www.thenewstribune.com Open in urlscan Pro
23.196.230.25 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.scr-srvldappz.delfrutto.pe/
Effective URL:
https://www.thenewstribune.com/
Submission: On May 02 via api (May 2nd 2024, 11:07:37 am UTC) from US — Scanned from DE

Summary HTTP 230 Redirects Links 31 Behaviour Indicators

Summary

This website contacted 62 IPs in 5 countries across 45 domains to perform 230 HTTP transactions. The main IP is 23.196.230.25, located in Düsseldorf, Germany and belongs to AKAMAI-AS, US. The main domain is www.thenewstribune.com. The Cisco Umbrella rank of the primary domain is 414365.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on January 30th 2024. Valid for: 7 months.

This is the only time www.thenewstribune.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	162.240.171.188 162.240.171.188	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1 1	166.108.36.245 166.108.36.245	6118 (MCCLATCHY...) (MCCLATCHY-CORP)
52	23.196.230.25 23.196.230.25	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	52.217.108.92 52.217.108.92	16509 (AMAZON-02) (AMAZON-02)
4	2a02:26f0:350... 2a02:26f0:3500:18::1724:a28d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2600:9000:266... 2600:9000:266e:4c00:3:b7e:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:1901:0:7... 2600:1901:0:7416::1	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
7	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
4	104.18.41.104 104.18.41.104	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.85.158.7 52.85.158.7	16509 (AMAZON-02) (AMAZON-02)
1	52.85.158.91 52.85.158.91	16509 (AMAZON-02) (AMAZON-02)
7	54.149.37.245 54.149.37.245	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20a... 2600:9000:20ab:de00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	44.228.37.53 44.228.37.53	16509 (AMAZON-02) (AMAZON-02)
13	151.101.130.132 151.101.130.132	54113 (FASTLY) (FASTLY)
2	2600:1901:0:d... 2600:1901:0:d733::1	15169 (GOOGLE) (GOOGLE)
2	108.138.7.125 108.138.7.125	16509 (AMAZON-02) (AMAZON-02)
1 2	107.178.250.234 107.178.250.234	15169 (GOOGLE) (GOOGLE)
2	54.224.102.229 54.224.102.229	14618 (AMAZON-AES) (AMAZON-AES)
2	34.117.77.79 34.117.77.79	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 3	2600:9000:266... 2600:9000:266e:a00:e:ec66:e40:93a1	16509 (AMAZON-02) (AMAZON-02)
5	3.121.4.172 3.121.4.172	16509 (AMAZON-02) (AMAZON-02)
1	54.170.62.78 54.170.62.78	16509 (AMAZON-02) (AMAZON-02)
1	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
3	2606:4700:440... 2606:4700:4400::ac40:965f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:223... 2600:9000:223c:d800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	13.32.27.39 13.32.27.39	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
2	172.217.16.195 172.217.16.195	15169 (GOOGLE) (GOOGLE)
2	178.249.97.23 178.249.97.23	11054 (LIVEPERSON) (LIVEPERSON)
1	142.250.184.228 142.250.184.228	15169 (GOOGLE) (GOOGLE)
3	15.197.142.117 15.197.142.117	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	172.64.144.166 172.64.144.166	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	178.249.97.99 178.249.97.99	11054 (LIVEPERSON) (LIVEPERSON)
6	34.120.154.120 34.120.154.120	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:223... 2600:9000:223e:c00:5:82fd:2500:21	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:249... 2600:9000:2490:d400:11:b309:9100:21	16509 (AMAZON-02) (AMAZON-02)
1	16.182.69.17 16.182.69.17	16509 (AMAZON-02) (AMAZON-02)
1	3.236.169.64 3.236.169.64	14618 (AMAZON-AES) (AMAZON-AES)
1	208.89.15.170 208.89.15.170	11054 (LIVEPERSON) (LIVEPERSON)
2	208.89.12.87 208.89.12.87	11054 (LIVEPERSON) (LIVEPERSON)
1	142.250.185.234 142.250.185.234	15169 (GOOGLE) (GOOGLE)
2	46.228.174.115 46.228.174.115	() ()
1	185.64.189.112 185.64.189.112	() ()
1	37.252.171.52 37.252.171.52	() ()
1	35.71.170.66 35.71.170.66	() ()
2	2602:803:c003... 2602:803:c003:200::21	() ()
1	178.250.1.8 178.250.1.8	() ()
1	18.157.230.4 18.157.230.4	() ()
1	104.18.36.155 104.18.36.155	() ()
1	35.186.253.211 35.186.253.211	() ()
1	34.120.133.55 34.120.133.55	() ()
1	95.101.149.233 95.101.149.233	() ()
1	76.223.111.18 76.223.111.18	() ()
1	172.64.149.180 172.64.149.180	() ()
1	23.35.236.201 23.35.236.201	() ()
1	34.98.64.218 34.98.64.218	() ()
1	35.71.131.137 35.71.131.137	() ()
230	62

1 162.240.171.188 (United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-240-171-188.unifiedlayer.com

www.scr-srvldappz.delfrutto.pe	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 166.108.36.245 (Sacramento, United States) 1 redirects

ASN6118 (MCCLATCHY-CORP, US)
PTR: vnet831.ejoco.com

thenewstribune.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

52 23.196.230.25 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-196-230-25.deploy.static.akamaitechnologies.com

www.thenewstribune.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.mcclatchy-wires.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.mcclatchy-partners.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.108.92 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

mcclatchy-next-apps-prod.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3500:18::1724:a28d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

api.dsp.mcclatchy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:266e:4c00:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:7416::1 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

flowerstreatment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.41.104 (None, )

ASN13335 (CLOUDFLARENET, US)

img.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.85.158.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-158-7.ath50.r.cloudfront.net

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.158.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-158-91.ath50.r.cloudfront.net

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.149.37.245 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-149-37-245.us-west-2.compute.amazonaws.com

api2.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20ab:de00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 44.228.37.53 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-228-37-53.us-west-2.compute.amazonaws.com

profile-api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 151.101.130.132 (San Francisco, United States)

ASN54113 (FASTLY, US)

api.lab.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:d733::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)

scissorsstatement.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.7.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-125.fra56.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.250.234 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com

js.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.224.102.229 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-224-102-229.compute-1.amazonaws.com

www.i.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.117.77.79 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.77.117.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:266e:a00:e:ec66:e40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cdn.keywee.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.121.4.172 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-4-172.eu-central-1.compute.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.170.62.78 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-62-78.eu-west-1.compute.amazonaws.com

secure-us.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)

edge.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::ac40:965f (United States)

ASN13335 (CLOUDFLARENET, US)

sdk.iad-05.braze.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:d800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.27.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-39.fra56.r.cloudfront.net

htlbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.97.23 (United States)

ASN11054 (LIVEPERSON, US)

lptag.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.197.142.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: a46b405d1b15c420e.awsglobalaccelerator.com

fp.qa.mcclatchy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.144.166 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.97.99 (United States)

ASN11054 (LIVEPERSON, US)
PTR: lo-accdn.lpsnmedia.net

accdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.120.154.120 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 120.154.120.34.bc.googleusercontent.com

lpcdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:c00:5:82fd:2500:21 (United States)

ASN16509 (AMAZON-02, US)

dyv1bugovvq1g.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2490:d400:11:b309:9100:21 (United States)

ASN16509 (AMAZON-02, US)

d15kdpgjg3unno.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 16.182.69.17 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

ams-pageview-public.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.236.169.64 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-236-169-64.compute-1.amazonaws.com

sqs.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.89.15.170 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va.idp.liveperson.net

va.idp.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 208.89.12.87 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va.v.liveperson.net

va.v.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.174.115 (None, )

ASN- ()

targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (None, )

ASN- ()

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.171.52 (None, )

ASN- ()

ib.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.170.66 (None, )

ASN- ()

direct.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2602:803:c003:200::21 (None, )

ASN- ()

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.8 (None, )

ASN- ()

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.157.230.4 (None, )

ASN- ()

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.36.155 (None, )

ASN- ()

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (None, )

ASN- ()

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (None, )

ASN- ()

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.149.233 (None, )

ASN- ()

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (None, )

ASN- ()

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.149.180 (None, )

ASN- ()

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.201 (None, )

ASN- ()

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (None, )

ASN- ()

mcclatchy-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (None, )

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	thenewstribune.com 1 redirects thenewstribune.com — Cisco Umbrella Rank: 383393 www.thenewstribune.com — Cisco Umbrella Rank: 414365	2 MB
28	amplitude.com api2.amplitude.com — Cisco Umbrella Rank: 1152 profile-api.amplitude.com — Cisco Umbrella Rank: 48324 api.lab.amplitude.com — Cisco Umbrella Rank: 3973	8 KB
8	lpsnmedia.net accdn.lpsnmedia.net — Cisco Umbrella Rank: 3782 lpcdn.lpsnmedia.net — Cisco Umbrella Rank: 4020	287 KB
7	gstatic.com fonts.gstatic.com	81 KB
7	mcclatchy.com api.dsp.mcclatchy.com — Cisco Umbrella Rank: 46622 fp.qa.mcclatchy.com — Cisco Umbrella Rank: 57790	54 KB
6	osano.com cmp.osano.com — Cisco Umbrella Rank: 5055	83 KB
5	liveperson.net lptag.liveperson.net — Cisco Umbrella Rank: 3903 va.idp.liveperson.net — Cisco Umbrella Rank: 9975 va.v.liveperson.net — Cisco Umbrella Rank: 4263	132 KB
5	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 2777	9 KB
4	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 89 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205	171 KB
4	matheranalytics.com 1 redirects js.matheranalytics.com — Cisco Umbrella Rank: 12240 www.i.matheranalytics.com — Cisco Umbrella Rank: 12052	44 KB
4	connatix.com img.connatix.com — Cisco Umbrella Rank: 4897 cd.connatix.com — Cisco Umbrella Rank: 3728 cds.connatix.com — Cisco Umbrella Rank: 3841	292 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	4 KB
3	rubiconproject.com fastlane.rubiconproject.com eus.rubiconproject.com	1 KB
3	braze.com sdk.iad-05.braze.com — Cisco Umbrella Rank: 2594	846 B
3	keywee.co 1 redirects cdn.keywee.co — Cisco Umbrella Rank: 23733	9 KB
3	amazonaws.com mcclatchy-next-apps-prod.s3.amazonaws.com — Cisco Umbrella Rank: 64156 ams-pageview-public.s3.amazonaws.com — Cisco Umbrella Rank: 9492 sqs.us-east-1.amazonaws.com — Cisco Umbrella Rank: 5816	2 KB
2	openx.net rtb.openx.net mcclatchy-d.openx.net	263 B
2	3lift.com tlx.3lift.com eb2.3lift.com	333 B
2	adsrvr.org direct.adsrvr.org match.adsrvr.org	555 B
2	pubmatic.com hbopenbid.pubmatic.com ads.pubmatic.com	118 B
2	unrulymedia.com targeting.unrulymedia.com	240 B
2	cloudfront.net dyv1bugovvq1g.cloudfront.net d15kdpgjg3unno.cloudfront.net	27 KB
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 1603	126 KB
2	google.de www.google.de — Cisco Umbrella Rank: 7810	126 B
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3095 www.google.com — Cisco Umbrella Rank: 2	322 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	21 KB
2	htlbid.com htlbid.com — Cisco Umbrella Rank: 8046	137 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	166 KB
2	ml314.com ml314.com — Cisco Umbrella Rank: 1937	34 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 191	3 KB
2	scissorsstatement.com scissorsstatement.com — Cisco Umbrella Rank: 60175	896 B
2	mcclatchy-wires.com www.mcclatchy-wires.com — Cisco Umbrella Rank: 96171	2 MB
1	indexww.com js-sec.indexww.com
1	rlcdn.com api.rlcdn.com	258 B
1	casalemedia.com htlb.casalemedia.com	551 B
1	criteo.com bidder.criteo.com	201 B
1	adnxs-simple.com ib.adnxs-simple.com	825 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1410	1 KB
1	quantserve.com edge.quantserve.com — Cisco Umbrella Rank: 19894	9 KB
1	imrworldwide.com secure-us.imrworldwide.com — Cisco Umbrella Rank: 2661	425 B
1	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 622	480 B
1	mcclatchy-partners.com www.mcclatchy-partners.com — Cisco Umbrella Rank: 197950	44 KB
1	flowerstreatment.com flowerstreatment.com — Cisco Umbrella Rank: 61309	25 KB
1	delfrutto.pe 1 redirects www.scr-srvldappz.delfrutto.pe	458 B
0	fullcontact.com Failed tags.fullcontact.com Failed
230	45

	Domain	Requested by
49	www.thenewstribune.com	www.thenewstribune.com cmp.osano.com
13	api.lab.amplitude.com	www.thenewstribune.com
8	profile-api.amplitude.com	www.thenewstribune.com
7	api2.amplitude.com	www.thenewstribune.com
7	fonts.gstatic.com	fonts.googleapis.com
6	lpcdn.lpsnmedia.net	cmp.osano.com
6	cmp.osano.com	www.thenewstribune.com cmp.osano.com
5	tags.srv.stackadapt.com	www.thenewstribune.com tags.srv.stackadapt.com
4	api.dsp.mcclatchy.com	www.thenewstribune.com
4	fonts.googleapis.com	www.thenewstribune.com cmp.osano.com
3	fp.qa.mcclatchy.com	www.thenewstribune.com fp.qa.mcclatchy.com
3	sdk.iad-05.braze.com	www.thenewstribune.com
3	cdn.keywee.co	1 redirects cdn.keywee.co
2	fastlane.rubiconproject.com	htlbid.com
2	targeting.unrulymedia.com	htlbid.com
2	va.v.liveperson.net	cmp.osano.com
2	accdn.lpsnmedia.net	cmp.osano.com
2	cdn.confiant-integrations.net	cmp.osano.com
2	securepubads.g.doubleclick.net	cmp.osano.com
2	lptag.liveperson.net	cmp.osano.com
2	www.google.de
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	htlbid.com	cmp.osano.com
2	www.googletagmanager.com	www.thenewstribune.com www.googletagmanager.com
2	ml314.com	www.thenewstribune.com ml314.com
2	www.i.matheranalytics.com	www.thenewstribune.com
2	js.matheranalytics.com	1 redirects www.thenewstribune.com
2	sb.scorecardresearch.com	www.thenewstribune.com
2	scissorsstatement.com	flowerstreatment.com
2	cds.connatix.com	cd.connatix.com cds.connatix.com
2	www.mcclatchy-wires.com	www.thenewstribune.com
1	match.adsrvr.org
1	mcclatchy-d.openx.net	cmp.osano.com
1	ads.pubmatic.com	cmp.osano.com
1	js-sec.indexww.com	cmp.osano.com
1	eb2.3lift.com	cmp.osano.com
1	eus.rubiconproject.com	cmp.osano.com
1	api.rlcdn.com	htlbid.com
1	rtb.openx.net	htlbid.com
1	htlb.casalemedia.com	htlbid.com
1	tlx.3lift.com	htlbid.com
1	bidder.criteo.com	htlbid.com
1	direct.adsrvr.org	htlbid.com
1	ib.adnxs-simple.com	htlbid.com
1	hbopenbid.pubmatic.com	htlbid.com
1	va.idp.liveperson.net	cmp.osano.com
1	sqs.us-east-1.amazonaws.com	d15kdpgjg3unno.cloudfront.net
1	ams-pageview-public.s3.amazonaws.com
1	d15kdpgjg3unno.cloudfront.net	cmp.osano.com
1	dyv1bugovvq1g.cloudfront.net	htlbid.com
1	www.google.com
1	region1.analytics.google.com	www.googletagmanager.com
1	rules.quantcount.com	edge.quantserve.com
1	edge.quantserve.com	www.thenewstribune.com
1	secure-us.imrworldwide.com
1	cd.connatix.com	www.thenewstribune.com
1	static.adsafeprotected.com	www.thenewstribune.com
1	www.mcclatchy-partners.com	www.thenewstribune.com
1	img.connatix.com	www.thenewstribune.com
1	flowerstreatment.com	cmp.osano.com
1	mcclatchy-next-apps-prod.s3.amazonaws.com	www.thenewstribune.com
1	thenewstribune.com	1 redirects
1	www.scr-srvldappz.delfrutto.pe	1 redirects
0	tags.fullcontact.com Failed	www.thenewstribune.com
230	65

This site contains links to these domains. Also see Links.

Domain
subscribe.thenewstribune.com
liveedition.thenewstribune.com
www.legacy.com
myaccount.thenewstribune.com
thenewstribune.newspapers.com
go.mcclatchy.com
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
www.bestofpiercecounty.com
tribnet.obituaries.com
placeclassifieds.mcclatchy.com
classifieds.mcclatchy.com
placecelebration.mcclatchy.com
jobs.thenewstribune.com
business.mcclatchy.com
hiring.mcclatchy.com
www.winwithmcclatchy.com
mycheckout.thenewstribune.com
thenewstribune.com
www.tiktok.com
www.mcclatchy.com
my.datasubject.com
account.thenewstribune.com

Subject Issuer	Validity	Valid
www.mcclatchydc.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-30` - `2024-09-03`	7 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-03`	9 months	crt.sh
orchestration.mcclatchy.com R3	`2024-04-10` - `2024-07-09`	3 months	crt.sh
*.osano.com Amazon RSA 2048 M03	`2023-10-18` - `2024-11-15`	a year	crt.sh
flowerstreatment.com R3	`2024-04-19` - `2024-07-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
img.connatix.com GTS CA 1P5	`2024-04-04` - `2024-07-03`	3 months	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2024-01-31` - `2025-03-02`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2024-04-25` - `2025-05-24`	a year	crt.sh
connatix.com GTS CA 1P5	`2024-04-29` - `2024-07-28`	3 months	crt.sh
*.lab.amplitude.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-11-29` - `2024-12-30`	a year	crt.sh
scissorsstatement.com R3	`2024-04-14` - `2024-07-13`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh
www.i.matheranalytics.com Amazon RSA 2048 M03	`2023-11-15` - `2024-12-14`	a year	crt.sh
event-horizon.gcp.bomm.in GTS CA 1D4	`2024-04-26` - `2024-07-25`	3 months	crt.sh
*.srv.stackadapt.com Amazon RSA 2048 M02	`2023-09-09` - `2024-10-07`	a year	crt.sh
*.imrworldwide.com GlobalSign RSA OV SSL CA 2018	`2024-01-02` - `2025-02-02`	a year	crt.sh
quantserve.com R3	`2024-04-25` - `2024-07-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
sdk.iad-05.braze.com E1	`2024-04-19` - `2024-07-18`	3 months	crt.sh
*.anyword.com Amazon RSA 2048 M01	`2023-06-05` - `2024-07-03`	a year	crt.sh
htlbid.com Amazon RSA 2048 M01	`2023-09-21` - `2024-10-18`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.google.de GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2023-11-28` - `2024-11-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
fp.qa.mcclatchy.com Amazon RSA 2048 M03	`2024-04-02` - `2025-05-01`	a year	crt.sh
confiant-integrations.net GTS CA 1P5	`2024-03-16` - `2024-06-14`	3 months	crt.sh
*.lpsnmedia.net Sectigo RSA Organization Validation Secure Server CA	`2023-11-15` - `2024-11-14`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
queue.amazonaws.com Amazon RSA 2048 M01	`2024-01-18` - `2024-12-28`	a year	crt.sh
*.idp.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2024-02-26` - `2025-02-25`	a year	crt.sh
*.v.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2023-10-31` - `2024-10-30`	a year	crt.sh
*.targeting.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-10` - `2024-05-10`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.adnxs-simple.com GeoTrust ECC CA 2018	`2024-02-29` - `2025-03-31`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-03-04` - `2025-04-03`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-04-15` - `2024-07-10`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2024-03-13` - `2025-04-11`	a year	crt.sh
casalemedia.com E1	`2024-04-19` - `2024-07-18`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-06` - `2025-03-05`	a year	crt.sh
indexww.com Cloudflare Inc ECC CA-3	`2023-09-05` - `2024-09-03`	a year	crt.sh

This page contains 20 frames:

Primary Page: https://www.thenewstribune.com/
Frame ID: 86B326981B8773EEE70ADB6C66912FCD
Requests: 170 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: 6EA48445E5236D9FBB0FF57699AFB337
Requests: 1 HTTP requests in this frame

Frame: https://cd.connatix.com/connatix.player.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
Frame ID: F1E6B3C34D851F2E1A0143A5F1696316
Requests: 3 HTTP requests in this frame

Frame: blob://https://www.thenewstribune.com/35d9937e-a4cc-410a-aa40-764cc45de6a4
Frame ID: E135B5CFC6B4402A8FD4E2061EDB6391
Requests: 3 HTTP requests in this frame

Frame: blob://https://www.thenewstribune.com/28972e74-e5fb-4972-a4e9-b9566074d276
Frame ID: E84EEDC836045A5178AF309A1C0BE556
Requests: 4 HTTP requests in this frame

Frame: blob://https://www.thenewstribune.com/b8d5e8f8-b3cc-4506-87ca-68f2069b7af2
Frame ID: 50BF3669E62288D26A38A50C0D2E32FE
Requests: 2 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: 91951DE43FD2F229F4DA8D6356876998
Requests: 1 HTTP requests in this frame

Frame: blob://https://www.thenewstribune.com/9a20a31e-20d0-4085-9528-09d62ea922a0
Frame ID: 06A1F27B88E7A85322882E28D8D6920E
Requests: 3 HTTP requests in this frame

Frame: blob://https://www.thenewstribune.com/c223f177-9c1d-46cc-a00a-b506a2cb52fe
Frame ID: 553F84AD83BE18862F13F43377472FC5
Requests: 3 HTTP requests in this frame

Frame: blob://https://www.thenewstribune.com/5b99d4e4-dae2-462d-9ed9-8557e2db1539
Frame ID: ED3A3CC8B813A62CB867AC99CC26C9D6
Requests: 6 HTTP requests in this frame

Frame: blob://https://www.thenewstribune.com/1862ed7c-235a-4e35-9b83-02e9efb8ef4b
Frame ID: 4B3817700D5D68B98F42584EDD87E322
Requests: 2 HTTP requests in this frame

Frame: blob://https://www.thenewstribune.com/9fc60166-c092-47d5-ae11-864e1be3ca62
Frame ID: BC130AFA792DB09E1CA9F1BF4570D3E9
Requests: 3 HTTP requests in this frame

Frame: blob://https://www.thenewstribune.com/08d664d0-26bd-419b-93f2-4b39c7eb66ac
Frame ID: A3533887A0457DE9804CC3999074C2D8
Requests: 11 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.27.1-release_1249614302/storage.secure.min.html?loc=https%3A%2F%2Fwww.thenewstribune.com&site=2196236&env=prod&isCrossDomain=true&accdn=accdn.lpsnmedia.net
Frame ID: 6B4C46DFD31C3B0A293363EA259BEC5F
Requests: 1 HTTP requests in this frame

Frame: https://va.idp.liveperson.net/postmessage/postmessage.min.html?bust=1714648045747&loc=https%3A%2F%2Fwww.thenewstribune.com
Frame ID: 75535FDF94AC9348CAAB21FE8C82E24E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=CP9_GsAP9_GsAEXiMADEAyEwAAAAAEPgAAYgAAAAAAAA&us_privacy=1---
Frame ID: 425AD1DC21CC45EA48A84E9D411D1789
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=true&cmp_cs=CP9_GsAP9_GsAEXiMADEAyEwAAAAAEPgAAYgAAAAAAAA&us_privacy=1---&
Frame ID: D893291234B1EA08FD4C4E2438735E17
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 6A3F3D4C9583691F02B102FD754E8DB7
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159414&gdpr=1&gdpr_consent=CP9_GsAP9_GsAEXiMADEAyEwAAAAAEPgAAYgAAAAAAAA&us_privacy=1---
Frame ID: D5A46C05453F4B9E05FE7D42D59F50B3
Requests: 1 HTTP requests in this frame

Frame: https://mcclatchy-d.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=CP9_GsAP9_GsAEXiMADEAyEwAAAAAEPgAAYgAAAAAAAA&us_privacy=1---
Frame ID: 5091CFFD09ABC8ADDF28AA682D74F4DA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tacoma WA Breaking News, Crime & More | Tacoma News Tribune

Page URL History Show full URLs

https://www.scr-srvldappz.delfrutto.pe/ HTTP 302
https://thenewstribune.com/ HTTP 301
https://www.thenewstribune.com/ Page URL

Detected technologies

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

230
Requests

79 %
HTTPS

30 %
IPv6

45
Domains

65
Subdomains

62
IPs

5
Countries

5667 kB
Transfer

11174 kB
Size

11
Cookies

31 Outgoing links

These are links going to different origins than the main page.

URL: https://subscribe.thenewstribune.com/beinformed
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://liveedition.thenewstribune.com/
Title: Tacoma Now

Search URL Search Domain Scan URL

URL: https://www.legacy.com/us/obituaries/tribnet/browse
Title: Obituaries

Search URL Search Domain Scan URL

URL: https://myaccount.thenewstribune.com/tac_nt/home
Title: Account Management

Search URL Search Domain Scan URL

URL: https://thenewstribune.newspapers.com/
Title: Archives

Search URL Search Domain Scan URL

URL: https://go.mcclatchy.com/media-capabilities-tacoma/p/1/
Title: Contact McClatchy Advertising

Search URL Search Domain Scan URL

URL: https://www.facebook.com/tacomanewstribune
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/thenewstribune
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/thenewstribune/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/TacomaNewsTribune
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.bestofpiercecounty.com/
Title: Best of Pierce County

Search URL Search Domain Scan URL

URL: https://www.legacy.com/obituaries/tribnet/
Title: View Obituaries

Search URL Search Domain Scan URL

URL: https://tribnet.obituaries.com/
Title: Place an Obituary

Search URL Search Domain Scan URL

URL: https://placeclassifieds.mcclatchy.com/classifieds/tacoma/index.html
Title: Place a Classified Ad

Search URL Search Domain Scan URL

URL: https://placeclassifieds.mcclatchy.com/classifieds/tacoma/flow.html?action=jump&_flowId=adportal-classified-flow&categoryName=Recruitment&classificationName=Employment
Title: Post a Job

Search URL Search Domain Scan URL

URL: https://classifieds.mcclatchy.com/marketplace/tacoma
Title: Browse Classifieds

Search URL Search Domain Scan URL

URL: https://placecelebration.mcclatchy.com/celebrations/tacoma/index.html
Title: Place an Ad - Celebrations

Search URL Search Domain Scan URL

URL: https://jobs.thenewstribune.com/
Title: Search Jobs

Search URL Search Domain Scan URL

URL: https://business.mcclatchy.com/tacoma
Title: Place an Ad

Search URL Search Domain Scan URL

URL: https://hiring.mcclatchy.com/recruitmentproducts
Title: Staffing Solutions

Search URL Search Domain Scan URL

URL: https://www.winwithmcclatchy.com/political-advocacy
Title: Political | Advocacy Advertising

Search URL Search Domain Scan URL

URL: https://mycheckout.thenewstribune.com/subscribe?ofrgp_id=394&g2i_or_o=OnSite&g2i_or_p=MCCtb&cid=top-bar_onsite_0.99-1mo-15.99_202402
Title: SUBSCRIBE NOW

Search URL Search Domain Scan URL

URL: https://thenewstribune.com/mobile
Title: Tacoma News Tribune App

Search URL Search Domain Scan URL

URL: http://www.youtube.com/user/TacomaNewsTribune

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@thenewstribune/

Search URL Search Domain Scan URL

URL: https://www.mcclatchy.com/our-impact/markets/the-news-tribune
Title: About Us

Search URL Search Domain Scan URL

URL: https://go.mcclatchy.com/media-capabilities-tacoma/p/1
Title: McClatchy Advertising

Search URL Search Domain Scan URL

URL: https://www.mcclatchy.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://my.datasubject.com/16A0CuTCdGtXx3A1C/22280
Title: Your Privacy Choices

Search URL Search Domain Scan URL

URL: https://mycheckout.thenewstribune.com/subscribe?ofrgp_id=428&g2i_or_o=OnSite&g2i_or_p=Atribit2&cid=modal_homepage_1-1mo-15.99-attribits-lightbox_202311
Title: SUBSCRIBE NOW

Search URL Search Domain Scan URL

URL: https://account.thenewstribune.com/auth0
Title: SIGN IN

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.scr-srvldappz.delfrutto.pe/ HTTP 302
https://thenewstribune.com/ HTTP 301
https://www.thenewstribune.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 97

https://js.matheranalytics.com/s/ma12095/74930801/all/ml.js?cb=1654 HTTP 301
https://js.matheranalytics.com/static/ltm/ma12095/all/11/ml.br.js

Request Chain 123

https://cdn.keywee.co/dist/analytics.min.js HTTP 301
https://cdn.keywee.co/dist/analytics-1.5.12.min.js

230 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.thenewstribune.com/
Redirect Chain

https://www.scr-srvldappz.delfrutto.pe/
https://thenewstribune.com/
https://www.thenewstribune.com/

187 KB
21 KB

234ms
76ms

Document
text/html

23.196.230.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-230-25.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 9345767e78ab3b5ebe1b253ede72b27b2a969fb55fbefa0ca7220beed7876389

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 20497
content-type: text/html;charset=utf-8
date: Thu, 02 May 2024 11:07:20 GMT
etag: W/"2eaf4-QT+CElCetoqJKlOzQSwyWxmTCEw"
expires: Thu, 02 May 2024 11:07:20 GMT
last-modified: Thu, 02 May 2024 11:05:24 GMT
mi-api: WPS
mi-cache: HIT
mi-cache-age: 0
pragma: no-cache
server: MI
server-timing: ak_p; desc="1714648040776_34831257_70187555_2601_9982_37_79_255";dur=1
surrogate-control: varnish=ESI/2.1
vary: Accept-Encoding
x-akamai-transformed: 9 20301 0 pmb=mTOE,4
x-cachebust
x-mi-in-market: 0
x-proxy-forwarding-type: BlackList
x-varnish: 126372004, 169494703 184976081

Redirect headers

Connection: Keep-Alive
Content-Length: 239
Content-Type: text/html; charset=iso-8859-1
Date: Thu, 02 May 2024 11:07:20 GMT
Keep-Alive: timeout=5, max=100
Location: https://www.thenewstribune.com/
Server: Apache

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
1 KB 130ms
47ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto+Sans:ital,wght@0,100..900;1,100..900&family=Noto+Serif:ital,wght@0,100..900;1,100..900&display=swap

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5e33790c4c6d5893103a96a4feb3b597173a66b1d9b3a9051071f9e1d5d4487d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 May 2024 11:07:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 May 2024 11:07:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 May 2024 11:07:21 GMT

GET
H2 200 mi-styles.f9c9ce0927dbb2ef777f.css
www.thenewstribune.com/wps/build/webpack/css/ 225 KB
48 KB 100ms
99ms Stylesheet
text/css 23.196.230.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/wps/build/webpack/css/mi-styles.f9c9ce0927dbb2ef777f.css
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-230-25.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 9d3a6b3cee3005d8efeabd6a59491613fd374d92f49290fe5b5d7bc493185ec3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:20 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 11
x-cachebust
server-timing: ak_p; desc="1714648040979_34831257_70187640_1961_10576_37_0_255";dur=1
content-length: 48206
new-varnish: true
last-modified: Tue, 30 Apr 2024 12:25:21 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"3853d-18f2ef77768"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 117559189, 315883769 302192421
content-type: text/css;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=596515
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 thenewstribunecore.js Show response
www.thenewstribune.com/bylozis-on/ 137 KB
40 KB 143ms
142ms Script
application/javascript 23.196.230.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/bylozis-on/thenewstribunecore.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-230-25.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 87b8dd1e7f0dd57e81214a048970f9c0738783f156c7da38493f217707d2411d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:20 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 0
x-cachebust
server-timing: ak_p; desc="1714648040979_34831257_70187641_1964_10616_37_0_219";dur=1
content-length: 40624
new-varnish: true
last-modified: Wed, 01 May 2024 15:25:35 GMT
server: MI
etag: W/"225fb-61766191259c0"
vary: Accept-Encoding
mi-cache: MISS
x-varnish: 303863648, 314606794
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=115
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H/1.1 200
OK style.css
mcclatchy-next-apps-prod.s3.amazonaws.com/custom-css/all/ 272 B
665 B 413ms
138ms Stylesheet
text/css 52.217.108.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mcclatchy-next-apps-prod.s3.amazonaws.com/custom-css/all/style.css
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.108.92 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d8ec6349a216d77f1f33ed4bf7415efbc85895dabac621905c466e6894647cbb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 11:07:22 GMT
Last-Modified: Wed, 10 May 2023 23:40:01 GMT
Server: AmazonS3
x-amz-request-id: PRCH5VTMQT477F6M
ETag: "2d39810a5e64f8448f15544f86081077"
x-amz-server-side-encryption: AES256
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 272
x-amz-id-2: fIakJFWfP2w/W9U1eWZXwf8Qsueo5ygcHgfVal8aBzrPP33cdR48DIxm1tuOc9yQElK0qyISowg=

GET
H2 200 43bc9909 Show response
www.thenewstribune.com/akam/13/ 26 KB
10 KB 45ms
45ms Script
application/javascript 23.196.230.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/akam/13/43bc9909
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-230-25.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c154dfb68876bdcb1d8a1788b850523975612fbeaa321dcac8bf5961a5b37e0b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:21 GMT
content-encoding: gzip
x-cachebust
server-timing: ak_p; desc="1714648041319_34831257_70187956_73_5296_37_0_146";dur=1
content-length: 8779
pragma: no-cache
last-modified: Thu, 22 Feb 2024 19:39:49 GMT
etag: "7bb81cf6d33b2d77f703eaf526c33133887543f50d0dab4b879535d01ec159d0"
stored-attribute-sha-checksum: c154dfb68876bdcb1d8a1788b850523975612fbeaa321dcac8bf5961a5b37e0b
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=21600
access-control-allow-credentials: false
access-control-allow-headers: *
expires: Thu, 02 May 2024 11:07:21 GMT

GET
H2 200 mastheadPage.bundle-e8a9545c6e8ef79b44d2.js Show response
www.thenewstribune.com/wps/build/webpack/ 189 KB
62 KB 164ms
163ms Script
application/javascript 23.196.230.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/wps/build/webpack/mastheadPage.bundle-e8a9545c6e8ef79b44d2.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-230-25.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: cef8e444876d82067d1619f07db6cb6fabbea2f7f51c23375785842abf319940

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:21 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 12
x-cachebust
server-timing: ak_p; desc="1714648040979_34831257_70187642_3035_10578_37_0_219";dur=1
content-length: 62444
new-varnish: true
last-modified: Tue, 30 Apr 2024 12:25:15 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"2f49a-18f2ef75ff8"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 122372748, 301144005 318439529
content-type: application/javascript;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=596543
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 videoLoader.bundle-1305c59ecacd4d2a731d.js Show response
www.thenewstribune.com/wps/build/webpack/ 286 KB
89 KB 79ms
79ms Script
application/javascript 23.196.230.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/wps/build/webpack/videoLoader.bundle-1305c59ecacd4d2a731d.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-230-25.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 9bb7c384f5040574116f7a27f08cc44dfa3a838fa3198acd6d74abe5382fa5e7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:21 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 336
x-cachebust
server-timing: ak_p; desc="1714648041361_34831257_70188004_2817_11966_37_0_146";dur=1
content-length: 90087
last-modified: Tue, 30 Apr 2024 12:25:50 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"479f6-18f2ef7e8b0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 131736146, 640926426 644062736
content-type: application/javascript;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=596885
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

OPTIONS
H2 204 graphql
api.dsp.mcclatchy.com/ Frame 0
0 350ms
142ms Preflight 2a02:26f0:3500:18::1724:a28d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dsp.mcclatchy.com/graphql

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a28d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization, content-type, x-mcc-identity, x-mcc-session
access-control-allow-methods: GET, PATCH, POST, PUT
access-control-allow-origin: https://www.thenewstribune.com
cache-control: max-age=0, no-cache, no-store
date: Thu, 02 May 2024 11:07:21 GMT
expires: Thu, 02 May 2024 11:07:21 GMT
pragma: no-cache
server-timing: ak_p; desc="1714648041294_388276365_1039371015_8833_14529_38_42_219";dur=1
strict-transport-security: max-age=63072000
vary: Origin

POST
H2 200 graphql Show response
api.dsp.mcclatchy.com/ 66 B
898 B 193ms
193ms Fetch
application/json 2a02:26f0:3500:18::1724:a28d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dsp.mcclatchy.com/graphql

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/bylozis-on/thenewstribunecore.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a28d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f60413dd2940de49e26d7c52c0b49339c08cf94393b5d6930e7817cd829703ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
strict-transport-security: max-age=63072000
date: Thu, 02 May 2024 11:07:21 GMT
vary: Origin, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server-timing: cdn-cache; desc=MISS, edge; dur=97, origin; dur=21, ak_p; desc="1714648041502_388276365_1039371846_13283_12719_38_0_219";dur=1
content-length: 66
expires: Thu, 02 May 2024 11:07:21 GMT

GET
BLOB 200
OK d07780c6-7789-41a4-982b-08406bec2bc9 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/d07780c6-7789-41a4-982b-08406bec2bc9
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/bylozis-on/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c121537f660621459c2fad086c9b028cdfc5c38c4eb1e855115b278322c5b29e

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H2 200 osano.js Show response
cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/ 175 KB
48 KB 146ms
44ms Script
application/javascript 2600:9000:266e:4c00:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/bylozis-on/thenewstribunecore.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:4c00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

b00ad6c5da6cf409fbfac83885cd7c5b117cd3252375ab8b511ccd797229f2ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 19:47:10 GMT
content-encoding: br
via: 1.1 b8455bc5c5405f573b6e4da5524ee9e2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P8
age: 55211
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 48653
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 01 May 2024 19:11:53 GMT
server: CloudFront
etag: "53506f7f8af7729f4f10e615251d6147"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-id: 0FnQ2gTaUgncCS5NuTnUy7a-th4V0jTkM2jvXboyrGwI6AEk1YGE-g==

GET
BLOB 200
OK acbf72bc-d067-4185-b95a-738fe117ba44 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/acbf72bc-d067-4185-b95a-738fe117ba44
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/bylozis-on/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: edb8e87e582af5c3dc16c35d2050ba18ba55372ed957e3c4a44432de85933396

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H2 200 vendorBundle.0db969b7e79c4ed7c2c3.js Show response
www.thenewstribune.com/bylozis-on/ 87 KB
31 KB 59ms
59ms Script
application/javascript 23.196.230.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/bylozis-on/vendorBundle.0db969b7e79c4ed7c2c3.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/bylozis-on/thenewstribunecore.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-230-25.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 92b0b6286c1d95f3b0c6e1a65d0b3374dd2d5855b57d18df246fa41b6bf1b6ad

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:21 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 0
x-cachebust
server-timing: ak_p; desc="1714648041136_34831257_70187802_832_12289_37_0_219";dur=1
content-length: 31271
new-varnish: true
last-modified: Wed, 01 May 2024 15:25:26 GMT
server: MI
etag: W/"15d7b-6176618890580"
vary: Accept-Encoding
mi-cache: MISS
x-varnish: 313492441, 6799311
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=596525
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
BLOB 200
OK 2bbb7375-31cb-4a45-a6f8-f8fb384eb709 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/2bbb7375-31cb-4a45-a6f8-f8fb384eb709
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/bylozis-on/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1ca1bebe09e064e74b029916ad8f6d9ebb862a5e4ae16aec225a73288610b3f9

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 3f6dba3d-b255-4f39-9ac7-7b2b853804b6 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/3f6dba3d-b255-4f39-9ac7-7b2b853804b6
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/bylozis-on/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3cdbc2fb67355a5bed72a60b784bbb90533a584dc67e9752e3b004eb77155d5

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK b8eed3bb-86f3-4602-99c6-1825578f352f Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/b8eed3bb-86f3-4602-99c6-1825578f352f
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/bylozis-on/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 299b23d0399e5f27ec39ebeeef468abc442c8b7588d1c7e5ccd1ccc2425c218e

