/v2lqwcGNtbZcnoCw0vMa0Addz7MRoJ7ADWPuZlhvzzozF1IDD97kKhDk

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:2de6::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.newsobserver.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
via: 1.1 google
x-buildnumber: 632800667
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
x-datacenter: gce-europe-west1
date: Fri, 23 Sep 2022 22:47:32 GMT
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
access-control-allow-credentials: true
x-hostname: fen-hoothoot-europe-west1-spot-7ghk
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie

GET
H2 200 t Show response
jadserve.postrelease.com/ 3 KB
2 KB 205ms
69ms Script
text/javascript 52.16.246.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Flocal%2Farticle265792376.html&prx_referrer=https%3A%2F%2Fapple.news%2F&ntv_mvi
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.246.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-246-173.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 47d9f47bcedb1c5a60803bd495742d8f6e53e10b5706c9b99f10a93b4350364a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 22:47:32 GMT
content-encoding: gzip
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/javascript;charset=UTF-8
content-length: 1209
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 t Show response
jadserve.postrelease.com/ 3 KB
2 KB 202ms
67ms Script
text/javascript 52.16.246.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.newsobserver.com%2Fnews%2Flocal%2Farticle265792376.html&ntv_0=8&ntv_1=4&ntv_2=0&ntv_3=6&ntv_4=6&ntv_5=9&ntv_6=,&ntv_7=7&ntv_8=7&ntv_9=5&ntv_10=5&ntv_11=6&ntv_12=3&ntv_13=,&ntv_14=8&ntv_15=4&ntv_16=4&ntv_17=3&ntv_18=5&ntv_19=2&ntv_utf8Encode=function(){return%20unescape(encodeURIComponent(this))}&ntv_utf8Decode=function(){try{return%20decodeURIComponent(escape(this))}catch(e){return%20this}}&prx_referrer=https%3A%2F%2Fapple.news%2F&ntv_mvi
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.246.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-246-173.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 8847aabe958ca23f448958158135447e6f48578a32dc661a17768d115445af81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 22:47:32 GMT
content-encoding: gzip
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/javascript;charset=UTF-8
content-length: 1207
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame F980 2 KB
465 B 47ms
47ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;600&display=swap

Requested by

Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20220922_139f71f2dd9fc488416e0045a9aa1d66f91af207/trinity-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5a86202154ecfb9982c0120080d31c74c687082897186120bd4e3a2caabb42d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trinitymedia.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 23 Sep 2022 22:23:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 23 Sep 2022 22:47:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 23 Sep 2022 22:47:32 GMT

POST
H2 200 collect
depart.trinitymedia.ai/api/ Frame F980 0
0 536ms
43ms Fetch 3.120.48.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://depart.trinitymedia.ai/api/collect?t=audio
Requested by: Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20220922_139f71f2dd9fc488416e0045a9aa1d66f91af207/trinity-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.48.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-48-214.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://trinitymedia.ai/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 23 Sep 2022 22:47:33 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization
content-length: 0
access-control-allow-methods: GET, POST, OPTIONS

POST
H2 200 collect
depart.trinitymedia.ai/api/ Frame F980 0
0 505ms
45ms Fetch 3.120.48.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://depart.trinitymedia.ai/api/collect?t=audio
Requested by: Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20220922_139f71f2dd9fc488416e0045a9aa1d66f91af207/trinity-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.48.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-48-214.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://trinitymedia.ai/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 23 Sep 2022 22:47:33 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization
content-length: 0
access-control-allow-methods: GET, POST, OPTIONS

GET
H3 200 QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v18/ Frame F980 47 KB
47 KB 38ms
38ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://trinitymedia.ai
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 19:48:08 GMT
x-content-type-options: nosniff
age: 269964
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47728
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 17:55:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Sep 2023 19:48:08 GMT

GET
H3 200 QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v18/ Frame F980 47 KB
47 KB 44ms
44ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://trinitymedia.ai
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 19:48:08 GMT
x-content-type-options: nosniff
age: 269964
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47728
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 17:55:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Sep 2023 19:48:08 GMT

GET
H3 200 local_storage_frame16.min.html Show response
assets.bounceexchange.com/assets/bounce/ Frame 0B44 2 KB
1 KB 38ms
38ms Document
text/html 34.98.72.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/bounce/local_storage_frame16.min.html
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main_aa957ce8751576e86fed4735719284d6.br.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f2f11e4d45030f1f21ec7d3ae67a65b83c4c67016fe861fbebdff04ca0c8cd60