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 64131d17-b3ef-4b61-a069-6c1c4aa77c53 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/64131d17-b3ef-4b61-a069-6c1c4aa77c53
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/bylozis-on/thenewstribunecore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e2879060bff403befc92b267095e223305acdcfbdf68786914d3f3ac00a6e82

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H2 200 danelei.0db969b7e79c4ed7c2c3.js Show response
www.thenewstribune.com/bylozis-on/ 84 KB
23 KB 83ms
69ms Script
application/javascript 23.196.230.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/bylozis-on/danelei.0db969b7e79c4ed7c2c3.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/d07780c6-7789-41a4-982b-08406bec2bc9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-230-25.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: b95d2d2242abb674a699bb93bfb29c2c0af10a92e8db0ab0f7893896c9734ae1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:21 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 0
x-cachebust
server-timing: ak_p; desc="1714648041478_34831257_70188104_2070_10783_38_0_146";dur=1
content-length: 22863
last-modified: Wed, 01 May 2024 15:25:26 GMT
server: MI
etag: W/"14fbe-6176618890580"
vary: Accept-Encoding
mi-cache: MISS
x-varnish: 152201659, 631470899
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=596551
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 escenic.0db969b7e79c4ed7c2c3.js Show response
www.thenewstribune.com/bylozis-on/ 188 KB
50 KB 61ms
60ms Script
application/javascript 23.196.230.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/bylozis-on/escenic.0db969b7e79c4ed7c2c3.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/acbf72bc-d067-4185-b95a-738fe117ba44
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-230-25.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 266ae0b8a5f9ca7bde14d62f55e7780b60fcf8fbb660cf40811b210d97ebcd20

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:21 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 0
x-cachebust
server-timing: ak_p; desc="1714648041557_34831257_70188171_1095_10888_38_0_146";dur=1
content-length: 51096
last-modified: Wed, 01 May 2024 15:25:35 GMT
server: MI
etag: W/"2ee96-61766191259c0"
vary: Accept-Encoding
mi-cache: MISS
x-varnish: 179079971, 647073917
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=596571
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 netdale.0db969b7e79c4ed7c2c3.js Show response
www.thenewstribune.com/bylozis-on/ 43 KB
15 KB 89ms
89ms Script
application/javascript 23.196.230.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/bylozis-on/netdale.0db969b7e79c4ed7c2c3.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/2bbb7375-31cb-4a45-a6f8-f8fb384eb709
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-230-25.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 8bd5fcf747e902c6b84efe2a114ec4a899bb317f20c287c34209495af7d6cd02

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:21 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 0
x-cachebust
server-timing: ak_p; desc="1714648041616_34831257_70188213_3609_12465_38_0_146";dur=1
content-length: 14494
last-modified: Wed, 01 May 2024 15:25:26 GMT
server: MI
etag: W/"acb3-6176618890580"
vary: Accept-Encoding
mi-cache: MISS
x-varnish: 624516145, 162580351
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=596546
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 zones.0db969b7e79c4ed7c2c3.js Show response
www.thenewstribune.com/bylozis-on/ 77 KB
21 KB 94ms
93ms Script
application/javascript 23.196.230.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/bylozis-on/zones.0db969b7e79c4ed7c2c3.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/3f6dba3d-b255-4f39-9ac7-7b2b853804b6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-230-25.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 4d11f5e962c2ac48c591a4c060a202680f5afe6dedbba3e00b8b9f036793b331

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:21 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 11
x-cachebust
server-timing: ak_p; desc="1714648041647_34831257_70188241_1742_10585_38_0_146";dur=1
content-length: 21182
last-modified: Wed, 01 May 2024 15:25:26 GMT
server: MI
etag: W/"13343-6176618890580"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 180389983, 644649856 633435180
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=596501
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 nextCustom.0db969b7e79c4ed7c2c3.js Show response
www.thenewstribune.com/bylozis-on/ 23 KB
8 KB 95ms
94ms Script
application/javascript 23.196.230.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/bylozis-on/nextCustom.0db969b7e79c4ed7c2c3.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/b8eed3bb-86f3-4602-99c6-1825578f352f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-230-25.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: f9c44215b84841e06dfcf8d2ce96d30562a3334bf71a5a308bce50fda63fd437

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:21 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 10
x-cachebust
server-timing: ak_p; desc="1714648041654_34831257_70188242_2355_9328_38_0_146";dur=1
content-length: 8122
new-varnish: true
last-modified: Wed, 01 May 2024 15:25:26 GMT
server: MI
etag: W/"5c7d-6176618890580"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 310937912 317292705
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=596493
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 woldoni.0db969b7e79c4ed7c2c3.js Show response
www.thenewstribune.com/bylozis-on/ 21 KB
6 KB 296ms
296ms Script
application/javascript 23.196.230.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/bylozis-on/woldoni.0db969b7e79c4ed7c2c3.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/64131d17-b3ef-4b61-a069-6c1c4aa77c53
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-230-25.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 72467bcf68a6e21f73fd171994eec39087ab6f257c66bc3d957b9924aed99993

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:21 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 10
x-cachebust
server-timing: ak_p; desc="1714648041649_34831257_70188243_13882_13756_40_0_146";dur=1
content-length: 5952
last-modified: Wed, 01 May 2024 15:25:26 GMT
server: MI
etag: W/"5480-6176618890580"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 642234661, 177869493 172040991
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=596612
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
BLOB 200
OK bcfd7cde-49ba-4360-b184-186295d3f1fb
https://www.thenewstribune.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/bcfd7cde-49ba-4360-b184-186295d3f1fb
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 modal-v3.0.2.js Show response
www.thenewstribune.com/bylozis-on/js/ 7 KB
3 KB 246ms
246ms Script
application/javascript 23.196.230.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/bylozis-on/js/modal-v3.0.2.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/bylozis-on/thenewstribunecore.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-230-25.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 8dab392b28d325d42c0365fdf71e1be56f966651b26f27b123246696373a4a7e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:21 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 14
x-cachebust
server-timing: ak_p; desc="1714648041378_34831257_70188018_18625_12555_38_0_219";dur=1
content-length: 2103
last-modified: Wed, 01 May 2024 15:25:27 GMT
server: MI
etag: W/"1b3d-61766189847c0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 179079973 180914357
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=596525
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

POST
H2 200 graphql Show response
api.dsp.mcclatchy.com/ 125 B
954 B 168ms
168ms Fetch
application/json 2a02:26f0:3500:18::1724:a28d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dsp.mcclatchy.com/graphql

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/bylozis-on/thenewstribunecore.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a28d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a084cb4687796fe0d8a337abc919d941c9d9b15841988064d984129078b3a548

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
strict-transport-security: max-age=63072000
date: Thu, 02 May 2024 11:07:21 GMT
vary: Origin, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server-timing: cdn-cache; desc=MISS, edge; dur=82, origin; dur=21, ak_p; desc="1714648041560_388276365_1039372151_10375_13352_38_0_219";dur=1
content-length: 125
expires: Thu, 02 May 2024 11:07:21 GMT

GET
H2 200 v2fnb2AI392SRgTGMK1fjeEnugWK7uqXHL7oHGZAZL5vdKfN5zLouHbUz Show response
flowerstreatment.com/ 68 KB
25 KB 168ms
59ms Script
text/javascript 2600:1901:0:7416::1
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://flowerstreatment.com/v2fnb2AI392SRgTGMK1fjeEnugWK7uqXHL7oHGZAZL5vdKfN5zLouHbUz

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:7416::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

bc6c1d02b156722d8e6cc1864498d4cb8e71dc6ca87a73b1be531d3075875576

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: zstd
via: 1.1 google
date: Thu, 02 May 2024 11:07:21 GMT
x-datacenter: gce-europe-west1
etag: "4d68737fafc218f90256621c40ee0836464fd14f5c23fe8d619c4d4c9e20a611"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-lbtz
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
x-buildnumber: 1205290244
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 logo.svg
www.thenewstribune.com/wps/build/images/newLogos/thenewstribune/ 10 KB
4 KB 61ms
61ms Image
image/svg+xml 23.196.230.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/wps/build/images/newLogos/thenewstribune/logo.svg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-230-25.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: d172d3fa9e3a275a4c24dfa2f6e93f529f8ce5ac88f40cb0b221a4e8da0a0b91

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:21 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 6724
x-cachebust
server-timing: ak_p; desc="1714648041647_34831257_70188244_1238_10529_38_0_146";dur=1
content-length: 3725
last-modified: Wed, 24 Apr 2024 05:40:35 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"280d-18f0e9ebc38"
mi-cache: HIT
vary: Accept-Encoding
x-varnish: 47614837, 230672816 234594585
content-type: image/svg+xml;charset=ISO-8859-1
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=170903
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2
fonts.gstatic.com/s/notosans/v36/ 38 KB
39 KB 132ms
46ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v36/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans:ital,wght@0,100..900;1,100..900&family=Noto+Serif:ital,wght@0,100..900;1,100..900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91c01ec0de315f973f4c00041b7ae25e1a790cedff79a6fbb56c571bba379142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.thenewstribune.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 20:42:40 GMT
x-content-type-options: nosniff
age: 51881
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39412
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 22:43:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 May 2025 20:42:40 GMT

GET
H2 200 ga6daw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTYf6D30.woff2
fonts.gstatic.com/s/notoserif/v23/ 42 KB
42 KB 75ms
73ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v23/ga6daw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTYf6D30.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans:ital,wght@0,100..900;1,100..900&family=Noto+Serif:ital,wght@0,100..900;1,100..900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d3959df4ebd84904a1622b6d7c9728f487e0c4d372f9bc2f59d0c480702f9c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.thenewstribune.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 21:05:26 GMT
x-content-type-options: nosniff
age: 223315
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43212
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 00:59:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Apr 2025 21:05:26 GMT

GET
H2 200 PierceCountyVillageSite.JPG
www.thenewstribune.com/latest-news/jfpl7o/picture287939090/alternates/LANDSCAPE_768/ 92 KB
93 KB 54ms
53ms Image
image/jpeg 23.196.230.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/latest-news/jfpl7o/picture287939090/alternates/LANDSCAPE_768/PierceCountyVillageSite.JPG
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-230-25.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 1ae4d301d98fce40b10e39afa3eb683bbfb7818606cd21bcbb3641ef2c5996a6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:21 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 461
x-cachebust
server-timing: ak_p; desc="1714648041741_34831257_70188307_63_10021_40_0_146";dur=1
content-length: 94269
last-modified: Tue, 23 Apr 2024 21:23:57 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "322f172fae61e4601ac5f8aee0333aaa"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 4433840 2891875
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=532750
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 IMG_4622%20(1).jpeg
www.thenewstribune.com/latest-news/i2mcbh/picture288064455/alternates/LANDSCAPE_768/ 53 KB
54 KB 68ms
68ms Image
image/jpeg 23.196.230.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/latest-news/i2mcbh/picture288064455/alternates/LANDSCAPE_768/IMG_4622%20(1).jpeg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-230-25.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 3a0766e1f88afd34ad646382743f4d9bf00df6c653be17b858abfc2a92948a80

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:21 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 300
x-cachebust
server-timing: ak_p; desc="1714648041741_34831257_70188308_44_10184_40_0_146";dur=1
content-length: 54386
last-modified: Fri, 26 Apr 2024 23:15:58 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "c3925036ffe1f3f65236370d7b757dfc"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 72103135, 568475141 576914329
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=521989
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 Rainier%20Beer%20Odyssey%20Marlene%20Still.png
www.thenewstribune.com/latest-news/3jy22r/picture288166790/alternates/LANDSCAPE_768/ 766 KB
767 KB 124ms
124ms Image
image/png 23.196.230.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/latest-news/3jy22r/picture288166790/alternates/LANDSCAPE_768/Rainier%20Beer%20Odyssey%20Marlene%20Still.png
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-230-25.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 523a329ca36afccf4db0b70763b86bc5efa3ffac6e514a74f7765f0309c04ea4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:21 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 101
x-cachebust
server-timing: ak_p; desc="1714648041741_34831257_70188309_54_10198_40_0_146";dur=1
content-length: 784616
new-varnish: true
last-modified: Wed, 01 May 2024 14:53:48 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "e742375e0f9928c532849fddd22e9e29"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 5046326, 451446885 443789083
content-type: image/png
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=532085
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H3 200 1_th.jpg
img.connatix.com/36e80a7b-404c-487e-ab45-22907099abf2/ 153 KB
154 KB 145ms
61ms Image
image/jpeg 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.connatix.com/36e80a7b-404c-487e-ab45-22907099abf2/1_th.jpg

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70a53f78fb49a39dd034e0e798a3a6f4187ecc9dde2a5929a5df84d847c8c543

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:21 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 156686
cf-resized: internal=ok/h q=0 n=21+0 c=15+359 v=2024.4.0 l=156686
last-modified: Mon, 29 Apr 2024 22:34:29 GMT
cf-bgj: imgq:0,h2pri
server: cloudflare
etag: "cf5Yq3MU5HERC2IeckHdt8CDmssZ7-Tzt04sSdBa-5DQ:243bea8dc64878e929a66d5b8d91088b"
vary: Accept, Accept-Encoding
warning: cf-images 299 "original is 91864B smaller"
content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-methods: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 87d78c156b356a73-TXL
access-control-allow-headers: range
priority: u=1;i=?0,cf-chb=(195;u=4;i=?0 57585;u=5;i 101027;u=6;i=?0)

GET
H2 200 240425%20bh%20Food%20bank%20shortage%2070.jpg
www.thenewstribune.com/latest-news/ky91uh/picture288029450/alternates/LANDSCAPE_768/ 61 KB
61 KB 171ms
169ms Image
image/jpeg 23.196.230.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/latest-news/ky91uh/picture288029450/alternates/LANDSCAPE_768/240425%20bh%20Food%20bank%20shortage%2070.jpg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-230-25.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: d513ee15141ebc5165f94559c27585c8a11c6e95545374a3ab59b6ec2cfb7b5d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:21 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 0
x-cachebust
server-timing: ak_p; desc="1714648041753_34831257_70188313_69_9549_40_0_219";dur=1
content-length: 62420
new-varnish: true
last-modified: Thu, 25 Apr 2024 22:53:36 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "986a867e928bba4b62d903b74188b1ea"
mi-cache: MISS
access-control-max-age: 86400
x-varnish: 523403460, 447165038
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=524355
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 220627%20cb%20gig%20harbor%20garden%20tour_04.JPG
www.thenewstribune.com/latest-news/z1lgda/picture262936928/alternates/LANDSCAPE_768/ 33 KB
33 KB 175ms
173ms Image
image/jpeg 23.196.230.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/latest-news/z1lgda/picture262936928/alternates/LANDSCAPE_768/220627%20cb%20gig%20harbor%20garden%20tour_04.JPG
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-230-25.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 246f50b59a7426dbb5910cfe0785110ae6df50cdaed539b90d30bd894e3998a5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:21 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 276
x-cachebust
server-timing: ak_p; desc="1714648041753_34831257_70188314_75_9477_40_0_146";dur=1
content-length: 33708
new-varnish: true
last-modified: Mon, 27 Jun 2022 20:15:24 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "bb84220436821c08d40aa6ea5db86a3e"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 503514598 508166459
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=521918
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 benston%20landing%20house%20example.jpeg
www.thenewstribune.com/latest-news/b2ivn8/picture288162655/alternates/LANDSCAPE_768/ 59 KB
59 KB 145ms
144ms Image
image/jpeg 23.196.230.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/latest-news/b2ivn8/picture288162655/alternates/LANDSCAPE_768/benston%20landing%20house%20example.jpeg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-230-25.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: e5e3f2c1c7c18f6d483573a11a8e1e58250c7617e675208082bc5a65577cc159

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:21 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 2495
x-cachebust
server-timing: ak_p; desc="1714648041753_34831257_70188317_78_9669_40_0_219";dur=1
content-length: 60324
last-modified: Tue, 30 Apr 2024 21:07:50 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "0c12604cf2bd8af92762df89732deeaf"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 520785872, 38699403 27394853
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=473173
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 bbc3b184-9031-48ae-a776-b6225052063d
www.mcclatchy-wires.com/incoming/u47ujw/picture288223645/alternates/LANDSCAPE_768/ 35 KB
35 KB 317ms
98ms Image
image/jpeg 23.196.230.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mcclatchy-wires.com/incoming/u47ujw/picture288223645/alternates/LANDSCAPE_768/bbc3b184-9031-48ae-a776-b6225052063d
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-230-25.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: efa35cadd3d526fb32e70148ec1c145dda43cde286d0bc4e94adfc31470dfcc8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:22 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 328
x-cachebust
server-timing: ak_p; desc="1714648041962_34831257_70188481_3179_11761_38_0_146";dur=1
content-length: 35454
last-modified: Thu, 02 May 2024 10:54:44 GMT
x-proxy-forwarding-type: WhiteList
server: MI
etag: "f2495b698160f1cd0dd483a29d9d84e9"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 183371653, 642758599 639325767
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=604467
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 2d628413-ed80-44d3-af8e-d1206931fc0e
www.mcclatchy-wires.com/incoming/cslpth/picture288218425/alternates/LANDSCAPE_768/ 2 MB
2 MB 289ms
70ms Image
image/png 23.196.230.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mcclatchy-wires.com/incoming/cslpth/picture288218425/alternates/LANDSCAPE_768/2d628413-ed80-44d3-af8e-d1206931fc0e
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-230-25.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 43768da895b936155a74478241510dc3498e10d0087889a5874b0382f45abc23

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:21 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 1119
x-cachebust
server-timing: ak_p; desc="1714648041962_34831257_70188480_217_11855_38_0_146";dur=1
content-length: 2215820
last-modified: Thu, 02 May 2024 04:20:15 GMT
x-proxy-forwarding-type: WhiteList
server: MI
etag: "3e661df96b1d77b56701a1ffd207492a"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 165619946 174948646
content-type: image/png
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=581533
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 a7d826d0-cf37-427b-bf19-2992e4a9fb1_fitted%20(1).jpeg
www.mcclatchy-partners.com/incoming/udb1vc/picture287268415/alternates/LANDSCAPE_768/ 43 KB
44 KB 286ms
77ms Image
image/jpeg 23.196.230.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mcclatchy-partners.com/incoming/udb1vc/picture287268415/alternates/LANDSCAPE_768/a7d826d0-cf37-427b-bf19-2992e4a9fb1_fitted%20(1).jpeg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-230-25.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 900bc17f4833e66506b5c6eb81b411b978b7e3bebab10640beda1eda7088f9db

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:21 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 307
x-cachebust
server-timing: ak_p; desc="1714648041950_34831257_70188466_1444_11982_38_0_146";dur=1
content-length: 44374
last-modified: Mon, 01 Apr 2024 12:34:08 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "6f27a30c2c795c97b83ac435023e1e1d"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 334216665 344231488
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=122709
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 220517%20pc%20over%20the%20moon_2.JPG
www.thenewstribune.com/latest-news/rril4d/picture261651057/alternates/LANDSCAPE_768/ 34 KB
34 KB 176ms
176ms Image
image/jpeg 23.196.230.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/latest-news/rril4d/picture261651057/alternates/LANDSCAPE_768/220517%20pc%20over%20the%20moon_2.JPG
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-230-25.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 12a91fa17092aea6371efed1458da78cb91c1250696704fad984996be5a24e15

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:21 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 3405
x-cachebust
server-timing: ak_p; desc="1714648041757_34831257_70188318_546_13096_40_0_146";dur=1
content-length: 34596
new-varnish: true
last-modified: Fri, 20 May 2022 20:45:33 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "148edb3882be132cda94be04cc419fb1"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 265424620 214443108
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=474000
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 /
cmp.osano.com/ Frame 6EA4 0
0 565ms
85ms Document
text/html 52.85.158.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.158.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-158-7.ath50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.thenewstribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 71531
alt-svc: h3=":443"; ma=86400
content-encoding: gzip
content-type: text/html
date: Wed, 01 May 2024 15:15:12 GMT
etag: W/"48a0e738f84f45eb10ccd17ff6e09429"
last-modified: Tue, 06 Feb 2024 18:00:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding Origin
via: 1.1 ebeaa16e70379b3496daf7e832347e92.cloudfront.net (CloudFront)
x-amz-cf-id: XlSXVgQWIN95AbAG7oomfoa4xHW5jKMe2A6Sdnp1rV32F7hb2PkgmA==
x-amz-cf-pop: ATH50-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: POJv8cLnvurN8PIkBGZX7_kfH6.eePMP
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H2 200 de.json
cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/ Frame 0
0 506ms
418ms Preflight 2600:9000:266e:4c00:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/de.json

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:4c00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 02 May 2024 11:07:23 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
via: 1.1 64c8688da1fd73389eb91af90ae83792.cloudfront.net (CloudFront)
x-amz-cf-id: KCRRIRlbIdpcA9yCItnoTrVIZWzF3dlOhLS_34ac9MvkIzX251rfbw==
x-amz-cf-pop: FRA56-P8
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 osano-ui.js Show response
cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/ 101 KB
25 KB 46ms
46ms Script
application/javascript 2600:9000:266e:4c00:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano-ui.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:4c00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9f4c6e80303359c900ced647be01f45d2a6f995fd5935eac640769ff009ace52

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 19:12:23 GMT
x-amz-version-id: XS5hfOfiaoHc1Q4dog4lTdUKOCeKrfDu
content-encoding: br
x-content-type-options: nosniff
via: 1.1 b8455bc5c5405f573b6e4da5524ee9e2.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P8
age: 57299
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 01 May 2024 19:11:49 GMT
server: AmazonS3
etag: W/"d44944ae1445282c380312f02974e453"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: max-age=86400, no-transform, public
x-amz-cf-id: umij3ByFxuNish-ZBu8aPvlCkO83QRmKOQzkUhFCKLgykKl81oFBsg==

GET
H3 200 de.json Show response
cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/ 31 KB
10 KB 161ms
161ms XHR
application/json 52.85.158.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/de.json

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

52.85.158.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-158-91.ath50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e16763a0552a1cadd3c2225e18ff241a47c1e95e001eae3e6abc682e96ee3744

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://www.thenewstribune.com/
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Thu, 02 May 2024 01:57:58 GMT
x-content-type-options: nosniff
x-amz-version-id: l6lrVBpxCc9JgWfZ0.hljtAY4FIQ.hKt
content-encoding: br
via: 1.1 ebeaa16e70379b3496daf7e832347e92.cloudfront.net (CloudFront)
x-amz-cf-pop: ATH50-C1
x-amz-server-side-encryption: AES256
age: 32965
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 01 May 2024 19:11:49 GMT
server: AmazonS3
etag: W/"b4bd683b93fbd2241af81a911cc41c73"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400, no-transform, public
vary: Accept-Encoding
x-amz-cf-id: OesTnGxgjNNrq8s7YaW9sMityDCUI_E5gfAfCvCGpupJH_oE1z-DOQ==

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 157 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK 5d8c7962-e16e-456c-b44d-b7f4fb861fb7 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/5d8c7962-e16e-456c-b44d-b7f4fb861fb7
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e53e87e8c3bb1f83de4d7bc760d5ba841bad1595beffd15610a45140acc1f850

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 6891a692-c82b-4e7e-a73c-b401a6bc4cad Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/6891a692-c82b-4e7e-a73c-b401a6bc4cad
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f4bfaeaf071f2a6cbe8cafb02a1eab6858575afb89659c7b991ffb148ed90b3

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

POST
H2 200 graphql Show response
api.dsp.mcclatchy.com/ 40 B
868 B 225ms
223ms Fetch
application/json 2a02:26f0:3500:18::1724:a28d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dsp.mcclatchy.com/graphql

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/bylozis-on/thenewstribunecore.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:18::1724:a28d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e52d6545c56454039b04d25947d5ca42b73803b408ea865affc8b91fb27efb3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
strict-transport-security: max-age=63072000
date: Thu, 02 May 2024 11:07:21 GMT
vary: Origin, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server-timing: cdn-cache; desc=MISS, edge; dur=140, origin; dur=16, ak_p; desc="1714648041806_388276365_1039373323_16729_11343_38_0_219";dur=1
content-length: 40
expires: Thu, 02 May 2024 11:07:21 GMT

GET
BLOB 200
OK 401cec4b-e975-4114-a8b2-44e50c7aca1e
https://www.thenewstribune.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/401cec4b-e975-4114-a8b2-44e50c7aca1e
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 suggestedContent.0db969b7e79c4ed7c2c3.js Show response
www.thenewstribune.com/bylozis-on/ 15 KB
5 KB 118ms
118ms Script
application/javascript 23.196.230.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/bylozis-on/suggestedContent.0db969b7e79c4ed7c2c3.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-230-25.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: e64faa6b31ccabef6314122f574b8a7359229da1c9df4f0739a3b12aefcf9767

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:21 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 362
x-cachebust
server-timing: ak_p; desc="1714648041805_34831257_70188343_2025_9945_42_0_146";dur=1
content-length: 4993
new-varnish: true
last-modified: Wed, 01 May 2024 15:25:26 GMT
server: MI
etag: W/"3cb6-6176618890580"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 305992159 309724926
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=596844
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 domkut.0db969b7e79c4ed7c2c3.js Show response
www.thenewstribune.com/bylozis-on/ 7 KB
3 KB 118ms
118ms Script
application/javascript 23.196.230.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/bylozis-on/domkut.0db969b7e79c4ed7c2c3.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-230-25.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 443d4712023350c84b387ad8b58d6b4b8296b64243e08b4ed0ea3f60121c741c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:21 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 15
x-cachebust
server-timing: ak_p; desc="1714648041816_34831257_70188354_923_11121_42_0_146";dur=1
content-length: 2413
last-modified: Wed, 01 May 2024 15:25:26 GMT
server: MI
etag: W/"1c64-6176618890580"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 179246899 181502088
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=596580
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
BLOB 200
OK 400b7700-ab65-4c1f-95b1-e19f19436832 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/400b7700-ab65-4c1f-95b1-e19f19436832
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f736f13014bee238f93fe8d921f6aad403db0ab84ab2c71563c66e0720213fad

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK adaf74ad-87b5-495a-86d9-e2b4b023740a Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/adaf74ad-87b5-495a-86d9-e2b4b023740a
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3cd1cbd90afd468d519c72075d1816205843f3c654d1b3a3d3968f6802969c38

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 8887f08e-3392-4933-adc2-9bdcd01fa1fe Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/8887f08e-3392-4933-adc2-9bdcd01fa1fe
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 421a2faa1be177751a391f5446f23692f55aa0d998d3c6919ef6f5679c030faa

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H2 200 naeliya.0db969b7e79c4ed7c2c3.js Show response
www.thenewstribune.com/bylozis-on/ 8 KB
3 KB 93ms
92ms Script
application/javascript 23.196.230.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/bylozis-on/naeliya.0db969b7e79c4ed7c2c3.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-230-25.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 3d436e3d55dc0a983b927c5f703efa9813d4fda57fe329a5e2552922b985951b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:21 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 0
x-cachebust
server-timing: ak_p; desc="1714648041853_34831257_70188377_4035_10646_38_0_146";dur=1
content-length: 2708
last-modified: Wed, 01 May 2024 15:25:26 GMT
server: MI
etag: W/"2179-6176618890580"
vary: Accept-Encoding
mi-cache: MISS
x-varnish: 175051541, 641549663
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=596557
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 videoLoader.bundle-1305c59ecacd4d2a731d.js Show response
www.thenewstribune.com/wps/build/webpack/ 286 KB
0 0ms
0ms Script
application/javascript 23.196.230.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/wps/build/webpack/videoLoader.bundle-1305c59ecacd4d2a731d.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-230-25.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 9bb7c384f5040574116f7a27f08cc44dfa3a838fa3198acd6d74abe5382fa5e7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:21 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 336
x-cachebust
server-timing: ak_p; desc="1714648041361_34831257_70188004_2817_11966_37_0_146";dur=1
content-length: 90087
last-modified: Tue, 30 Apr 2024 12:25:50 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"479f6-18f2ef7e8b0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 131736146, 640926426 644062736
content-type: application/javascript;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=596885
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

POST
H2 200 httpapi Show response
api2.amplitude.com/2/ 94 B
308 B 233ms
233ms Fetch
application/json 54.149.37.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/bylozis-on/escenic.0db969b7e79c4ed7c2c3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.149.37.245 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-149-37-245.us-west-2.compute.amazonaws.com

Software

Resource Hash

9442f777b8d9ac935eeb2d83790aceb4b7c29f6e5b64d577b66069aca5d50daf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Accept: */*
Referer: https://www.thenewstribune.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:22 GMT
strict-transport-security: max-age=15768000
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
trace-id: Root=1-663373ea-2efe91e62048b07b1bf964a0
content-length: 94

GET
H2 200 sponsored.0db969b7e79c4ed7c2c3.js Show response
www.thenewstribune.com/bylozis-on/ 5 KB
2 KB 106ms
106ms Script
application/javascript 23.196.230.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/bylozis-on/sponsored.0db969b7e79c4ed7c2c3.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-230-25.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 2028dc7432b6a70e68a6e62e130a39ccb303d29eab5026b78ea163228cf5233d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:21 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 0
x-cachebust
server-timing: ak_p; desc="1714648041865_34831257_70188383_4916_9335_38_0_146";dur=1
content-length: 2026
last-modified: Wed, 01 May 2024 15:25:26 GMT
server: MI
etag: W/"15a3-6176618890580"
vary: Accept-Encoding
mi-cache: MISS
x-varnish: 647073928, 179865399
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=596447
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

OPTIONS
H2 200 httpapi
api2.amplitude.com/2/ Frame 0
0 647ms
210ms Preflight 54.149.37.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.149.37.245 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-149-37-245.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
date: Thu, 02 May 2024 11:07:22 GMT
strict-transport-security: max-age=15768000

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
480 B 134ms
36ms Image
image/gif 2600:9000:20ab:de00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?adunitid=hljkl&adnum=5243850
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:de00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 05:24:56 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 3ab47e7bb911be04b665845f18319950.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
age: 20546
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: N96tkiLG7YOQHk2W-XVc8Oi6savn-9c0SM1z7NwOYslAXqnpclubdA==

GET
H2 200 userprofile Show response
profile-api.amplitude.com/v1/ 191 B
439 B 750ms
218ms Fetch
application/json 44.228.37.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://profile-api.amplitude.com/v1/userprofile?device_id=102aba18-1abd-424a-b37b-a1a914fa9bdc&user_id=&get_amp_props=true&get_cohort_ids=true

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/bylozis-on/thenewstribunecore.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.228.37.53 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-228-37-53.us-west-2.compute.amazonaws.com

Software

Jetty(9.4.54.v20240208) /

Resource Hash

233451371f7890075850b66808b4dac8ac46a1d8a5bebbbb440114fb9191f234

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Api-Key 5b9692cfc25dd38c13c7782c17376864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Jetty(9.4.54.v20240208)
x-amzn-trace-id: Root=1-663373eb-6ff0ba2f2b500397351af11f
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
access-control-allow-credentials: true

GET
H2 200 userprofile Show response
profile-api.amplitude.com/v1/ 191 B
438 B 310ms
310ms Fetch
application/json 44.228.37.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://profile-api.amplitude.com/v1/userprofile?device_id=102aba18-1abd-424a-b37b-a1a914fa9bdc&user_id=&get_amp_props=true&get_cohort_ids=true

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/bylozis-on/thenewstribunecore.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.228.37.53 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-228-37-53.us-west-2.compute.amazonaws.com

Software

Jetty(9.4.54.v20240208) /

Resource Hash

233451371f7890075850b66808b4dac8ac46a1d8a5bebbbb440114fb9191f234

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Api-Key 5b9692cfc25dd38c13c7782c17376864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Jetty(9.4.54.v20240208)
x-amzn-trace-id: Root=1-663373ea-011bf7ea174f8ca70d25277b
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
access-control-allow-credentials: true

GET
H2 200 userprofile Show response
profile-api.amplitude.com/v1/ 191 B
439 B 530ms
220ms Fetch
application/json 44.228.37.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://profile-api.amplitude.com/v1/userprofile?device_id=102aba18-1abd-424a-b37b-a1a914fa9bdc&user_id=&get_amp_props=true&get_cohort_ids=true

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/bylozis-on/thenewstribunecore.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.228.37.53 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-228-37-53.us-west-2.compute.amazonaws.com

Software

Jetty(9.4.54.v20240208) /

Resource Hash

233451371f7890075850b66808b4dac8ac46a1d8a5bebbbb440114fb9191f234

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Api-Key 5b9692cfc25dd38c13c7782c17376864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Jetty(9.4.54.v20240208)
x-amzn-trace-id: Root=1-663373ea-33511ecd231138f35094588a
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
access-control-allow-credentials: true

OPTIONS
H2 200 userprofile
profile-api.amplitude.com/v1/ Frame 0
0 642ms
208ms Preflight 44.228.37.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://profile-api.amplitude.com/v1/userprofile?device_id=102aba18-1abd-424a-b37b-a1a914fa9bdc&user_id=&get_amp_props=true&get_cohort_ids=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.228.37.53 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-228-37-53.us-west-2.compute.amazonaws.com

Software

Jetty(9.4.54.v20240208) /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.thenewstribune.com
access-control-max-age: 1800
date: Thu, 02 May 2024 11:07:22 GMT
server: Jetty(9.4.54.v20240208)
vary: Origin
x-amzn-trace-id: Root=1-663373ea-5d415b4e3dadfac402880ae2
x-content-type-options: nosniff

OPTIONS
H2 200 userprofile
profile-api.amplitude.com/v1/ Frame 0
0 640ms
207ms Preflight 44.228.37.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://profile-api.amplitude.com/v1/userprofile?device_id=102aba18-1abd-424a-b37b-a1a914fa9bdc&user_id=&get_amp_props=true&get_cohort_ids=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.228.37.53 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-228-37-53.us-west-2.compute.amazonaws.com

Software

Jetty(9.4.54.v20240208) /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.thenewstribune.com
access-control-max-age: 1800
date: Thu, 02 May 2024 11:07:22 GMT
server: Jetty(9.4.54.v20240208)
vary: Origin
x-amzn-trace-id: Root=1-663373ea-251fa62d7f5685eb7b226136
x-content-type-options: nosniff

OPTIONS
H2 200 userprofile
profile-api.amplitude.com/v1/ Frame 0
0 641ms
208ms Preflight 44.228.37.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://profile-api.amplitude.com/v1/userprofile?device_id=102aba18-1abd-424a-b37b-a1a914fa9bdc&user_id=&get_amp_props=true&get_cohort_ids=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.228.37.53 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-228-37-53.us-west-2.compute.amazonaws.com

Software

Jetty(9.4.54.v20240208) /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.thenewstribune.com
access-control-max-age: 1800
date: Thu, 02 May 2024 11:07:22 GMT
server: Jetty(9.4.54.v20240208)
vary: Origin
x-amzn-trace-id: Root=1-663373ea-62fdffdf3d786a4f6d96f354
x-content-type-options: nosniff

GET
H3 200 connatix.player.js Show response
cd.connatix.com/ Frame F1E6 2 KB
1006 B 108ms
49ms Script
application/javascript 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cd.connatix.com/connatix.player.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d318a29d490d804ac9f45e464a4c0fd658d44bf30417001c1719313f3a316278

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:21 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 87d78c164f39452e-TXL
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400

GET
BLOB 200
OK 60080d93-653d-4e17-8bd9-714c5be6f73d Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/60080d93-653d-4e17-8bd9-714c5be6f73d
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6fdf3306a6d2db48646ad7c15779d3bc944208073a9904090af533c5a9639f17

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 62b8c2f8-7f1c-4e32-81f6-2b79667606ca Show response
https://www.thenewstribune.com/ 268 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/62b8c2f8-7f1c-4e32-81f6-2b79667606ca
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7b86cdf2629fc724878a4dd3fef7fbff2ac95555bfb0faa9401f27c789dbfe12

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 268
Content-Type: text/javascript

OPTIONS
H2 200 vardata
api.lab.amplitude.com/sdk/ Frame 0
0 173ms
43ms Preflight 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.thenewstribune.com
access-control-max-age: 1800
age: 1913
cache-control: no-store
content-length: 0
date: Thu, 02 May 2024 11:07:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amzn-trace-id: Root=1-66336c70-4364069d32dff1562263edde
x-cache: HIT
x-cache-hits: 70
x-content-type-options: nosniff
x-served-by: cache-fra-etou8220122-FRA
x-timer: S1714648042.090019,VS0,VE0

OPTIONS
H2 200 vardata
api.lab.amplitude.com/sdk/ Frame 0
0 173ms
44ms Preflight 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.thenewstribune.com
access-control-max-age: 1800
age: 1913
cache-control: no-store
content-length: 0
date: Thu, 02 May 2024 11:07:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amzn-trace-id: Root=1-66336c70-4364069d32dff1562263edde
x-cache: HIT
x-cache-hits: 72
x-content-type-options: nosniff
x-served-by: cache-fra-etou8220122-FRA
x-timer: S1714648042.090535,VS0,VE0

OPTIONS
H2 200 vardata
api.lab.amplitude.com/sdk/ Frame 0
0 172ms
43ms Preflight 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.thenewstribune.com
access-control-max-age: 1800
age: 1913
cache-control: no-store
content-length: 0
date: Thu, 02 May 2024 11:07:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amzn-trace-id: Root=1-66336c70-4364069d32dff1562263edde
x-cache: HIT
x-cache-hits: 70
x-content-type-options: nosniff
x-served-by: cache-fra-etou8220122-FRA
x-timer: S1714648042.090012,VS0,VE0