Request headers

Referer: https://www.newsobserver.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: etag Content-Type
age: 982473
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=31536000
content-encoding: gzip
content-length: 1055
content-type: text/html; charset=UTF-8
date: Mon, 12 Sep 2022 13:53:00 GMT
etag: "aa3343e6752b7282e88438f2444445c1"
expires: Tue, 12 Sep 2023 13:53:00 GMT
last-modified: Thu, 08 Sep 2022 13:55:24 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1662645323890419
x-goog-hash: crc32c=0/6+eQ== md5=qjND5nUrcoLohDjyRERFwQ==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 1055
x-guploader-uploadid: ADPycduubUD4jZObTF4rGgUbJ38J5kfLScd4UMaSCCxA-5HjJcsRtGNa8Qx77QFii1S-i4bWtGlOonoxhWEm9pEMNmqze2G2h2eP

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 57ms
56ms Image
image/gif 52.16.246.173
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=7041918&ntv_pl=775563&prx_referrer=https%3A%2F%2Fapple.news%2F
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/local/article265792376.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.246.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-246-173.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 22:47:32 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 55ms
54ms Image
image/gif 52.16.246.173
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=025c43e3-bc0e-4fac-babc-a6682e74228b&ntv_fl=jB7-JLd54ljicUGE7J2wSiadWbaCl6wc-hE5ESCCrk4cT_xa5PFgef8i81PMgPuL_H39vKVrKXvukS6rXfpIC6odijXTN0toa38AESPCZfCXnXVWJS4hjDyZ1cpnBZvnE4Kld0ZXh90lBOJOV0ypP8kgAqSpgNP31fBQxYCeE0WcXDnOQRwd7XUpUxCp8Chn&ntv_ht=hDcuYwA&ntv_at=303,302&ntv_a=AAAAAAAAAA-8EQA&ord=1663973252639&prx_referrer=https%3A%2F%2Fapple.news%2F&ntv_it
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/local/article265792376.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.246.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-246-173.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 22:47:32 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 56ms
56ms Image
image/gif 52.16.246.173
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=025c43e3-bc0e-4fac-babc-a6682e74228b&ntv_fl=jB7-JLd54ljicUGE7J2wSiadWbaCl6wc-hE5ESCCrk4cT_xa5PFgef8i81PMgPuL_H39vKVrKXvukS6rXfpIC6odijXTN0toa38AESPCZfCXnXVWJS4hjDyZ1cpnBZvnE4Kld0ZXh90lBOJOV0ypP8kgAqSpgNP31fBQxYCeE0WcXDnOQRwd7XUpUxCp8Chn&ntv_ht=hDcuYwA&ntv_at=808&ntv_a=AAAAAAAAAAi9ULA&ntv_sat=15&ord=1663973252642&prx_referrer=https%3A%2F%2Fapple.news%2F&ntv_it
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/local/article265792376.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.246.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-246-173.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 22:47:32 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 gdprConsent
jadserve.postrelease.com/ 43 B
426 B 56ms
55ms Image
image/gif 52.16.246.173
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/gdprConsent?ntv_pl=775563&ntv_gdpr_consent=&prx_referrer=https%3A%2F%2Fapple.news%2F&ntv_it
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/local/article265792376.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.246.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-246-173.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 22:47:32 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 61ms
60ms Image
image/gif 52.16.246.173
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=ac8c3f55-5ae4-4e3f-90b1-2a04624d979b&ntv_fl=jB7-JLd54ljicUGE7J2wSiadWbaCl6wc-hE5ESCCrk4cT_xa5PFgef8i81PMgPuL_H39vKVrKXvukS6rXfpIC6odijXTN0toa38AESPCZfCXnXVWJS4hjDyZ1cpnBZvnE4Kld0ZXh90lBOJOV0ypP8kgAqSpgNP31fBQxYCeE0WcXDnOQRwd7XUpUxCp8Chn&ntv_ht=hDcuYwA&ntv_at=303&ntv_a=AAAAAAAAAA-8EQA&ord=1663973252646&prx_referrer=https%3A%2F%2Fapple.news%2F&ntv_it
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/local/article265792376.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.246.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-246-173.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 22:47:32 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 57ms
55ms Image
image/gif 52.16.246.173
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=ac8c3f55-5ae4-4e3f-90b1-2a04624d979b&ntv_fl=jB7-JLd54ljicUGE7J2wSiadWbaCl6wc-hE5ESCCrk4cT_xa5PFgef8i81PMgPuL_H39vKVrKXvukS6rXfpIC6odijXTN0toa38AESPCZfCXnXVWJS4hjDyZ1cpnBZvnE4Kld0ZXh90lBOJOV0ypP8kgAqSpgNP31fBQxYCeE0WcXDnOQRwd7XUpUxCp8Chn&ntv_ht=hDcuYwA&ntv_at=808&ntv_a=AAAAAAAAAAi9ULA&ntv_sat=15&ord=1663973252646&prx_referrer=https%3A%2F%2Fapple.news%2F&ntv_it
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/local/article265792376.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.246.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-246-173.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 22:47:32 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 c Show response
ids.cdnwidget.com/ 31 B
204 B 238ms
155ms XHR
application/json 34.107.191.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ids.cdnwidget.com/c?cookieID=&deviceID=&iv=&v=&GCH1=&SCH1=&GCS1=125229225&GCS2=ODg5NDI4MDgtN2U4Yi00MGY1LWJhOGQtYTY1YzgyMTM3ZjllLmxvY2Fs&pe=false&wsid=3581&varID=0opv6&varData=undefined&log=%7B%22config%22%3A%7B%22gmEN%22%3Atrue%2C%22pixEN%22%3Atrue%7D%2C%22apikey%22%3A%222%5EHIykD%22%2C%22cjsversion%22%3A%221.5.9%22%2C%22wsid%22%3A3581%2C%22loadID%22%3A%22PmhjafwI4UnrBiq%22%2C%22timing%22%3A%7B%22sessionStorageLoad%22%3A11%2C%22IDStageStart%22%3A11%2C%22netComplete%22%3A145%2C%22obsReqview%22%3A883%2C%22obsReqpage%22%3A884%2C%22obsReqdata%22%3A912%2C%22IDStagePrefire%22%3A912%7D%2C%22matches%22%3A%7B%22cookie%22%3Afalse%2C%22LS%22%3Afalse%7D%2C%22info%22%3A%7B%22isSpoofed%22%3Afalse%2C%22PM%22%3Afalse%2C%22DNT%22%3Afalse%2C%22deviceTimezone%22%3A0%2C%22extensionID%22%3Anull%2C%22externalID%22%3Anull%2C%22agent%22%3A%7B%22device%22%3Anull%7D%2C%22firstLoad%22%3Atrue%7D%7D
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_93e18f8d92a3704ae302522cde927999.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.191.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.191.107.34.bc.googleusercontent.com
Software: /
Resource Hash: 6627c5ab36fa407f18fc9b6987e359eccef005ae6d35b370d2142b7daa770324