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 22 B
107 B 395ms
40ms Fetch
application/json 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/bylozis-on/woldoni.0db969b7e79c4ed7c2c3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d35851b6105713ee65d3d0de39a15b81aac4e989ab552d8383fad0618b374e83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Authorization: Api-Key client-G6ik2oCuLtpn6c9TpIT8ZRXe4JHPDDn9
X-Amp-Exp-User: eyJkZXZpY2VfaWQiOiIxMDJhYmExOC0xYWJkLTQyNGEtYjM3Yi1hMWE5MTRmYTliZGMiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwibGFuZ3VhZ2UiOiJkZS1ERSIsImxpYnJhcnkiOiJ5ei1leHAtY2xpZW50LzEuMCIsIm9zIjoiQ2hyb21lIDEyNCIsInBsYXRmb3JtIjoiV2ViIiwidXNlcl9pZCI6IiIsInVzZXJfcHJvcGVydGllcyI6eyJidXNpbmVzc191bml0IjoiVE5UIiwiY2Fub25pY2FsX3VybCI6Imh0dHBzOi8vd3d3LnRoZW5ld3N0cmlidW5lLmNvbS8iLCJjbXNfaWQiOiJIb21lcGFnZTo3MTAxIiwiY29udGVudF9zZXJ2aWNlIjoiUHJvZHVjdDogRXNjZW5pYyIsImZ1bGxfdXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsImhhc19mb2N1cyI6InllcyIsImlmcmFtZV9uZXN0aW5nIjoidG9wIiwicGFnZV9sZXZlbCI6IkhvbWUiLCJwYWdlX25hbWUiOiJIb21lOkhvbWVwYWdlIiwicGFnZV9wYXRoIjoiLyIsInB1YmxpY2F0aW9uX25hbWUiOiJUaGUgTmV3cyBUcmlidW5lIiwicmVmZXJyaW5nX2hvc3QiOiJub19yZWZlcnJlciIsInNka19pbml0X3N0YXR1cyI6InN0b3JhZ2UiLCJzZWN0aW9uIjoiSG9tZXBhZ2UiLCJzZXJ2ZXIiOiJ3d3cudGhlbmV3c3RyaWJ1bmUuY29tIiwidGF4b25vbXkiOiJfSG9tZVBhZ2V8fHx8IiwidXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsInZpc2l0X251bWJlciI6MSwiYnJhemVfdXNlcl9hbGlhcyI6IjEwMmFiYTE4LTFhYmQtNDI0YS1iMzdiLWExYTkxNGZhOWJkYyIsImRldmljZV9wbW9kZSI6IjAiLCJkZXZpY2Vfb3JpZW50YXRpb24iOiJ1bnN1cHBvcnRlZCIsImRldmljZV9zY3JlZW5fc2l6ZSI6IjE2MDB4MTIwMCIsImRldmljZV90eXBlIjoib3RoZXIiLCJsb2dnZWRfaW4iOmZhbHNlLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyNC4wLjAuMCBTYWZhcmkvNTM3LjM2IiwiZmxhZ19rZXkiOiJ1c2FnZSIsImRhdGUiOiIyMDI0LTA1LTAyIn19
Referer: https://www.thenewstribune.com/
X-Amp-Exp-Flag-Keys: WyJ1c2FnZSJd
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 0
x-cache: HIT
content-length: 42
x-served-by: cache-fra-etou8220122-FRA
x-timer: S1714648042.491565,VS0,VE1
x-amzn-trace-id: Root=1-663373ea-4acbdcb265737827150ee59e
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 22 B
134 B 739ms
40ms Fetch
application/json 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/bylozis-on/woldoni.0db969b7e79c4ed7c2c3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d35851b6105713ee65d3d0de39a15b81aac4e989ab552d8383fad0618b374e83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Authorization: Api-Key client-G6ik2oCuLtpn6c9TpIT8ZRXe4JHPDDn9
X-Amp-Exp-User: eyJkZXZpY2VfaWQiOiIxMDJhYmExOC0xYWJkLTQyNGEtYjM3Yi1hMWE5MTRmYTliZGMiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwibGFuZ3VhZ2UiOiJkZS1ERSIsImxpYnJhcnkiOiJ5ei1leHAtY2xpZW50LzEuMCIsIm9zIjoiQ2hyb21lIDEyNCIsInBsYXRmb3JtIjoiV2ViIiwidXNlcl9pZCI6IiIsInVzZXJfcHJvcGVydGllcyI6eyJidXNpbmVzc191bml0IjoiVE5UIiwiY2Fub25pY2FsX3VybCI6Imh0dHBzOi8vd3d3LnRoZW5ld3N0cmlidW5lLmNvbS8iLCJjbXNfaWQiOiJIb21lcGFnZTo3MTAxIiwiY29udGVudF9zZXJ2aWNlIjoiUHJvZHVjdDogRXNjZW5pYyIsImZ1bGxfdXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsImhhc19mb2N1cyI6InllcyIsImlmcmFtZV9uZXN0aW5nIjoidG9wIiwicGFnZV9sZXZlbCI6IkhvbWUiLCJwYWdlX25hbWUiOiJIb21lOkhvbWVwYWdlIiwicGFnZV9wYXRoIjoiLyIsInB1YmxpY2F0aW9uX25hbWUiOiJUaGUgTmV3cyBUcmlidW5lIiwicmVmZXJyaW5nX2hvc3QiOiJub19yZWZlcnJlciIsInNka19pbml0X3N0YXR1cyI6InN0b3JhZ2UiLCJzZWN0aW9uIjoiSG9tZXBhZ2UiLCJzZXJ2ZXIiOiJ3d3cudGhlbmV3c3RyaWJ1bmUuY29tIiwidGF4b25vbXkiOiJfSG9tZVBhZ2V8fHx8IiwidXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsInZpc2l0X251bWJlciI6MSwiYnJhemVfdXNlcl9hbGlhcyI6IjEwMmFiYTE4LTFhYmQtNDI0YS1iMzdiLWExYTkxNGZhOWJkYyIsImRldmljZV9wbW9kZSI6IjAiLCJkZXZpY2Vfb3JpZW50YXRpb24iOiJ1bnN1cHBvcnRlZCIsImRldmljZV9zY3JlZW5fc2l6ZSI6IjE2MDB4MTIwMCIsImRldmljZV90eXBlIjoib3RoZXIiLCJsb2dnZWRfaW4iOmZhbHNlLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyNC4wLjAuMCBTYWZhcmkvNTM3LjM2IiwiZmxhZ19rZXkiOiJ1c2FnZSIsImRhdGUiOiIyMDI0LTA1LTAyIn19
Referer: https://www.thenewstribune.com/
X-Amp-Exp-Flag-Keys: WyJ1c2FnZSJd
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 0
x-cache: HIT
content-length: 42
x-served-by: cache-fra-etou8220122-FRA
x-timer: S1714648043.836304,VS0,VE0
x-amzn-trace-id: Root=1-663373ea-4acbdcb265737827150ee59e
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 22 B
190 B 355ms
354ms Fetch
application/json 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/bylozis-on/woldoni.0db969b7e79c4ed7c2c3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d35851b6105713ee65d3d0de39a15b81aac4e989ab552d8383fad0618b374e83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Authorization: Api-Key client-G6ik2oCuLtpn6c9TpIT8ZRXe4JHPDDn9
X-Amp-Exp-User: eyJkZXZpY2VfaWQiOiIxMDJhYmExOC0xYWJkLTQyNGEtYjM3Yi1hMWE5MTRmYTliZGMiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwibGFuZ3VhZ2UiOiJkZS1ERSIsImxpYnJhcnkiOiJ5ei1leHAtY2xpZW50LzEuMCIsIm9zIjoiQ2hyb21lIDEyNCIsInBsYXRmb3JtIjoiV2ViIiwidXNlcl9pZCI6IiIsInVzZXJfcHJvcGVydGllcyI6eyJidXNpbmVzc191bml0IjoiVE5UIiwiY2Fub25pY2FsX3VybCI6Imh0dHBzOi8vd3d3LnRoZW5ld3N0cmlidW5lLmNvbS8iLCJjbXNfaWQiOiJIb21lcGFnZTo3MTAxIiwiY29udGVudF9zZXJ2aWNlIjoiUHJvZHVjdDogRXNjZW5pYyIsImZ1bGxfdXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsImhhc19mb2N1cyI6InllcyIsImlmcmFtZV9uZXN0aW5nIjoidG9wIiwicGFnZV9sZXZlbCI6IkhvbWUiLCJwYWdlX25hbWUiOiJIb21lOkhvbWVwYWdlIiwicGFnZV9wYXRoIjoiLyIsInB1YmxpY2F0aW9uX25hbWUiOiJUaGUgTmV3cyBUcmlidW5lIiwicmVmZXJyaW5nX2hvc3QiOiJub19yZWZlcnJlciIsInNka19pbml0X3N0YXR1cyI6InN0b3JhZ2UiLCJzZWN0aW9uIjoiSG9tZXBhZ2UiLCJzZXJ2ZXIiOiJ3d3cudGhlbmV3c3RyaWJ1bmUuY29tIiwidGF4b25vbXkiOiJfSG9tZVBhZ2V8fHx8IiwidXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsInZpc2l0X251bWJlciI6MSwiYnJhemVfdXNlcl9hbGlhcyI6IjEwMmFiYTE4LTFhYmQtNDI0YS1iMzdiLWExYTkxNGZhOWJkYyIsImRldmljZV9wbW9kZSI6IjAiLCJkZXZpY2Vfb3JpZW50YXRpb24iOiJ1bnN1cHBvcnRlZCIsImRldmljZV9zY3JlZW5fc2l6ZSI6IjE2MDB4MTIwMCIsImRldmljZV90eXBlIjoib3RoZXIiLCJsb2dnZWRfaW4iOmZhbHNlLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyNC4wLjAuMCBTYWZhcmkvNTM3LjM2IiwiZmxhZ19rZXkiOiJ1c2FnZSIsImRhdGUiOiIyMDI0LTA1LTAyIn19
Referer: https://www.thenewstribune.com/
X-Amp-Exp-Flag-Keys: WyJ1c2FnZSJd
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 0
x-cache: MISS
content-length: 42
x-served-by: cache-fra-etou8220122-FRA
x-timer: S1714648042.143292,VS0,VE307
x-amzn-trace-id: Root=1-663373ea-4acbdcb265737827150ee59e
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
BLOB 200
OK a698acfe-4c1c-461d-80cc-bf9a73e2f7f8 Show response
https://www.thenewstribune.com/ 266 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/a698acfe-4c1c-461d-80cc-bf9a73e2f7f8
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d573d1127bf81686fdd5544b6a35b6b58046ff02287ff7221de39498aa612da

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 266
Content-Type: text/javascript

GET
BLOB 200
OK 50d82701-3ae4-41f1-8d2a-f215a28dab04 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/50d82701-3ae4-41f1-8d2a-f215a28dab04
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 32d6e2dbea16096854d67cecc0749023f5eedf087210b39a86e5f08d90e2dd1c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 652e4f1b-3d4c-4fb0-a062-fc5c1246f4bb Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/652e4f1b-3d4c-4fb0-a062-fc5c1246f4bb
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ec73a03ddfb93ac643177e88d38d4060665abfa35517953b9cd8101218354ee7

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 1deeaf7e-f9c7-4813-a049-e888063abcfe Show response
https://www.thenewstribune.com/ 268 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/1deeaf7e-f9c7-4813-a049-e888063abcfe
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a28c8285cf359ff4ef1ad357b2480770784260346e16532b55b29b64865d9415

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 268
Content-Type: text/javascript

GET
H2 200 performance.0db969b7e79c4ed7c2c3.js Show response
www.thenewstribune.com/bylozis-on/ 14 KB
5 KB 188ms
188ms Script
application/javascript 23.196.230.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/bylozis-on/performance.0db969b7e79c4ed7c2c3.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-230-25.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: c8269e438637b4fc760ddd4501e2aeaa4d158a288a0d6a1583ffe1a14896459d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:22 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 9
x-cachebust
server-timing: ak_p; desc="1714648041995_34831257_70188491_9817_12745_45_0_146";dur=1
content-length: 4787
new-varnish: true
last-modified: Wed, 01 May 2024 15:25:26 GMT
server: MI
etag: W/"39be-6176618890580"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 314803222, 145857 344485
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=596578
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 quarantine.0db969b7e79c4ed7c2c3.js Show response
www.thenewstribune.com/bylozis-on/ 30 KB
11 KB 173ms
173ms Script
application/javascript 23.196.230.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/bylozis-on/quarantine.0db969b7e79c4ed7c2c3.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-230-25.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 7ec6628ca649036348da6c1cc9db9489ac669d70a10c70d9a7a3898be0b68a92

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:22 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 9
x-cachebust
server-timing: ak_p; desc="1714648041987_34831257_70188492_2997_11226_38_0_146";dur=1
content-length: 10304
new-varnish: true
last-modified: Wed, 01 May 2024 15:25:26 GMT
server: MI
etag: W/"77e0-6176618890580"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 315654477 313983861
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=596444
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 footerBundle.0db969b7e79c4ed7c2c3.js Show response
www.thenewstribune.com/bylozis-on/ 3 KB
1 KB 173ms
173ms Script
application/javascript 23.196.230.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/bylozis-on/footerBundle.0db969b7e79c4ed7c2c3.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-230-25.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 69b2f599e26d08288df4c17f87c5d0bde04b4cb1b764c5cd91f22b06247280a9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:22 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 0
x-cachebust
server-timing: ak_p; desc="1714648041992_34831257_70188493_2609_12359_38_0_146";dur=1
content-length: 885
last-modified: Wed, 01 May 2024 15:25:26 GMT
server: MI
etag: W/"a75-6176618890580"
vary: Accept-Encoding
mi-cache: MISS
x-varnish: 644717583, 179079977
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=596568
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 miFooter.0db969b7e79c4ed7c2c3.js Show response
www.thenewstribune.com/bylozis-on/ 12 KB
4 KB 174ms
174ms Script
application/javascript 23.196.230.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/bylozis-on/miFooter.0db969b7e79c4ed7c2c3.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-230-25.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 2ea1c8e03601f5a205b41afd29f99c70bb4afb010d85c35bda6d7bf206106a6a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:22 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 0
x-cachebust
server-timing: ak_p; desc="1714648041978_34831257_70188494_2647_10567_38_0_146";dur=1
content-length: 3865
last-modified: Wed, 01 May 2024 15:25:26 GMT
server: MI
etag: W/"2f4d-6176618890580"
vary: Accept-Encoding
mi-cache: MISS
x-varnish: 175712170, 645762370
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=596584
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
BLOB 200
OK 45503ed2-bb7b-419d-b6d9-4c81a8842f5b Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/45503ed2-bb7b-419d-b6d9-4c81a8842f5b
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a317eb36ea9f699f2c2889330638ae052905ef507c589138d4336d6e223bd12

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H3 200 elLoader.js Show response
cds.connatix.com/p/476885/ Frame F1E6 3 KB
2 KB 72ms
54ms Script
application/javascript 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/476885/elLoader.js
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8640da585b9aa84c676fc0f3ed814d2080edb80afb3f96d8ec243ccc970e84b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:22 GMT
x-amz-version-id: Gl58ZCLSVxWlmCjibm2uNY_gRRRwvIQK
content-encoding: br
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 01 May 2024 12:40:32 GMT
server: cloudflare
etag: W/"f4f4c2b7a02ca457b4781b73e7280520"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
cf-ray: 87d78c16b849452e-TXL
access-control-allow-headers: range
expires: Fri, 02 May 2025 11:07:22 GMT

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 2 B
95 B 698ms
302ms Fetch
application/json 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/bylozis-on/woldoni.0db969b7e79c4ed7c2c3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Authorization: Api-Key client-G6ik2oCuLtpn6c9TpIT8ZRXe4JHPDDn9
X-Amp-Exp-User: eyJkZXZpY2VfaWQiOiIxMDJhYmExOC0xYWJkLTQyNGEtYjM3Yi1hMWE5MTRmYTliZGMiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwibGFuZ3VhZ2UiOiJkZS1ERSIsImxpYnJhcnkiOiJ5ei1leHAtY2xpZW50LzEuMCIsIm9zIjoiQ2hyb21lIDEyNCIsInBsYXRmb3JtIjoiV2ViIiwidXNlcl9pZCI6IiIsInVzZXJfcHJvcGVydGllcyI6eyJidXNpbmVzc191bml0IjoiVE5UIiwiY2Fub25pY2FsX3VybCI6Imh0dHBzOi8vd3d3LnRoZW5ld3N0cmlidW5lLmNvbS8iLCJjbXNfaWQiOiJIb21lcGFnZTo3MTAxIiwiY29udGVudF9zZXJ2aWNlIjoiUHJvZHVjdDogRXNjZW5pYyIsImZ1bGxfdXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsImhhc19mb2N1cyI6InllcyIsImlmcmFtZV9uZXN0aW5nIjoidG9wIiwicGFnZV9sZXZlbCI6IkhvbWUiLCJwYWdlX25hbWUiOiJIb21lOkhvbWVwYWdlIiwicGFnZV9wYXRoIjoiLyIsInB1YmxpY2F0aW9uX25hbWUiOiJUaGUgTmV3cyBUcmlidW5lIiwicmVmZXJyaW5nX2hvc3QiOiJub19yZWZlcnJlciIsInNka19pbml0X3N0YXR1cyI6InN0b3JhZ2UiLCJzZWN0aW9uIjoiSG9tZXBhZ2UiLCJzZXJ2ZXIiOiJ3d3cudGhlbmV3c3RyaWJ1bmUuY29tIiwidGF4b25vbXkiOiJfSG9tZVBhZ2V8fHx8IiwidXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsInZpc2l0X251bWJlciI6MSwiYnJhemVfdXNlcl9hbGlhcyI6IjEwMmFiYTE4LTFhYmQtNDI0YS1iMzdiLWExYTkxNGZhOWJkYyIsImRldmljZV9wbW9kZSI6IjAiLCJkZXZpY2Vfb3JpZW50YXRpb24iOiJ1bnN1cHBvcnRlZCIsImRldmljZV9zY3JlZW5fc2l6ZSI6IjE2MDB4MTIwMCIsImRldmljZV90eXBlIjoib3RoZXIiLCJsb2dnZWRfaW4iOmZhbHNlLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyNC4wLjAuMCBTYWZhcmkvNTM3LjM2IiwiZmxhZ19rZXkiOiIyNGhhcmQtcGF5d2FsbC1leHBlcmltZW50IiwiZGF0ZSI6IjIwMjQtMDUtMDIifX0=
Referer: https://www.thenewstribune.com/
X-Amp-Exp-Flag-Keys: WyIyNGhhcmQtcGF5d2FsbC1leHBlcmltZW50Il0=
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
age: 0
x-cache: MISS
content-length: 2
x-served-by: cache-fra-etou8220122-FRA
x-timer: S1714648043.532240,VS0,VE263
x-amzn-trace-id: Root=1-663373ea-3fffec025f9956951b59679e
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

OPTIONS
H2 200 vardata
api.lab.amplitude.com/sdk/ Frame 0
0 111ms
43ms Preflight 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-flag-keys,x-amp-exp-user
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.thenewstribune.com
access-control-max-age: 1800
age: 1913
cache-control: no-store
content-length: 0
date: Thu, 02 May 2024 11:07:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amzn-trace-id: Root=1-66336c70-4364069d32dff1562263edde
x-cache: HIT
x-cache-hits: 71
x-content-type-options: nosniff
x-served-by: cache-fra-etou8220122-FRA
x-timer: S1714648042.090146,VS0,VE0

GET
H3 200 connatix.player.dc.js Show response
cds.connatix.com/p/476885/ Frame F1E6 482 KB
136 KB 64ms
64ms Script
application/javascript 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/476885/connatix.player.dc.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/476885/elLoader.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8527bd74842ff05938bd4dd0c4b59fbd26ec32110a79471cd4b10d59409911ab

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:22 GMT
x-amz-version-id: pDfmAZb28dpOGIq62Djf0fS4GsmVtsak
content-encoding: br
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 01 May 2024 12:40:32 GMT
server: cloudflare
etag: W/"0d663eb13eb37aaebcd0038374311c63"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
cf-ray: 87d78c171922452e-TXL
access-control-allow-headers: range
expires: Fri, 02 May 2025 11:07:22 GMT

POST
H2 200 f78cca44a71c65804b91fc002ab70944025c6cbab6 Show response
scissorsstatement.com/create/6f8fe88385/ 303 B
821 B 168ms
57ms Fetch
application/json 2600:1901:0:d733::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://scissorsstatement.com/create/6f8fe88385/f78cca44a71c65804b91fc002ab70944025c6cbab6

Requested by

Host: flowerstreatment.com
URL: https://flowerstreatment.com/v2fnb2AI392SRgTGMK1fjeEnugWK7uqXHL7oHGZAZL5vdKfN5zLouHbUz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:d733::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

bd2d49932c691b72fe6b0ecf521ed7eb328dd895be92127a950c26318099f896

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Thu, 02 May 2024 11:07:22 GMT
via: 1.1 google
x-buildnumber: 1205290244
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 303
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
x-hostname: fen-hoothoot-europe-west1-lbtz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Thu, 02 May 2024 11:07:21 GMT

GET
BLOB 200
OK 35d9937e-a4cc-410a-aa40-764cc45de6a4 Show response
https://www.thenewstribune.com/ Frame E135 466 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/35d9937e-a4cc-410a-aa40-764cc45de6a4
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d10f564111b281963c5fb5366bf9a944c91d141643ea0e711f7a9803d49f1b2a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 466
Content-Type: text/javascript

GET
BLOB 200
OK 28972e74-e5fb-4972-a4e9-b9566074d276 Show response
https://www.thenewstribune.com/ Frame E84E 555 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/28972e74-e5fb-4972-a4e9-b9566074d276
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e862bf1e216f81d079dc802b0dae8313937d4857175abb0f4706ec8f8f07cdc

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 555
Content-Type: text/javascript

GET
BLOB 200
OK b8d5e8f8-b3cc-4506-87ca-68f2069b7af2 Show response
https://www.thenewstribune.com/ Frame 50BF 590 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/b8d5e8f8-b3cc-4506-87ca-68f2069b7af2
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fbf5a809affc2436edaeec5bf7b723d8feaf4f9e7cbd8ba5f7f0f1e237b17f27

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 590
Content-Type: text/javascript