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: https://www.newsobserver.com
date: Fri, 23 Sep 2022 22:47:33 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

GET
H2 200 init1.js Show response
api.bounceexchange.com/bounce/ 36 B
342 B 158ms
73ms Script
text/html 34.111.8.32
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bounceexchange.com/bounce/init1.js?wklzs=1334&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgDZCBmATgHYSAmAVhIBZD9NgAvEKABkwHcBTAEY5UwfgH1UAEyglaADhYAnfjhAAbOGgwFCXLgA981fZhUx+SlUqgBDAA731-AHQJ+vHNlvr1qBADm4nBK6lAAFsDA9jgApCQAgrHUAGLJKbyZbh5qwpYAbpYuSCAAtunununqIEg+6bZKaEjO1IS0FGTUJBSELpGl6pj5qCLA4iUgANao-FCxFABCydTq9ivxSdTUkdFxdInJtKlHqZm82Z4geUqFSsVlpymV+8cpNXXqT43Nre2d3V6-WAgw21AAwislBtDtsHE5XC8NhQACLYEDTWbzJYrfIwpI47Y4OCCUqiMRScSlEBKBD+AL4mA+HD8ZKQokkslRfiUkpKDC2EZKOD7aibJnqFlslb8O7iGoBAI8yQIRnM1kQlb2WzScTE4RIJSoQSWNWSjXs1YgRXK-ySKT8BBoGCzKRmqWa7YIOClPUk8TapXiEY5fFcaXbexG-K2JAATwmGJmqnEsaQ-HsFPdrNREeoUgCKVQShwwAAMiBbG7tptgMKc2iYyWANqBiTAOP2fgAXTsTVQLX4w0aOGbIwdIGDo2Nzl7EpZw5bPwHznECFspR7UAACrZSzTklwcF2nYf5Ie4-wR4f-Ieo6MMIeYAeTLZD4bUJvD+ENVwpNJVTgEx8DIYB3zKLkXEPAA5dkuBdddfDjQ8qy5fYuDJUtbCmVxF1HZdBwmWwxACGk417CtPjw5sWRQdAECIkiyN7F5qP1LkKSpGk6UCOd1TYzlyWVPkBSFEU+PNaiFSVSl-Akhcm1HWVLHla0ZJVeSh0U1sdUpfUcA-E0lE06jSOtVd7BAew4HsKcREEWdYH47SpBgWylAc2opgk9RBFjKZqII1ccLjXgaSkHBew-L9PS4WCI3g9V33CRolX2OClFjVB6hMKMQBdPxAgSxZ1H86iRRUlkAk3J1IvmWhlloRsR2bPykCmAr1HEB0nBAOMauAXtqLqJpgx8OAtx4bTpNtBjpEdZ1XRM7SYBUCQgq3ectJapBwn5TdxEEflPEsXs6wm6jvV9fUA1sIMQ08Xsppa+8Y3jRNMRTNMMwpZaWv0wyJDbP6WzbCYUsCZUaXEcwVBwH8pGWh0YGbGbZLmh0nVQF0eSR-gUauv1BFu+7Zke7hhmR1to1jBNJmTHBUyQdNM1xpzJPp2ZxFASdSqUJV2YXQR7Ap-hoigZsACINslgAaSW6iYpQ4zlhWf3akAtFVgIfGcZXVfCMp+FVvKpDgFBVZZRpdsl7tMEzPANvRUonGy5AJBgUqAigYYUqgIA
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main_aa957ce8751576e86fed4735719284d6.br.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: fe3fcb884394be745dbd11141b6d780028a4d86106b6292d7502db096f582218