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 22 B
158 B 743ms
41ms Fetch
application/json 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/bylozis-on/woldoni.0db969b7e79c4ed7c2c3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d35851b6105713ee65d3d0de39a15b81aac4e989ab552d8383fad0618b374e83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Authorization: Api-Key client-G6ik2oCuLtpn6c9TpIT8ZRXe4JHPDDn9
X-Amp-Exp-User: eyJkZXZpY2VfaWQiOiIxMDJhYmExOC0xYWJkLTQyNGEtYjM3Yi1hMWE5MTRmYTliZGMiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwibGFuZ3VhZ2UiOiJkZS1ERSIsImxpYnJhcnkiOiJ5ei1leHAtY2xpZW50LzEuMCIsIm9zIjoiQ2hyb21lIDEyNCIsInBsYXRmb3JtIjoiV2ViIiwidXNlcl9pZCI6IiIsInVzZXJfcHJvcGVydGllcyI6eyJidXNpbmVzc191bml0IjoiVE5UIiwiY2Fub25pY2FsX3VybCI6Imh0dHBzOi8vd3d3LnRoZW5ld3N0cmlidW5lLmNvbS8iLCJjbXNfaWQiOiJIb21lcGFnZTo3MTAxIiwiY29udGVudF9zZXJ2aWNlIjoiUHJvZHVjdDogRXNjZW5pYyIsImZ1bGxfdXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsImhhc19mb2N1cyI6InllcyIsImlmcmFtZV9uZXN0aW5nIjoidG9wIiwicGFnZV9sZXZlbCI6IkhvbWUiLCJwYWdlX25hbWUiOiJIb21lOkhvbWVwYWdlIiwicGFnZV9wYXRoIjoiLyIsInB1YmxpY2F0aW9uX25hbWUiOiJUaGUgTmV3cyBUcmlidW5lIiwicmVmZXJyaW5nX2hvc3QiOiJub19yZWZlcnJlciIsInNka19pbml0X3N0YXR1cyI6InN0b3JhZ2UiLCJzZWN0aW9uIjoiSG9tZXBhZ2UiLCJzZXJ2ZXIiOiJ3d3cudGhlbmV3c3RyaWJ1bmUuY29tIiwidGF4b25vbXkiOiJfSG9tZVBhZ2V8fHx8IiwidXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsInZpc2l0X251bWJlciI6MSwiYnJhemVfdXNlcl9hbGlhcyI6IjEwMmFiYTE4LTFhYmQtNDI0YS1iMzdiLWExYTkxNGZhOWJkYyIsImRldmljZV9wbW9kZSI6IjAiLCJkZXZpY2Vfb3JpZW50YXRpb24iOiJ1bnN1cHBvcnRlZCIsImRldmljZV9zY3JlZW5fc2l6ZSI6IjE2MDB4MTIwMCIsImRldmljZV90eXBlIjoib3RoZXIiLCJsb2dnZWRfaW4iOmZhbHNlLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyNC4wLjAuMCBTYWZhcmkvNTM3LjM2IiwiZmxhZ19rZXkiOiJ1c2FnZSIsImRhdGUiOiIyMDI0LTA1LTAyIn19
Referer: https://www.thenewstribune.com/
X-Amp-Exp-Flag-Keys: WyJ1c2FnZSJd
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 0
x-cache: HIT
content-length: 42
x-served-by: cache-fra-etou8220122-FRA
x-timer: S1714648043.876885,VS0,VE0
x-amzn-trace-id: Root=1-663373ea-4acbdcb265737827150ee59e
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 3

GET
BLOB 200
OK a6613f07-1036-4350-9a5f-9b0256165491 Show response
https://www.thenewstribune.com/ 382 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/a6613f07-1036-4350-9a5f-9b0256165491
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 589d11bbdbb3c6e65b9c737bde980cff7168c8482006bbf8e976945defaca3fb

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 382
Content-Type: [object object]

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame E135 4 KB
2 KB 136ms
41ms Script
application/javascript 108.138.7.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/35d9937e-a4cc-410a-aa40-764cc45de6a4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-125.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 02:15:04 GMT
content-encoding: gzip
via: 1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
last-modified: Thu, 07 Dec 2023 12:13:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 37780
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: xTeVV-0MFHpCEyzXToUcU6cWPPhu5ngvYGEnhYcWWVXJ_2ZkOakYXw==

GET
H2

200

ml.br.js Show response
js.matheranalytics.com/static/ltm/ma12095/all/11/ Frame E84E
Redirect Chain

https://js.matheranalytics.com/s/ma12095/74930801/all/ml.js?cb=1654
https://js.matheranalytics.com/static/ltm/ma12095/all/11/ml.br.js

148 KB
43 KB

39ms
39ms

Script
application/x-javascript

107.178.250.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.matheranalytics.com/static/ltm/ma12095/all/11/ml.br.js
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Server: 107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.250.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8856cb0a8fb9615673fae7be84a0bac4128660b2eac4492c648dd38e19746bd8

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Wed, 01 May 2024 18:35:38 GMT
content-encoding: br
via: 1.1 google
last-modified: Fri, 17 Nov 2023 15:14:59 GMT
server: nginx
age: 59504
etag: "7c7b83c1a7aee9d99fa9f7b5fa2e2f6c"
vary: Accept-Encoding
x-cache: HIT Fri, 17 Nov 2023 15:29:13 GMT
content-type: application/x-javascript
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43804

Redirect headers

date: Thu, 02 May 2024 11:07:22 GMT
via: 1.1 google
server: nginx
vary: Accept-Encoding
location: https://js.matheranalytics.com/static/ltm/ma12095/all/11/ml.br.js
cache-control: public, max-age=269200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by: 0-gc-europe-west6-8j341034

GET fullcontact.js
tags.fullcontact.com/anon/ Frame 50BF 0
0

GET
H2 200 pdp.gif
www.thenewstribune.com/bylozis-on/ 42 B
470 B 463ms
463ms Image
image/gif 23.196.230.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/bylozis-on/pdp.gif?k=eyJpZCI6Im1pX3RpX3RudF8xMDJhYmExOC0xYWJkLTQyNGEtYjM3Yi1hMWE5MTRmYTliZGNfMTcxNDY0ODA0MTgzMl8xNzE0NjQ4MDQxODE3IiwiZG9tSW50ZXJhY3RpdmUiOjM5NDMsInJlcXVlc3RTdGFydCI6MzA1NX0=
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-230-25.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:22 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 8186
x-cachebust
server-timing: ak_p; desc="1714648042211_34831257_70188746_37686_12791_42_0_146";dur=1
content-length: 42
new-varnish: true
last-modified: Wed, 01 May 2024 15:25:26 GMT
server: MI
etag: "2a-6176618890580"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 312575438, 6471317 8300125
content-type: image/gif
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=86400
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

POST
H2 200 aab4c8ce58372cb5c4abdf1544aa05065f612b34645d143f5c8f Show response
scissorsstatement.com/ 3 B
75 B 53ms
52ms Fetch
application/json 2600:1901:0:d733::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://scissorsstatement.com/aab4c8ce58372cb5c4abdf1544aa05065f612b34645d143f5c8f

Requested by

Host: flowerstreatment.com
URL: https://flowerstreatment.com/v2fnb2AI392SRgTGMK1fjeEnugWK7uqXHL7oHGZAZL5vdKfN5zLouHbUz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:d733::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Thu, 02 May 2024 11:07:22 GMT
via: 1.1 google
x-buildnumber: 1205290244
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
x-hostname: fen-hoothoot-europe-west1-lbtz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Thu, 02 May 2024 11:07:21 GMT

POST
H2 200 pixel_43bc9909 Show response
www.thenewstribune.com/akam/13/ 0
816 B 52ms
52ms XHR
text/html 23.196.230.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/akam/13/pixel_43bc9909
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/akam/13/43bc9909
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-230-25.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 02 May 2024 11:07:22 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=0, no-cache
access-control-allow-credentials: false
x-cachebust
server-timing: ak_p; desc="1714648042329_34831257_70188856_305_7690_42_0_219";dur=1
access-control-allow-headers: *
content-length: 0
expires: Thu, 02 May 2024 11:07:22 GMT

GET
H2 204 b
sb.scorecardresearch.com/ Frame E135 0
224 B 39ms
39ms Image
text/plain 108.138.7.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6035363&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1714648042317&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fwww.thenewstribune.com%2F&c8=Tacoma%20WA%20Breaking%20News%2C%20Crime%20%26%20More%20%7C%20Tacoma%20News%20Tribune&c9=https%3A%2F%2Fwww.thenewstribune.com%2F
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-125.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:22 GMT
via: 1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P6
x-amz-cf-id: ErvYaysxrkhcnh51XALx_rKVlludV16JLrT0-750kuoYHvhx1Fs20g==
x-cache: Miss from cloudfront

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ Frame E84E 43 B
245 B 626ms
117ms Image
image/gif 54.224.102.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pv&page=ml&hier=_HomePage&ptype=homepage&pubname=The%20News%20Tribune&sec=Homepage&tv=js-3.0.165&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=de-DE&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=11&tvcfg=all&tid=7e8b1ce5-d66d-4f96-a373-892978dc0b0d&pid=a078609f-3095-4b2e-80a3-b7a3d25b7be9&dtm=1714648042570&qnm=_matherq&visible=1&tabid=7a5587fc-af1c-47ee-9b2c-edd4e4f1db97&refr=https%3A%2F%2Fwww.thenewstribune.com%2F&url=https%3A%2F%2Fwww.thenewstribune.com%2F&vrefr=https%3A%2F%2Fwww.thenewstribune.com%2F&vp=0x0&ds=0x0&tofa=1714648043&vid=1&lvidt=1714648043&duid=bfa9566c-f20b-4dac-bc55-8c7f8435a06b&fp=1187562409&cid=ma12095&mrk=74930801&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTcxNDY0ODAzNzc4NyIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxNy45NzM3NjdtYiIsImhlYXBUIjoiMjYuNTAyMzA3bWIiLCJmc3RQYWludCI6IjM4ODAiLCJmZXRjaFMiOiIyODk0IiwiZG9tYWluUyI6IjI5MzMiLCJkb21haW5FIjoiMjkzMyIsImNvbm5TIjoiMjkzMyIsImNvbm5FIjoiMzA1NCIsInNzbFMiOiIyOTc2IiwicmVxdVMiOiIzMDU0IiwicmVzcFMiOiIzMTMwIiwicmVzcEUiOiIzMTQxIiwiZG9tTG9hZCI6IjMxMzQiLCJkb21JbnRlciI6IjM5NDMiLCJkb21Mb2FkUyI6IjM5NzciLCJkb21Mb2FkRSI6IjM5NzkifX0
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.224.102.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-224-102-229.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date: Thu, 02 May 2024 11:07:23 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 /
cmp.osano.com/ Frame 9195 0
0 0ms
0ms Document
text/html 52.85.158.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.158.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-158-7.ath50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.thenewstribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 71531
alt-svc: h3=":443"; ma=86400
content-encoding: gzip
content-type: text/html
date: Wed, 01 May 2024 15:15:12 GMT
etag: W/"48a0e738f84f45eb10ccd17ff6e09429"
last-modified: Tue, 06 Feb 2024 18:00:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 ebeaa16e70379b3496daf7e832347e92.cloudfront.net (CloudFront)
x-amz-cf-id: XlSXVgQWIN95AbAG7oomfoa4xHW5jKMe2A6Sdnp1rV32F7hb2PkgmA==
x-amz-cf-pop: ATH50-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: POJv8cLnvurN8PIkBGZX7_kfH6.eePMP
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
BLOB 200
OK 4237f861-da3d-4e47-bc76-808e220cc2de Show response
https://www.thenewstribune.com/ 268 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/4237f861-da3d-4e47-bc76-808e220cc2de
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf8afeae1dceeae46193da68f95406a032cc6f8f19775f3a811aabc46f36eff3

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 268
Content-Type: text/javascript

GET
BLOB 200
OK fc02b03e-c76c-4031-916c-1f7afe92a09e Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/fc02b03e-c76c-4031-916c-1f7afe92a09e
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f4e7aa32fc31c8002b5cc2db4e7106ac090478441dffa01b36451f54fda83680

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK f176283d-9b25-45a3-96d8-962c404e3c20 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/f176283d-9b25-45a3-96d8-962c404e3c20
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 312b9102cbc04d986c3894c9109b880c00f415e8e87e1646c96edb3a881354da

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 62ecf1e1-7cfe-404b-8c43-6362bb4dd0a2 Show response
https://www.thenewstribune.com/ 354 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/62ecf1e1-7cfe-404b-8c43-6362bb4dd0a2
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3600a4f3cb38184c7ad77fc3b129b40666856e9791d2b575ac63452e0ce416da

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 354
Content-Type: [object object]

GET
BLOB 200
OK 9a20a31e-20d0-4085-9528-09d62ea922a0 Show response
https://www.thenewstribune.com/ Frame 06A1 594 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/9a20a31e-20d0-4085-9528-09d62ea922a0
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7aa53b6f5be7864f11e29318a7c9c7fd8969bbfd381c39adf480b793ac73af56

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 594
Content-Type: text/javascript

GET
BLOB 200
OK c223f177-9c1d-46cc-a00a-b506a2cb52fe Show response
https://www.thenewstribune.com/ Frame 553F 512 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/c223f177-9c1d-46cc-a00a-b506a2cb52fe
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aeefaae7e90680816ec89d5a80f2e8e9f07ef6a56a1d66fa2f8dc07a8a92b820

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 512
Content-Type: text/javascript

GET
BLOB 200
OK 5b99d4e4-dae2-462d-9ed9-8557e2db1539 Show response
https://www.thenewstribune.com/ Frame ED3A 724 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/5b99d4e4-dae2-462d-9ed9-8557e2db1539
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7eefee06bdc64fa60ef5e0752071498970f1f5a8d76832bffe09b4f6ce5e1767

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 724
Content-Type: text/javascript

GET
BLOB 200
OK 1862ed7c-235a-4e35-9b83-02e9efb8ef4b Show response
https://www.thenewstribune.com/ Frame 4B38 510 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/1862ed7c-235a-4e35-9b83-02e9efb8ef4b
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d722b262f280460d6f3092516abf3ad852bf0f5082e9a9727470be6e8dfef07b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 510
Content-Type: text/javascript

GET
BLOB 200
OK 9fc60166-c092-47d5-ae11-864e1be3ca62 Show response
https://www.thenewstribune.com/ Frame BC13 464 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/9fc60166-c092-47d5-ae11-864e1be3ca62
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6e4be20312e2b84c81275836c74764a61075c14fc7c58073c778e61efd19428

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 464
Content-Type: text/javascript

GET
BLOB 200
OK 08d664d0-26bd-419b-93f2-4b39c7eb66ac Show response
https://www.thenewstribune.com/ Frame A353 893 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/08d664d0-26bd-419b-93f2-4b39c7eb66ac
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 33560c1b3cdb0f0066d12bc667eaffaeadae008628e5d945d8e8758c0d7859a2

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 893
Content-Type: text/javascript

GET
H2 200 pageLoad.0db969b7e79c4ed7c2c3.js Show response
www.thenewstribune.com/bylozis-on/ 4 KB
2 KB 63ms
61ms Script
application/javascript 23.196.230.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/bylozis-on/pageLoad.0db969b7e79c4ed7c2c3.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-230-25.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: e421f99080a6b360c6aa740d7370b9edc1bed7486dd68bd05ad1f4fe6e821df8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:23 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 623
x-cachebust
server-timing: ak_p; desc="1714648043038_34831257_70189467_774_10307_42_0_146";dur=1
content-length: 1568
new-varnish: true
last-modified: Wed, 01 May 2024 15:25:26 GMT
server: MI
etag: W/"f0c-6176618890580"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 317128980, 310053702 305141062
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=597183
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 hanealneh.0db969b7e79c4ed7c2c3.js Show response
www.thenewstribune.com/bylozis-on/ 173 KB
48 KB 63ms
61ms Script
application/javascript 23.196.230.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/bylozis-on/hanealneh.0db969b7e79c4ed7c2c3.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-230-25.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 07e8578f77ebfb48f789ec516d7ca30961c9f483fdac695c3fc3e54ecf408917

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:23 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 596
x-cachebust
server-timing: ak_p; desc="1714648043038_34831257_70189468_882_10273_42_0_146";dur=1
content-length: 48855
new-varnish: true
last-modified: Wed, 01 May 2024 15:25:26 GMT
server: MI
etag: W/"2b522-6176618890580"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 296361492, 6212652 7361815
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=597043
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 chatbot.0db969b7e79c4ed7c2c3.js Show response
www.thenewstribune.com/bylozis-on/ 5 KB
2 KB 428ms
426ms Script
application/javascript 23.196.230.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/bylozis-on/chatbot.0db969b7e79c4ed7c2c3.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-230-25.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 08712c19859f7f0982bdec2bf49d255524d293aabb60829e27596cda98cec96c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:23 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 7764
x-cachebust
server-timing: ak_p; desc="1714648043038_34831257_70189469_37502_10314_39_0_146";dur=1
content-length: 1891
last-modified: Wed, 01 May 2024 15:25:26 GMT
server: MI
etag: W/"1257-6176618890580"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 641525118 644163953
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=604800
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 userprofile Show response
profile-api.amplitude.com/v1/ 193 B
434 B 215ms
215ms Fetch
application/json 44.228.37.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://profile-api.amplitude.com/v1/userprofile?device_id=102aba18-1abd-424a-b37b-a1a914fa9bdc&user_id=&comp_id=apflrqef

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/bylozis-on/thenewstribunecore.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.228.37.53 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-228-37-53.us-west-2.compute.amazonaws.com

Software

Jetty(9.4.54.v20240208) /

Resource Hash

841b376b295a344c5818c66213a1b95600055a200f527ac2e233d9fa81a9f869

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Api-Key 5b9692cfc25dd38c13c7782c17376864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Jetty(9.4.54.v20240208)
x-amzn-trace-id: Root=1-663373eb-3298d34166b9f86267196f64
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
access-control-allow-credentials: true

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 374 B
415 B 217ms
217ms Fetch
application/json 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/bylozis-on/woldoni.0db969b7e79c4ed7c2c3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

096d737de4e9d2ccaf1e6b46be90c8d4cc8e5186e13eb2a0d3936509c3512040

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Authorization: Api-Key client-G6ik2oCuLtpn6c9TpIT8ZRXe4JHPDDn9
X-Amp-Exp-User: eyJkZXZpY2VfaWQiOiIxMDJhYmExOC0xYWJkLTQyNGEtYjM3Yi1hMWE5MTRmYTliZGMiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwibGFuZ3VhZ2UiOiJkZS1ERSIsImxpYnJhcnkiOiJ5ei1leHAtY2xpZW50LzEuMCIsIm9zIjoiQ2hyb21lIDEyNCIsInBsYXRmb3JtIjoiV2ViIiwidXNlcl9pZCI6IiIsInVzZXJfcHJvcGVydGllcyI6eyJidXNpbmVzc191bml0IjoiVE5UIiwiY2Fub25pY2FsX3VybCI6Imh0dHBzOi8vd3d3LnRoZW5ld3N0cmlidW5lLmNvbS8iLCJjbXNfaWQiOiJIb21lcGFnZTo3MTAxIiwiY29udGVudF9zZXJ2aWNlIjoiUHJvZHVjdDogRXNjZW5pYyIsImZ1bGxfdXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsImhhc19mb2N1cyI6InllcyIsImlmcmFtZV9uZXN0aW5nIjoidG9wIiwicGFnZV9sZXZlbCI6IkhvbWUiLCJwYWdlX25hbWUiOiJIb21lOkhvbWVwYWdlIiwicGFnZV9wYXRoIjoiLyIsInB1YmxpY2F0aW9uX25hbWUiOiJUaGUgTmV3cyBUcmlidW5lIiwicmVmZXJyaW5nX2hvc3QiOiJub19yZWZlcnJlciIsInNka19pbml0X3N0YXR1cyI6InN0b3JhZ2UiLCJzZWN0aW9uIjoiSG9tZXBhZ2UiLCJzZXJ2ZXIiOiJ3d3cudGhlbmV3c3RyaWJ1bmUuY29tIiwidGF4b25vbXkiOiJfSG9tZVBhZ2V8fHx8IiwidXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsInZpc2l0X251bWJlciI6MSwiYnJhemVfdXNlcl9hbGlhcyI6IjEwMmFiYTE4LTFhYmQtNDI0YS1iMzdiLWExYTkxNGZhOWJkYyIsImRldmljZV9wbW9kZSI6IjAiLCJkZXZpY2Vfb3JpZW50YXRpb24iOiJ1bnN1cHBvcnRlZCIsImRldmljZV9zY3JlZW5fc2l6ZSI6IjE2MDB4MTIwMCIsImRldmljZV90eXBlIjoib3RoZXIiLCJsb2dnZWRfaW4iOmZhbHNlLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyNC4wLjAuMCBTYWZhcmkvNTM3LjM2IiwiZmxhZ19rZXkiOiJzb3BoaS10ZXN0LWdyb3VwLXRpZXItMiIsImRhdGUiOiIyMDI0LTA1LTAyIn19
Referer: https://www.thenewstribune.com/
X-Amp-Exp-Flag-Keys: WyJzb3BoaS10ZXN0LWdyb3VwLXRpZXItMiJd
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 0
x-cache: MISS
content-length: 260
x-served-by: cache-fra-etou8220122-FRA
x-timer: S1714648043.044648,VS0,VE177
x-amzn-trace-id: Root=1-663373eb-5f7ce91d7e5bd34515b3ef99
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 pdp.gif
www.thenewstribune.com/bylozis-on/ 42 B
450 B 489ms
487ms Image
image/gif 23.196.230.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/bylozis-on/pdp.gif?k=eyJpZCI6Im1pX3RpX3RudF8xMDJhYmExOC0xYWJkLTQyNGEtYjM3Yi1hMWE5MTRmYTliZGNfMTcxNDY0ODA0MTgzMl8xNzE0NjQ4MDQxODE3IiwibG9hZEV2ZW50U3RhcnQiOjQ4NDJ9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-230-25.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:23 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 8184
x-cachebust
server-timing: ak_p; desc="1714648043051_34831257_70189479_43220_9783_39_0_146";dur=1
content-length: 42
last-modified: Wed, 01 May 2024 15:25:26 GMT
server: MI
etag: "2a-6176618890580"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 647438382 647693270
content-type: image/gif
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=86400
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 favicon-32.png
www.thenewstribune.com/wps/build/images/thenewstribune/ 411 B
869 B 67ms
64ms Other
image/png 23.196.230.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/wps/build/images/thenewstribune/favicon-32.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-230-25.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: a1a850fd1774ef1f9ad3314570b39867b72669a78e9dc00c7dbae09e3e81a010

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:23 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 401502
x-cachebust
server-timing: ak_p; desc="1714648043056_34831257_70189478_681_12795_42_0_219";dur=1
content-length: 411
last-modified: Tue, 23 Apr 2024 05:07:53 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"19b-18f095a7028"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 61901068, 323519988 51646730
content-type: image/png;charset=ISO-8859-1
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=284138
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 tag.aspx Show response
ml314.com/ Frame 06A1 33 KB
34 KB 133ms
38ms Script
application/javascript 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?24
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/9a20a31e-20d0-4085-9528-09d62ea922a0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c613bd0434cd5a0f6d1db345a5b36c8bdc6339e96ffde9695340aa1094399f43

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 10:17:59 GMT
via: 1.1 google
age: 2964
x-guploader-uploadid: ABPtcPrCw_CKN-0lK7Hoon1S-92lBNfaXUz8JGvYotrYsMlfNyEqQVeShbG79zekO5bPUeYXkwptlMMGjQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34224
last-modified: Tue, 19 Mar 2024 18:01:29 GMT
server: UploadServer
etag: "c7830e91e4be8c5d23ef468e43d3397d"
x-goog-generation: 1710871289439515
x-goog-hash: crc32c=HinCJA==, md5=x4MOkeS+jF0j70aOQ9M5fQ==
content-type: application/javascript
cache-id: FRA-fa985ced
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 34224
accept-ranges: bytes

GET
H2

200

analytics-1.5.12.min.js Show response
cdn.keywee.co/dist/ Frame 553F
Redirect Chain

https://cdn.keywee.co/dist/analytics.min.js
https://cdn.keywee.co/dist/analytics-1.5.12.min.js

22 KB
8 KB

40ms
40ms

Script
application/javascript

2600:9000:266e:a00:e:ec66:e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.keywee.co/dist/analytics-1.5.12.min.js
Protocol: H2
Server: 2600:9000:266e:a00:e:ec66:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d29d84e698eb10452f97d8a6f249b73496beb844cef58e920e3832bd321d64a2

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.thenewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Thu, 02 May 2024 03:41:09 GMT
content-encoding: gzip
via: 1.1 a4079c0a5989b4b7af98433fdd07f680.cloudfront.net (CloudFront)
last-modified: Mon, 28 Dec 2020 09:55:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P8
age: 27591
etag: W/"13a05c433850fad0455e2ee1a1707eb0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=259200,public
x-amz-cf-id: 5e8ZATzaS1Ix_0hkr8KuHyOBWkiE0xfoCpZwxIOLscc1maTM5y7zbA==

Redirect headers

date: Thu, 02 May 2024 11:07:17 GMT
via: 1.1 a4079c0a5989b4b7af98433fdd07f680.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: FRA56-P8
age: 7
x-cache: Hit from cloudfront
location: /dist/analytics-1.5.12.min.js
content-length: 0
x-amz-cf-id: va-QLgVYdYlPl370xA_I_otmVElkngjzG934YavuqQO0IsAKLd6Q5A==

GET
H2 200 events.js Show response
tags.srv.stackadapt.com/ Frame ED3A 18 KB
7 KB 229ms
130ms Script
text/javascript 3.121.4.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/5b99d4e4-dae2-462d-9ed9-8557e2db1539
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.121.4.172 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-4-172.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 64b0c917f1c05d48abb72d836a571da26673e6cc26e4b6ba1faca85789c7f46d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Thu, 02 May 2024 11:07:23 GMT
cache-control: max-age=5
content-encoding: gzip
content-type: text/javascript

GET
H2 200 m
secure-us.imrworldwide.com/cgi-bin/ Frame 4B38 44 B
425 B 344ms
55ms Image
image/gif 54.170.62.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.thenewstribune.com/&rp=&ts=compact&rnd=1714648043028
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.170.62.78 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-170-62-78.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 11:07:23 GMT
server: nginx
accept-ch: Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-us.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 quant.js Show response
edge.quantserve.com/ Frame BC13 23 KB
9 KB 155ms
45ms Script
application/javascript 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.quantserve.com/quant.js
Requested by: Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/9fc60166-c092-47d5-ae11-864e1be3ca62
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:23 GMT
content-encoding: gzip
etag: "bvEECQq4Zy6gU9J/qv1O6Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 09 May 2024 11:07:23 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame A353 202 KB
73 KB 158ms
70ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-48278079-1

Requested by

Host: www.thenewstribune.com
URL: blob:https://www.thenewstribune.com/08d664d0-26bd-419b-93f2-4b39c7eb66ac

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7a52a88a2f21c8e7b21c78398fb9b2bf9e34ac7d04d976033aba28f8931e3f52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74189
x-xss-protection: 0
last-modified: Thu, 02 May 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 02 May 2024 11:07:23 GMT

OPTIONS
H2 200 userprofile
profile-api.amplitude.com/v1/ Frame 0
0 209ms
208ms Preflight 44.228.37.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://profile-api.amplitude.com/v1/userprofile?device_id=102aba18-1abd-424a-b37b-a1a914fa9bdc&user_id=&comp_id=apflrqef

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.228.37.53 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-228-37-53.us-west-2.compute.amazonaws.com

Software

Jetty(9.4.54.v20240208) /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.thenewstribune.com
access-control-max-age: 1800
date: Thu, 02 May 2024 11:07:23 GMT
server: Jetty(9.4.54.v20240208)
vary: Origin
x-amzn-trace-id: Root=1-663373eb-52fd66f96c69cc76140b3868
x-content-type-options: nosniff

GET
H2 200 homepage.json Show response
www.thenewstribune.com/static/hi/zones/ 1 KB
1 KB 426ms
426ms Fetch
application/json 23.196.230.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/static/hi/zones/homepage.json
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/bylozis-on/zones.0db969b7e79c4ed7c2c3.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-230-25.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 4a5bca6580a6caf83f9bf95c31541f90aa9114f80798948c82736d141c0d2e66

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:23 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 274
x-cachebust
server-timing: ak_p; desc="1714648043049_34831257_70189480_37062_11194_39_0_219";dur=1
content-length: 420
last-modified: Mon, 08 Apr 2024 16:14:23 GMT
server: MI
etag: W/"53b-61598193e75c0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 392889122, 394791660 393451862
content-type: application/json
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=289
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

OPTIONS
H2 200 /
sdk.iad-05.braze.com/api/v3/data/ Frame 0
0 494ms
273ms Preflight 2606:4700:4400::ac40:965f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-05.braze.com/api/v3/data/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:965f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-triggersrequest,x-requested-with
Access-Control-Request-Method: POST
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-last-req-ms-ago,x-braze-req-attempt,x-braze-triggersrequest,x-requested-with
access-control-allow-methods: POST, GET
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
cf-cache-status: DYNAMIC
cf-ray: 87d78c1ed8299a39-FRA
content-encoding: gzip
date: Thu, 02 May 2024 11:07:23 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

POST
H2 201 / Show response
sdk.iad-05.braze.com/api/v3/data/ 564 B
651 B 643ms
642ms XHR
application/json 2606:4700:4400::ac40:965f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-05.braze.com/api/v3/data/

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/bylozis-on/hanealneh.0db969b7e79c4ed7c2c3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:965f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26b311640fb08f25649988a13944fc8a708b4df6eee15ef5d2b20802b7b8d36b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-Braze-Api-Key: 83d75cce-ff55-432f-b0b6-78b7ba1ad6a8
X-Braze-TriggersRequest: true
X-Braze-DataRequest: true
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type: application/json
X-Braze-Last-Req-Ms-Ago: 7200000
Referer: https://www.thenewstribune.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9;q=0.9
X-Braze-Req-Attempt: 1
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:24 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 07179c3f-16e8-4ec5-a395-1978108aff75
x-runtime: 0.368746
server: cloudflare
etag: W/"26b311640fb08f25649988a13944fc8a"
vary: Origin,Accept-Encoding
access-control-allow-methods: POST, GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
x-ratelimit-reset: 1714648047
access-control-max-age: 7200
x-ratelimit-limit: 500.0
cf-ray: 87d78c209a439a39-FRA
x-ratelimit-remaining: 445.0

GET
H2 200 webpush_desktop_en.svg Show response
www.thenewstribune.com/bylozis-on/messaging/ 62 KB
24 KB 79ms
79ms XHR
image/svg+xml 23.196.230.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/bylozis-on/messaging/webpush_desktop_en.svg
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/bylozis-on/thenewstribunecore.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-230-25.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 0bb3754e5ea2f7bc2ee48c5dd9511630fd8440667c48040c7f7b1ae2cbec4d55

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:23 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 136
x-cachebust
server-timing: ak_p; desc="1714648043114_34831257_70189549_837_10412_40_0_219";dur=1
content-length: 23970
new-varnish: true
last-modified: Wed, 01 May 2024 15:25:26 GMT
server: MI
etag: "f802-6176618890580"
mi-cache: HIT
vary: Accept-Encoding
x-varnish: 271202944, 6998357 3293877
content-type: image/svg+xml
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=597143
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 favicon-196.png
www.thenewstribune.com/wps/build/images/thenewstribune/ 1 KB
2 KB 49ms
49ms Image
image/png 23.196.230.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/wps/build/images/thenewstribune/favicon-196.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-230-25.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: df966430d36d0f9a0c25cb72a40a5f24a4c82d3eebb4a9f51ad563d328487eaf

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:23 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 233216
x-cachebust
server-timing: ak_p; desc="1714648043199_34831257_70189611_32_10561_39_0_146";dur=1
content-length: 1104
last-modified: Wed, 24 Apr 2024 05:40:35 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"450-18f0e9ebc38"
mi-cache: MISS
access-control-max-age: 86400
x-varnish: 53598850, 137013824
content-type: image/png;charset=ISO-8859-1
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=326979
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 rules-p-50B2Fi6bBqYto.js Show response
rules.quantcount.com/ Frame BC13 1 KB
1 KB 168ms
39ms Script
application/javascript 2600:9000:223c:d800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-50B2Fi6bBqYto.js
Requested by: Host: edge.quantserve.com
URL: https://edge.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:d800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 75d9d212e2811afea51e1b0d425566c5b3f2be843066b5a8f91f9df7c328cda6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 10:20:01 GMT
content-encoding: gzip
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 2843
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 13 Oct 2022 22:15:13 GMT
server: AmazonS3
etag: W/"52f4ba3839d01c1dbb310f6ef96bde89"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: LRG4apR6wE9yUxX-V1RUv5GhrF9OOCQzRRcjqtC_pg8rdlrN07vqFQ==

GET
H2 200 3010.js Show response
cdn.keywee.co/config/ Frame 553F 233 B
571 B 40ms
38ms Script
application/javascript 2600:9000:266e:a00:e:ec66:e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.keywee.co/config/3010.js
Requested by: Host: cdn.keywee.co
URL: https://cdn.keywee.co/dist/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:a00:e:ec66:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5f3013245f4ee591e331364ee5044664a65048925168bfee28037bb16082f5b2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 10:10:54 GMT
via: 1.1 a4079c0a5989b4b7af98433fdd07f680.cloudfront.net (CloudFront)
last-modified: Fri, 25 Feb 2022 21:45:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P8
age: 3390
etag: "81210c02155f33808ec1fb7ec890dfee"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
content-length: 233
x-amz-cf-id: zJcOkol6Lg09zreYR5kYjZF6KicHisefQB6dZm1pOy0PQlj0WLH1nQ==

GET
H2 200 htlbid.css
htlbid.com/v3/thenewstribune.com/ 3 KB
694 B 568ms
479ms Stylesheet
text/css 13.32.27.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/thenewstribune.com/htlbid.css
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-39.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 74b1c9d0e9a310c68a2437a307ddc5f8c58ab3dd1ef63299c2982961837abe5d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:24 GMT
content-encoding: br
via: 1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
last-modified: Fri, 08 Mar 2024 14:27:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
etag: W/"6079441ba3e393b1ed99fc06f4fd2fea"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
cache-control: max-age=600
x-amz-cf-id: f-V3vxzDm4UNvRyJ4MoczySSVReVbBiuBMMJ2YP3tyZ_A6gJkVtPGw==

GET
H2 200 htlbid.js Show response
htlbid.com/v3/thenewstribune.com/ 521 KB
136 KB 528ms
439ms Script
application/javascript 13.32.27.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/thenewstribune.com/htlbid.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-39.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 36e7e3945b082b2a41bc9408f0f5d4dc4ae33d7850001ad8758987a1b1e72919

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:24 GMT
content-encoding: br
via: 1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
last-modified: Fri, 08 Mar 2024 14:27:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
etag: W/"5310fa3751bd419ab931f69f0fca9cee"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=600
x-amz-cf-id: Jq1u_Hw0yXCveJWg08lgTQxw9ALsuF2p0F1VSrlj-KJb9j8xv5-pLg==

POST
H2 200 httpapi Show response
api2.amplitude.com/2/ 94 B
309 B 225ms
224ms Fetch
application/json 54.149.37.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/bylozis-on/escenic.0db969b7e79c4ed7c2c3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.149.37.245 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-149-37-245.us-west-2.compute.amazonaws.com

Software

Resource Hash

32bd4e40ff1ffa1a2006c57a04c624c0f34d5d8fdc105ea0fe3f91769d17e316

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Accept: */*
Referer: https://www.thenewstribune.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:23 GMT
strict-transport-security: max-age=15768000
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
trace-id: Root=1-663373eb-663230d36176974132ba28a5
content-length: 94

GET
H2 200 sa.css
tags.srv.stackadapt.com/ Frame ED3A 65 B
203 B 130ms
129ms Stylesheet
text/css 3.121.4.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.121.4.172 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-4-172.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: c993d05bb60da456288d4de69e2b187b8505fc17491f670dff7014aaf98030c9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Thu, 02 May 2024 11:07:23 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 65
content-type: text/css

GET
H2 200 sa.jpeg Show response
tags.srv.stackadapt.com/ Frame ED3A 0
2 KB 204ms
129ms Fetch
image/jpeg 3.121.4.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.121.4.172 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-4-172.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Thu, 02 May 2024 11:07:23 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 651
content-type: image/jpeg

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame A353 266 KB
93 KB 70ms
70ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WMTZ88VSK5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-48278079-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7ac0860b77d9b48c62ab343e834ce949f5b98c27fcb85128cd85c8a3a93fdfd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94930
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 02 May 2024 11:07:23 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame A353 52 KB
21 KB 125ms
38ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-48278079-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 02 May 2024 09:41:03 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5180
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 02 May 2024 11:41:03 GMT

GET
BLOB 200
OK e02f8f6d-76df-4505-a7c5-f64d2c668978 Show response
https://www.thenewstribune.com/ 268 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/e02f8f6d-76df-4505-a7c5-f64d2c668978
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d2c5fea6101695a0b14830ddfdd0dd8ea1d3309db1d68dd665cd9f04b86f369

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 268
Content-Type: text/javascript

GET
BLOB 200
OK d069b573-098f-48a2-9b6a-ba63070d1c99 Show response
https://www.thenewstribune.com/ 268 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/d069b573-098f-48a2-9b6a-ba63070d1c99
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5b0d679af7853ecdb4f52ca4833c02a0b87624f92a5c487388bda1c06aa5e58

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 268
Content-Type: text/javascript

POST
H2 200 collect Show response
www.google-analytics.com/j/ Frame A353 2 B
212 B 45ms
45ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1797441965&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thenewstribune.com%2F&dr=&dp=%2F&dh=www.thenewstribune.com&ul=de-de&de=UTF-8&dt=Home%3AHomepage&sd=24-bit&sr=1600x1200&vp=&je=0&_u=aEBAAUABAAAAACgDIC~&jid=1584409453&gjid=1679106599&cid=2064030659.1714648043&tid=UA-48278079-1&_gid=1194678525.1714648043&_r=1&gtm=457e44t0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tcfd=10001&cg1=The%20News%20Tribune&cg2=Homepage&cd1=TNT&cd2=The%20News%20Tribune&cd3=Home&cd4=_HomePage%7C%7C%7C%7C&cd6=Homepage&cd7=Product%3A%20Escenic&cd8=&cd9=&cd10=&cd13=&cd14=&cd15=&npa=1&z=1544520260

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 May 2024 11:07:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ Frame A353 0
259 B 139ms
53ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-WMTZ88VSK5&_ng=1&gtm=45je44t0v9134454662za200&_p=1714648043029&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tcfd=10001&cid=2064030659.1714648043&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=EAAI&_s=1&dl=https%3A%2F%2Fwww.thenewstribune.com%2F&dp=%2F&dr=&dt=Home%3AHomepage&sid=1714648043&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.content_group1=The%20News%20Tribune&ep.content_group2=Homepage&ep.dimension1=TNT&ep.dimension2=The%20News%20Tribune&ep.dimension3=Home&ep.dimension4=_HomePage%7C%7C%7C%7C&ep.dimension6=Homepage&ep.dimension7=Product%3A%20Escenic&ep.dimension8=&ep.dimension9=&ep.dimension10=&ep.dimension13=&ep.dimension14=&ep.dimension15=&ep.page_hostname=www.thenewstribune.com&tfd=497
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WMTZ88VSK5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 11:07:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ Frame A353 0
47 B 140ms
48ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ng=1&tid=G-WMTZ88VSK5&cid=2064030659.1714648043&gtm=45je44t0v9134454662za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WMTZ88VSK5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 11:07:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ Frame A353 42 B
63 B 115ms
66ms Image
image/gif 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ng=1&tid=G-WMTZ88VSK5&cid=2064030659.1714648043&gtm=45je44t0v9134454662za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1588408966

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 11:07:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 5 KB
2 KB 207ms
207ms Fetch
application/json 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/bylozis-on/woldoni.0db969b7e79c4ed7c2c3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