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 22:47:33 GMT
via: 1.1 google
x-envoy-upstream-service-time: 19
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2 204 cjs-logger
e.cdnwidget.com/ 0
100 B 238ms
150ms Image
image/png 34.102.193.48
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.cdnwidget.com/cjs-logger?source=ID%20generation%20error&severity=Warning&error=Country%2520not%2520allowed&cookieID=&deviceID=&BXWID=3581&warpspeed=2%5EHIykD&loadID=PmhjafwI4UnrBiq&version=1.5.9
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/news/local/article265792376.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.193.48 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 48.193.102.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 22:47:33 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/png

Verdicts & Comments Add Verdict or Comment

220 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.newsobserver.com/	1970-01-20 06:56:05	Name: sessionz Value: maa%3a646293847893946377
www.newsobserver.com/	1970-01-20 06:22:58	Name: AWSALB Value: LmeSb6ymuhElWG4nS/gxpest2siMqRqPi3c3uptxJZ8BSsp4Lz7Y3Sbzd6eD5zmqEye/2Pzn+FgQN7lARgBWSt83KGq/3v58+yw2+YnJWKQjEzm+67UNp3ueDIWE
www.newsobserver.com/	1970-01-20 06:22:58	Name: AWSALBCORS Value: LmeSb6ymuhElWG4nS/gxpest2siMqRqPi3c3uptxJZ8BSsp4Lz7Y3Sbzd6eD5zmqEye/2Pzn+FgQN7lARgBWSt83KGq/3v58+yw2+YnJWKQjEzm+67UNp3ueDIWE
.demdex.net/	1970-01-20 10:32:05	Name: demdex Value: 45336054618440511212270410555952944623
.everesttech.net/	1970-01-20 14:58:29	Name: everest_g_v2 Value: g_surferid~Yy43gwAAAIksUANx
.doubleclick.net/	1970-01-20 15:34:29	Name: IDE Value: AHWqTUle8KTPHAJfRiKwG4DkFw4SdD-AyzpQGT8fSRMiq1ZK3_S15t4Y7sPmgFPQx1M
.dpm.demdex.net/	1970-01-20 10:32:05	Name: dpm Value: 45336054618440511212270410555952944623
.newsobserver.com/	1970-01-20 15:48:53	Name: adcloud Value: {%22_les_v%22:%22y%2Cnewsobserver.com%2C1663975052%22}
trinitymedia.ai/	1970-01-20 06:22:58	Name: AWSALBCORS Value: mBYscKI5Iplve6cd+pyuFbJwOrQ8ZHpTRmVvk+97BuRWAJAfzCuCWm/IRHNsTpJ0B+prsSJMidV/mMDQdvXfBGMTeDec/duWzWGNT/xNFwaCNWNcRnjvQGkUOeJI
.trinitymedia.ai/	1970-01-20 14:58:29	Name: AUID Value: 185ea88e-2a71-45d8-8190-2456bdf23e33
.newsobserver.com/	1970-01-20 06:13:00	Name: ak_bmsc Value: 1162B61BC58F2485D012640D7514E151~000000000000000000000000000000~YAAQVVtgaJC3X2yDAQAAd9yIbBGj72sDQgtNGqd1AmG4M7lSrFJipNZ8SmWaf+pJpHUCdYMP2XVy0BhoL1epAGw3ALx/So+S1aR6Fu0l7zo3POHgU9QMPYtrk8VYEXy5ReVyzj555cHmYGv5Re61pBh0/x1EYYNrd5uKmHOEHLxelA4VgaIADZMK/wbrDJGf6qLp8fjKl56JUw3y8mD487Zd5ENPtxdGV8kMZlkJIkaJ6p79Kuw0Pposj08edu+g9n6puX9AyhAV/F0NbV7gT5hJqSASChK4jAtORhLKQpaJdhdAXCDP333jfURH+TlK/MgUyqz1POZqCPfwC9oXS/DSrppdpQvx4TErNmbdPzLFoRbt4zWhRFFL6Q0348sq7OCoBYDCaVmpmGZkNQhP5jSCO7QJ5bvC2aaErAf3YZ+vQl4gig1t+WbQ323NmsHS/lBxSgY4b4162s4uVZWUXwy5p9aa93Hs35MGqh7d7NrU6QNutXdZl4SjME2Gtz0=
.newsobserver.com/	1970-01-20 15:48:53	Name: _sp_id.1b7f Value: 67f39809614fb6ec.1663973252.1.1663973252.1663973252
.newsobserver.com/	1970-01-20 06:12:55	Name: _sp_ses.1b7f Value: *
.postrelease.com/	1970-01-20 14:58:29	Name: opt_out Value: 1

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 Message: Failed to load resource: the server responded with a status of 503 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adobedc.demdex.net
api.bounceexchange.com
apple.news
assets.bounceexchange.com
ats.rlcdn.com
capi.connatix.com
cd.connatix.com
cdn.parsely.com
cds.connatix.com
cm.everesttech.net
cm.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
connect.facebook.net
d15kdpgjg3unno.cloudfront.net
data.cdnbasket.net
depart.trinitymedia.ai
dpm.demdex.net
dyv1bugovvq1g.cloudfront.net
e.cdnwidget.com
edge.adobedc.net
flowerstreatment.com
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
geolocation.onetrust.com
ids.cdnwidget.com
imasdk.googleapis.com
jadserve.postrelease.com
js.matheranalytics.com
lasteventf-tm.everesttech.net
mcclatchy-newsobserver.cdn.zephr.com
mcclatchy-newsobserver.zeustechnology.com
p1.parsely.com
page.cdnbasket.net
s.ntv.io
sb.scorecardresearch.com
scissorsstatement.com
sqs.us-east-1.amazonaws.com
static.adsafeprotected.com
static.scroll.com
sync-tm.everesttech.net
tag.wknd.ai
trinitymedia.ai
vd.trinitymedia.ai
view.cdnbasket.net
www.apple.com
www.everestjs.net
www.google.com
www.gstatic.com
www.heraldsun.com
www.i.matheranalytics.com
www.newsobserver.com
104.96.161.200
107.178.250.234
13.32.110.81
13.32.99.122
13.32.99.23
13.36.218.177
142.251.39.66
143.204.215.40
15.188.95.229
151.101.130.137
151.101.65.194
151.101.66.49
184.51.9.197
199.232.198.217
205.185.216.42
2600:1901:0:2de6::1
2600:1901:0:7e2f::1
2600:9000:206f:1200:11:b309:9100:21
2600:9000:206f:c400:5:82fd:2500:21
2600:9000:223f:c800:8:48e:53c0:93a1
2606:4700:4400::6812:2962
2a00:1450:4001:829::200a
2a00:1450:4001:831::2003
2a00:1450:400d:806::200a
2a00:1450:400d:807::2003
2a00:1450:400d:80a::2004
2a02:26f0:3500:584::1aca
2a02:26f0:f700:290::3277
2a03:2880:f02d:12:face:b00c:0:3
3.120.48.214
3.213.88.240
3.236.169.39
34.102.180.93
34.102.193.48
34.107.191.194
34.111.8.32
34.120.133.69
34.120.253.250
34.248.32.199
34.98.72.95
35.186.239.245
52.16.246.173
52.222.236.104
52.30.247.235
54.175.195.64
63.34.81.234
65.9.61.60
96.16.147.243
03895dd098d8b8ea70cb4eeee4cb64e4deb6ad1b86e28a91ea37fe37f4c1c2b7
051bc401da542c03c1addebfe9b686e83a9c04f56250e41bf28dce0fd6b6edd1
05b2ab589acf28f07d1464cc232e583af8da87f19882a3e9f170d4404b5c0e5b
0705237fcc2d88e9517df8381c0c06f8ac153e414150661b32192ba17ef4812c
0a3207ed6ac144bb58e9ea8a9a44d3e121e1ffb5444e72256017e2d5e7266873
0b8bc94e4167975932513bde76695ff6e4f001bf1dab8a4880f884192af8797f
0d6aa0d1df9cfdddb4ba1c2e84627fbae84624b959ac448e02057a26df5c89ad
13bdd60367cdfb1dabfa95acdca27b9317b84704608f95a83a4635d94c429eb0
1cd2500f652e5f7611dc8735b1455d572a7aa1ccede57d8e375ff88023cf9ccd
246cf13f66e7dd32630ae9bcca1441ae23c839570a33864a52ed9cdebaa5ce49
24ace0f221ba7849b0052ff1d3a77be24abfbe65f3ab532b852c295758ee872f
25475d82cc976fb2c71b15b3e416c22bf636dd247bbb268d312e7c076ec5b6e4
259d08d606ef0556bb9d8f4d7a8363b29d3f3d2196bab48d9fa6141ea378d3d9
2969aa16b763893fa2f600de842a23475f8c0f1d58ebbed3c4f7f1a63edbc0b5
2a4c7c267e13cb415e00efd4f2c520b8ad1ffa6780b5b991f4d592aced593978
2be366cbbe6eafde9ce18172b6d97fc57dca71a3040bff1f3160f2e1ed557ffb
2c8e9c17c51ac13646a59b8c82f28ddbc7567ae6c99a102904383d8fb3408c13
2dd858caa2ce558214589f74f1a1e62051ef22eabe1665a905f5c099bfab0e00
2ff8dc4161b9a017745c29cdc9594fdff3e16b981f87664a6c3868bf4424ef3f
3081cd5942a29f59f16b662f9487cdb95dc4473722804097a0d697bd72fb1693
359ca6d9de759ae6cc10299b0952d454830da1b9f1109146dc4626685b898258
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
3b7d2b4c5417a697678081ed3b344955f0b25e694171178b0c01e029b4a18e8b
41daac81421329b7091d3ea33d91959ee08135224c28f3dcb523341fa2e90393
41dd3e48dbef1ddbc59957d4e99ef7662c1702dd8b55d0900b02150f87af354a
429dbf2802f79472c84f2a75fa7afffed7c4e7a0d8aa10478fcf817bf795c2ae
433ba35f0585ad9b09e08d422a99881fd47f621650587251e7f59555131d5ef9
4537bdc6968656bd84afaf5420475fedafc5195b99c5ef392ad21474a4827652
476bebd9e2c354e15fe184b3141be29368747d02a62d27c3f5207acaf0fd1ae0
47d9f47bcedb1c5a60803bd495742d8f6e53e10b5706c9b99f10a93b4350364a
4a4646bab393be045c6e9257e4a37437ae4df52e79e72e08ae987c969cd44765
4a545ca92f93cf77493a523b85f2155a1ac335202faec1faecc732790a015a11
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae
4dd9a0a89a6f744f971d703a692ba46ac458994d236cff82a8f79a0d1980d4d6
50a146ed6d98f99dcfdf3feb1d687194939a89106d9caf83145e511bed18ee29
5574532d69bb584af2c97a352490144fabcd7b2baa861ceb16d746a61669d97e
574874d061c15358052033125865555efb49d99654105b3a5bf3c72fb480db65
58931b7c398b1b35c94d3a2e83c8bd3accfb434c1b58dd1013f2edfd02cbff2e
5a6a1024807e3504d93d0fc26e07281450105e97e36169a178243b9856dad356
5a86202154ecfb9982c0120080d31c74c687082897186120bd4e3a2caabb42d9
5d95d28a28e3c00533de70feafbfc9559c7c323f217680a69aa639f6123873fc
60c67b61c036e739d02f7ede3743012003c6bf06788c9fba601b65983c0a0ab3
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7
650587719d00d216eff81b7a8feade391863ace124e282d62018b1df5fd75f92
6627c5ab36fa407f18fc9b6987e359eccef005ae6d35b370d2142b7daa770324
6744210f688494b27c48e2efd47f4bc07c2b3213dcb7cd9562243821f598e8f0
67d2d4a5546832ee5779868efd54f1f98ae40acc68d91a1340db67860e7feba1
6d5188d2b3f0193d1567da184d6560bafb019d979f10442317036986909abdba
6e2fcd81eb0776e0c05a01822b2a5aa2c3f2177018643ff1f77e0733aa36480b
764df958623e81ae49b597536c4f788d01b6d7d5b6fa5933868a4fd691e379df
766ffb6b4aa381947d1e9f729c4f749c20055b396a5d59610bf9b9a08c615680
76f6a676250edeec130b5fb1470e9094934d1c93db7cb09c3065dba53990f88b
78f1a8f3787f77f7ab4fcbb12c87f5cd412556c04991cdadaacddcd9b5a3e68a
798b67bb2ea3243fac61fc7df7e5585a5adc40887e278bdf62598ca5d7629903
7d67f38229c8dac8429af4c162d42073e4abd4337a86ec54a18d3ad7e010b2a8
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
81a2f536fd0fdf04b60dacd57c3d12a7c5a881d369f66d50157e5fca9b12a2e3
8291cb64968b31193ea17b222eb4fa479469169b8bfbf549e732d0b9e05f49f7
830cac2a8908afc16e114cd8393040e1cf11977a968af0c0dd052d592868ea16
8622e952a1692b913a7b4205563a0090479a008472611cb1000bf67272bb490b
8847aabe958ca23f448958158135447e6f48578a32dc661a17768d115445af81
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
8ad74b30972057e9efc8dd2c5d013ed97938050ceab38f1209780d584bcd6fb3
8b4bf46a7ee17fa868ac3a6ed47a74783271577c926748bcdbe6327921fca200
8ca8411cecd01b97b8475a045b40a053f69226e4abc4359613f6985801a24da0
8dc09a3a94b83a88c6010dbb5dee0fd14feceda2f8a8cf1642bd11aba151f990
93ef77e02fd437e966b31913ffd474d27dd040ab300cc91919f54c83d85b34ed
949b0b9bf6768359f6f85d4b5c112de352e47a7f476f0f47c1574a1e26f3f8e7
94fd366fd589e5a99b9a07fbf1e4f71f56cfc0e687a9af3cf96f2034be1a89de
962633a9b2b7df607d091396cbe096cef615f8bd36ea627151254a5743c4e0c7
970e676c52b275a819ab9170ec4427370cc6c7033aa2e6b0b9cb71b977b72542
97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73
9da2db0677b38166684e97c1883902f80cc695c426b880e98e2096bd72f34e11
9e877167f6f54a122bd114c9429ffdcac4704c20443c9a0aca0fa4b90a86aca9
a0107a6693b6ccde2883d4ad8f80a8a19a8278c5deb30f75f7dcd10292258e60
a027fcaf113da886af6e2d47ff998187a62a89a76ef0b44ddc14b33236db6e9a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0a9ce1553fa74dad4d8cf55b7df7d012a3acdec01cd39d682fce0e5b52e99f2
a139411d4d3916bcbaa5f58551f58343a740d4434dce5722b7f45b3c38f8ff31
a67784d24d5a1cc8d95d7038b3405623fbd809823bf509b368b8fff4b7cff361
a8a4fbaedc1e8bd1900ffa0bfb545581dddeea8e5153f33f17c5104e7da506e3
aa3345ec043f528c91a23a7dd57d53162321028618998eacc882214fada763d5
abb45ae4b3a896ae99132c1786a9676218c119ea552d3fbb5ab6d40d9e05e43c
abe1b56150adaf5a63a856eeb4f9e83fd5ab7f036d2a6bd608ae41f407bc3909
ac53400c04ca28a29467c3b6cf8f0be2f9d4333a518574fba32cc239195117db
ae37cfc83ca4a628dddc0f42532c80fb7313eb84381d40b6379634d3c416a94b
b29623f7b2ecfc69dc402ccfc1a0c73e1889ffdd4c13840a723fcc02bf550136
b30cf05c73b1002b847793a8bff40a1e3c6f1d0bccb9300b9707a71729ef9da4
b4e8ce318f935b3a426d31961c37589ee76626ff62b65e6be06764a3ca6862ed
b71f7e94b4a50521160f7f2bc15b11b13713b10b917594bff5d3ad1f32fd89eb
b8719dc738709e53b4ea7ef71a324cd8512d5e9bc2eeafb0b71ea41ae9e35a94
bccdaeff95efbd6865f096373aed67124dbb2546b36310525ecc973f87590907
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
becd124e0894570d928778df3677413aa7c44cb86e63e4592ccb117d3f2a5b21
c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac
c3d6b7f5fa1571ddb84301131280475cfa149e7c91e7c133f50c3845799bddb9
c4ccc2fec1635866e832caed37784a724460917c2e147e66368ad162575fa9d7
c5da5b819a648f050990e8263079f394127cdc137148128afdbc7978753644cd
c7a72176dc0acd18ad5fdb66f6eac24b0e08775139ec956a3af0d17cfa41afc5
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ce4f517240bd5934346fb0891d1eda77fb7c4f6f3ca14524023f07c595c0c037
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfebed284b96af00c82472111ad9c994c0b9a2a905596a5ffd691cc7ac19cd8f
cff6056084b7aaafc0fb38f90298fb4d5fbc4790061e158f8300d9b995eff518
d2535815833746fe6683a50cac72e5025b099db7b21e6a5b3896e01973c91050
d373cdc98dd21157916f450a67b90653c4a5333eca71a4c0c2cba47c642ded25
d52f67fe232e73a8cb967fa7876bc7e837f24670b70e06ef408afbb33e15b48e
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d7685d961a175a9df933dc1ecc9bb703db5496c5c442961232c2c204b126fcb3
d802ce053a4f5c9d6459f819c842094a1dd40c7741b9e89499adcf7b5bfe55b6
d89fcffc0f013b852144e04aa7a737bb546d07b34e548d8a4921ab04df726082
dee7e43b051bd156b70a40ac0e5c532f372d0f2d71632b41e79ec1f517c3c112
e0f5a4e9926f5d109f7f458444e19cc597d3ee993cf7d447dc5acc173d51634f
e11f2191120d053c38a64fca3dc4b0e74877daf20e237238b6c4b0b411788658
e356e562d2fb8fd054e1fc66ae3ae4be09d008069c47beb2b0e9c1eb2e2705a9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49d8ab2920de58c7afc655e8830ba3ae2c838d17455a932e0beb85a8b3e7aa1
e56ff0fa78653cec32ba2c667b271ef6b879bcdd63e6662d22bc3f467f421d27
e5cd3c768d9ba5bb2e0b97853890d4aefc85c84898721b993374d62d989b9ced
e90e1c97d0b18a8e4f6bc41e09e7be70a8b1cbc6761fac9d4a4595ffd8145944
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef0b4cf4403a153b17a47cd3a16f02434188f6511cc524b13fbf7f4ff5f019c3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efe3fd5efc826195f921af10f830408f1752f7ee1a357da1ebd4e79ea313c853
f2f11e4d45030f1f21ec7d3ae67a65b83c4c67016fe861fbebdff04ca0c8cd60
f4ae576ccd01e5da81892ccc8381b9b75621f1c981769e4df4165f3058a47623
f5b318376c54a718bcb2422a99b9a38435b3021e0871d7a0c1c4ad6a9f017b3d
f739348085fcea8409d3f4405c68d59062bc180de802cc7b3fdbf6f3f0a9a4fb
f8350cfbedd31687bc8c87eac0969704c740bdd986e7c28c5de915092a780830
f91a7a5baacde1a440359f91663eede5cff90eb02b6dbfc76792d83e5779667b
f967dce6da34a6b1fb10b95b8fe8b9d5d328e53c01caa49055cb1a290311acde
fdf57c2d9d28c3696859df849dd089011b77dfff2bfdb86087441c5f64020d6c
fe3a5fd44202fabb1ed0bae0562a07c92fd9e8678d4ff4a2b5852b1b933175f2
fe3fcb884394be745dbd11141b6d780028a4d86106b6292d7502db096f582218

www.newsobserver.com Open in urlscan Pro 104.96.161.200 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

161 Requests

78 %HTTPS

29 %IPv6

36 Domains

52 Subdomains

47 IPs

5 Countries

7488 kBTransfer

17287 kBSize

14 Cookies

53 Outgoing links

Page URL History

Redirected requests

161 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.newsobserver.com Open in urlscan Pro
104.96.161.200 Public Scan

Screenshot
Live screenshot

Full Image

161
Requests

78 %
HTTPS

29 %
IPv6

36
Domains

52
Subdomains

47
IPs

5
Countries

7488 kB
Transfer

17287 kB
Size

14
Cookies

161 HTTP transactions
2 data transactions