78316d0dee827a39ff1fc9b0b1ba86f6ac0807211281af153943faa61f3ccdb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
X-Amp-Exp-User: eyJkZXZpY2VfaWQiOiIxMDJhYmExOC0xYWJkLTQyNGEtYjM3Yi1hMWE5MTRmYTliZGMiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwibGFuZ3VhZ2UiOiJkZS1ERSIsImxpYnJhcnkiOiJ5ei1leHAtY2xpZW50LzEuMCIsIm9zIjoiQ2hyb21lIDEyNCIsInBsYXRmb3JtIjoiV2ViIiwidXNlcl9pZCI6IiIsInVzZXJfcHJvcGVydGllcyI6eyJidXNpbmVzc191bml0IjoiVE5UIiwiY2Fub25pY2FsX3VybCI6Imh0dHBzOi8vd3d3LnRoZW5ld3N0cmlidW5lLmNvbS8iLCJjbXNfaWQiOiJIb21lcGFnZTo3MTAxIiwiY29udGVudF9zZXJ2aWNlIjoiUHJvZHVjdDogRXNjZW5pYyIsImZ1bGxfdXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsImhhc19mb2N1cyI6InllcyIsImlmcmFtZV9uZXN0aW5nIjoidG9wIiwicGFnZV9sZXZlbCI6IkhvbWUiLCJwYWdlX25hbWUiOiJIb21lOkhvbWVwYWdlIiwicGFnZV9wYXRoIjoiLyIsInB1YmxpY2F0aW9uX25hbWUiOiJUaGUgTmV3cyBUcmlidW5lIiwicmVmZXJyaW5nX2hvc3QiOiJub19yZWZlcnJlciIsInNka19pbml0X3N0YXR1cyI6InN0b3JhZ2UiLCJzZWN0aW9uIjoiSG9tZXBhZ2UiLCJzZXJ2ZXIiOiJ3d3cudGhlbmV3c3RyaWJ1bmUuY29tIiwidGF4b25vbXkiOiJfSG9tZVBhZ2V8fHx8IiwidXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsImJyYXplX3VzZXJfYWxpYXMiOiIxMDJhYmExOC0xYWJkLTQyNGEtYjM3Yi1hMWE5MTRmYTliZGMiLCJkZXZpY2VfcG1vZGUiOiIwIiwiZGV2aWNlX29yaWVudGF0aW9uIjoidW5zdXBwb3J0ZWQiLCJkZXZpY2Vfc2NyZWVuX3NpemUiOiIxNjAweDEyMDAiLCJkZXZpY2VfdHlwZSI6Im90aGVyIiwibG9nZ2VkX2luIjpmYWxzZSwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjQuMC4wLjAgU2FmYXJpLzUzNy4zNiIsInNvcGhpX3Rlc3RzIjpbeyJ0ZXN0SWQiOiJwdzphcnRpY2xlOnRlc3Q0X2FiYyIsInRlc3RHcm91cCI6InZhcmlhbnQifV0sImRhdGUiOiIyMDI0LTA1LTAyIn19
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Authorization: Api-Key client-G6ik2oCuLtpn6c9TpIT8ZRXe4JHPDDn9
Referer: https://www.thenewstribune.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 0
x-cache: MISS
content-length: 2092
x-served-by: cache-fra-etou8220122-FRA
x-timer: S1714648043.498370,VS0,VE168
x-amzn-trace-id: Root=1-663373eb-1d7be8ad708b342d43f246a4
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H2 200 httpapi Show response
api2.amplitude.com/2/ 94 B
308 B 230ms
230ms Fetch
application/json 54.149.37.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/bylozis-on/escenic.0db969b7e79c4ed7c2c3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.149.37.245 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-149-37-245.us-west-2.compute.amazonaws.com

Software

Resource Hash

76a2b3f9a2fbe5578d0c7843efc5432bf37a96d85e9346943796648489188678

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Accept: */*
Referer: https://www.thenewstribune.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:23 GMT
strict-transport-security: max-age=15768000
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
trace-id: Root=1-663373eb-716aa9460a22faa27cf59148
content-length: 94

GET
H2 200 parsely.0db969b7e79c4ed7c2c3.js Show response
www.thenewstribune.com/bylozis-on/ 5 KB
2 KB 76ms
75ms Script
application/javascript 23.196.230.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/bylozis-on/parsely.0db969b7e79c4ed7c2c3.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-230-25.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 2d9cf3156fe0b513822e66fa845a4b16376e0df84e264931a2b42b2b7a9c44fc

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:23 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 504
x-cachebust
server-timing: ak_p; desc="1714648043496_34831257_70189855_1865_10241_39_0_146";dur=1
content-length: 1860
new-varnish: true
last-modified: Wed, 01 May 2024 15:25:26 GMT
server: MI
etag: W/"13f3-6176618890580"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 315458458, 3680004 6212250
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=597079
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 tehi.0db969b7e79c4ed7c2c3.js Show response
www.thenewstribune.com/bylozis-on/ 6 KB
3 KB 77ms
77ms Script
application/javascript 23.196.230.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/bylozis-on/tehi.0db969b7e79c4ed7c2c3.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-230-25.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 1ab7de4d6166c51fa9eb83ed2ec5f2eaadb30ffdae864fdf8fb8adbbc8473151

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:23 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 629
x-cachebust
server-timing: ak_p; desc="1714648043508_34831257_70189864_848_10289_39_0_146";dur=1
content-length: 2290
new-varnish: true
last-modified: Wed, 01 May 2024 15:25:26 GMT
server: MI
etag: W/"189d-6176618890580"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 312149633, 2831609 6729685
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=597212
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 29 B
144 B 418ms
214ms Fetch
application/json 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/bylozis-on/woldoni.0db969b7e79c4ed7c2c3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

18f35c576aabd3eb7c3386c0467cd6f87bc054a669e66f6181152a46f397d63a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Authorization: Api-Key client-G6ik2oCuLtpn6c9TpIT8ZRXe4JHPDDn9
X-Amp-Exp-User: eyJkZXZpY2VfaWQiOiIxMDJhYmExOC0xYWJkLTQyNGEtYjM3Yi1hMWE5MTRmYTliZGMiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwibGFuZ3VhZ2UiOiJkZS1ERSIsImxpYnJhcnkiOiJ5ei1leHAtY2xpZW50LzEuMCIsIm9zIjoiQ2hyb21lIDEyNCIsInBsYXRmb3JtIjoiV2ViIiwidXNlcl9pZCI6IiIsInVzZXJfcHJvcGVydGllcyI6eyJidXNpbmVzc191bml0IjoiVE5UIiwiY2Fub25pY2FsX3VybCI6Imh0dHBzOi8vd3d3LnRoZW5ld3N0cmlidW5lLmNvbS8iLCJjbXNfaWQiOiJIb21lcGFnZTo3MTAxIiwiY29udGVudF9zZXJ2aWNlIjoiUHJvZHVjdDogRXNjZW5pYyIsImZ1bGxfdXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsImhhc19mb2N1cyI6InllcyIsImlmcmFtZV9uZXN0aW5nIjoidG9wIiwicGFnZV9sZXZlbCI6IkhvbWUiLCJwYWdlX25hbWUiOiJIb21lOkhvbWVwYWdlIiwicGFnZV9wYXRoIjoiLyIsInB1YmxpY2F0aW9uX25hbWUiOiJUaGUgTmV3cyBUcmlidW5lIiwicmVmZXJyaW5nX2hvc3QiOiJub19yZWZlcnJlciIsInNka19pbml0X3N0YXR1cyI6InN0b3JhZ2UiLCJzZWN0aW9uIjoiSG9tZXBhZ2UiLCJzZXJ2ZXIiOiJ3d3cudGhlbmV3c3RyaWJ1bmUuY29tIiwidGF4b25vbXkiOiJfSG9tZVBhZ2V8fHx8IiwidXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsImJyYXplX3VzZXJfYWxpYXMiOiIxMDJhYmExOC0xYWJkLTQyNGEtYjM3Yi1hMWE5MTRmYTliZGMiLCJkZXZpY2VfcG1vZGUiOiIwIiwiZGV2aWNlX29yaWVudGF0aW9uIjoidW5zdXBwb3J0ZWQiLCJkZXZpY2Vfc2NyZWVuX3NpemUiOiIxNjAweDEyMDAiLCJkZXZpY2VfdHlwZSI6Im90aGVyIiwibG9nZ2VkX2luIjpmYWxzZSwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjQuMC4wLjAgU2FmYXJpLzUzNy4zNiIsInNvcGhpX3Rlc3RzIjpbeyJ0ZXN0SWQiOiJwdzphcnRpY2xlOnRlc3Q0X2FiYyIsInRlc3RHcm91cCI6InZhcmlhbnQifV0sImZsYWdfa2V5Ijoiem9uZS1jb250ZW50IiwiZGF0ZSI6IjIwMjQtMDUtMDIifX0=
Referer: https://www.thenewstribune.com/
X-Amp-Exp-Flag-Keys: WyJ6b25lLWNvbnRlbnQiXQ==
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 0
x-cache: MISS
content-length: 49
x-served-by: cache-fra-etou8220122-FRA
x-timer: S1714648044.706912,VS0,VE173
x-amzn-trace-id: Root=1-663373eb-79c86fea48829ffb5d82344b
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 tag.js Show response
lptag.liveperson.net/tag/ 26 KB
10 KB 258ms
53ms Script
application/javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/tag/tag.js?site=2196236

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

f9a5649d70f74cde04ab0c3f8a8f41810772e9970befa7fee8e339bcf4dd3b08

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 18:56:18 GMT
server: ws
etag: "65414dd2-24b8"
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length: 9400

GET
H2 200 saq_pxl Show response
tags.srv.stackadapt.com/ Frame ED3A 238 B
437 B 135ms
135ms XHR
text/plain 3.121.4.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=XDbR9bgzYgamKCe5q8YQuw,%20hXFHelqg_0qGLqDaoIkgLQ,%20GHZN9LleKWz0uNsDtvQTcQ&is_js=true&landing_url=https%3A%2F%2Fwww.thenewstribune.com%2F&t=sapx&tip=zKb4m1iESKup_X1X4jy3-0CP-Cr8Z9TlFdnVcBeZNkI&host=https%3A%2F%2Fwww.thenewstribune.com&sa_conv_data_css_value=%270-fc4db73a-0950-5d55-6a04-d08348f972c5%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9fc4db73a09505d556a04d08348f972c550ff077b&sa-user-id-v3=s%253AAQAKIOGvX5qiC6aG6CufUTogd2SzCPNxg9X5TZJCyIJcfFrnEHwYBCDr582xBjABOgS9M-cxQgSUlmpP.nh5kf12leXkQKiosBSbJ4VUjS9UEMJKtmCNNkk8DXII&sa-user-id-v2=s%253A_E23OglQXVVqBNCDSPlyxVD_B3s.z9tH0XI%252FYeCtZvTP4yx9fxKprRBTMxm%252Fa3YHz0heKfo&sa-user-id=s%253A0-fc4db73a-0950-5d55-6a04-d08348f972c5.Sf8R2Xf6qwbjKtAdkL9ABcLPVFK4aQ4MwqDhv9adrqs
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.121.4.172 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-4-172.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68b8e71982e93fa7dd2f406283c640fa9e5cb2bcae72669d20f54012c428da3d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://www.thenewstribune.com
date: Thu, 02 May 2024 11:07:23 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 238
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ Frame A353 4 B
354 B 97ms
47ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-48278079-1&cid=2064030659.1714648043&jid=1584409453&gjid=1679106599&_gid=1194678525.1714648043&npa=1&_u=aEBAAUAAAAAAACgDIC~&z=1141059580

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 02 May 2024 11:07:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK 1341570e-b86a-444d-93c8-b2b9f1d05332 Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/1341570e-b86a-444d-93c8-b2b9f1d05332
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 494ffae017f684ef38ac5aea993427f0feafdef216c80d5ea65407a2c60b642a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H3 200 ga-audiences
www.google.com/ads/ Frame A353 42 B
63 B 145ms
63ms Image
image/gif 142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-48278079-1&cid=2064030659.1714648043&jid=1584409453&npa=1&_u=aEBAAUAAAAAAACgDIC~&z=1509778163

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 11:07:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ Frame A353 42 B
63 B 64ms
63ms Image
image/gif 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-48278079-1&cid=2064030659.1714648043&jid=1584409453&npa=1&_u=aEBAAUAAAAAAACgDIC~&z=1509778163

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 11:07:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 UNYVLaWM15tnda5MIRXl Show response
fp.qa.mcclatchy.com/web/v3/ 141 KB
50 KB 480ms
244ms Script
text/javascript 15.197.142.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fp.qa.mcclatchy.com/web/v3/UNYVLaWM15tnda5MIRXl

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.197.142.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a46b405d1b15c420e.awsglobalaccelerator.com

Software

awselb/2.0 /

Resource Hash

44158bd2cc9e8b8702ac8c204cba0eea4b1895d210dcd0d32c44552eeb374d93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Origin: https://www.thenewstribune.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
server: awselb/2.0
etag: W/"gR1di2fhQmFOKx2XOJMCR/HR+5k"
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3700, s-maxage=620626
cross-origin-resource-policy: cross-origin
x-robots-tag: noindex
timing-allow-origin: *
content-length: 51252

GET
BLOB 200
OK 9ed00be1-c982-4d6a-92a1-664a4ec3031d Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/9ed00be1-c982-4d6a-92a1-664a4ec3031d
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6ad715f9b8af691020c2ad5a312a31ac88aa2f0feb5b5ec50ab72f1bf1c0fb87

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 24829d29-e88d-4310-99cd-f0dc10f4e94f Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/24829d29-e88d-4310-99cd-f0dc10f4e94f
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b711808fd4356948e0020a4ca8ae6a08b37d1c45701008da7637c2e8985ab9f1

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H2 200 iterate.0db969b7e79c4ed7c2c3.js Show response
www.thenewstribune.com/bylozis-on/ 2 KB
1 KB 402ms
402ms Script
application/javascript 23.196.230.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/bylozis-on/iterate.0db969b7e79c4ed7c2c3.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-230-25.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: c082c30d1f6a7bc9b03f8aea62866ef749cd23eda840d648de96a8f20b6b8ea6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:23 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 496
x-cachebust
server-timing: ak_p; desc="1714648043714_34831257_70190064_10368_10344_39_0_146";dur=1
content-length: 1056
last-modified: Wed, 01 May 2024 15:25:26 GMT
server: MI
etag: W/"6d1-6176618890580"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 164838308 157805404
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=597175
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 talidgo.0db969b7e79c4ed7c2c3.js Show response
www.thenewstribune.com/bylozis-on/ 22 KB
7 KB 507ms
506ms Script
application/javascript 23.196.230.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/bylozis-on/talidgo.0db969b7e79c4ed7c2c3.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-230-25.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: bedd1197a3191552c44d7f454444bc732e231f805254e532f433e9d1361ebf13

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:24 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 0
x-cachebust
server-timing: ak_p; desc="1714648043726_34831257_70190073_33737_11320_39_0_146";dur=1
content-length: 6905
new-varnish: true
last-modified: Wed, 01 May 2024 15:25:26 GMT
server: MI
etag: W/"57ee-6176618890580"
vary: Accept-Encoding
mi-cache: MISS
x-varnish: 314083010, 4271509
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=597117
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 .jsonp Show response
lptag.liveperson.net/lptag/api/account/2196236/configuration/applications/taglets/ 341 KB
120 KB 100ms
100ms Script
application/x-javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/lptag/api/account/2196236/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

df3327d0aab9599e0caaadab0d7158401dcc904ccc26c4d9d279c59106862b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: ws
x-cache-status: HIT
access-control-allow-methods: GET, POST, PATCH
content-type: application/x-javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 95 KB
30 KB 194ms
80ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb20f6b9f8a85c2b64c6fc615a3d0c910721a4ac4439e5f90a3fa29204cd56e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30346
x-xss-protection: 0
server: cafe
etag: 37 / 19845 / m202404250101 / config-hash: 10567807231611976523
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 02 May 2024 11:07:24 GMT

GET
H3 200 config.js Show response
cdn.confiant-integrations.net/awMxVZLpNW6K6EG6WC5S8oR_a68/gpt_and_prebid/ 176 KB
39 KB 119ms
54ms Script
text/javascript 172.64.144.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/awMxVZLpNW6K6EG6WC5S8oR_a68/gpt_and_prebid/config.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d00b3428f55e66e952b416d83d14e8aeeb10fb9ca6b3ad671fd7ce2b4625b140

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 02 May 2024 10:35:30 GMT
server: cloudflare
x-amz-request-id: 0G3AS5TWZPKWNSPJ
age: 672
etag: W/"4180d4cec5bf559867257eea618b8987"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 87d78c22bfa66a73-TXL
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 19YiiaCxeMkuw8Nm4/HN9zHxhmdaVOOGfSckwJNWaE2BOc/19CbUqCdt+fcDinxFRes0tN9a19E=

GET
BLOB 200
OK ea30c843-233b-46e7-99d2-a4ad60987e2a
https://www.thenewstribune.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/ea30c843-233b-46e7-99d2-a4ad60987e2a
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H3 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202403121239/ 284 KB
87 KB 74ms
74ms Script
application/javascript 172.64.144.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202403121239/wrap.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70b914de15dd75628895223bfe09012e3687598bca4dbaa34a97234f6a8826e9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:24 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 12 Mar 2024 16:41:24 GMT
server: cloudflare
x-amz-request-id: CPJR14Z5CG7ZM7M5
age: 2475166
etag: W/"c1e08625d829bb0007d3c12ed83ad1cb"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 87d78c23a9e96a73-TXL
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 0bu1vOgzNBrUbDNho7nKYyx8geL7W1Pn2xCzWyDvb+7MXjZDeUIBbKvHKEBFoOuJUN7X3piXjuU=

GET
H2 200 / Show response
accdn.lpsnmedia.net/api/account/2196236/configuration/setting/accountproperties/ 7 KB
2 KB 298ms
112ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/2196236/configuration/setting/accountproperties/?cb=accountSettingsCB

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

c073b660c35f54f8d5dabdf1bbc7914fbdc02680a6bab2ca243cf0b6ae12eed7

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:24 GMT
strict-transport-security: max-age=99999999999; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Thu, 02 May 2024 11:08:24 GMT

GET
H2 200 zones Show response
accdn.lpsnmedia.net/api/account/2196236/configuration/le-campaigns/ 2 KB
1 KB 234ms
56ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/2196236/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

557996eaa6e26b810e77bb52a12d6231a95cb3a774ffaafffff7daf8befcdf31

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:24 GMT
strict-transport-security: max-age=99999999999; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Thu, 02 May 2024 11:08:24 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404250101/ 450 KB
140 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404250101/pubads_impl.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e84579046013ee288fc4ea3698f886f1c6d2e83df294eb851283c12e63b5ef33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 143517
x-xss-protection: 0
server: cafe
etag: 15418045017249816870
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 02 May 2025 11:07:03 GMT

GET
BLOB 200
OK 30f173ce-b648-4e50-83e4-014c7f7649eb
https://www.thenewstribune.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/30f173ce-b648-4e50-83e4-014c7f7649eb
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 33fe2425-4cde-4b59-871a-57ca82f4aab2
https://www.thenewstribune.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/33fe2425-4cde-4b59-871a-57ca82f4aab2
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 ui-framework.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.35.2-release_1268240202/ 40 KB
13 KB 199ms
39ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_unified_window/10.35.2-release_1268240202/ui-framework.js?version=10.35.2-release_1268240202
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 27 Apr 2024 01:04:41 GMT
content-encoding: br
age: 468163
x-guploader-uploadid: ABPtcPqyKrl3n4XvA4uOj-1SdCbjs9YUOgvbyX28eiZV8As1Iik1VAYf_KBtj8Qs93Ccl-adM3CFGHbcrQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12475
last-modified: Sat, 27 Apr 2024 00:47:33 GMT
server: UploadServer
etag: W/"0dfc7fa7d2051d776d5937b7a3a7c4dd"
vary: Accept-Encoding
x-goog-generation: 1714178853637563
x-goog-hash: crc32c=wefPQw==, md5=Dfx/p9IFHXdtWTe3o6fE3Q==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: public,max-age=31536000
x-goog-stored-content-length: 40455
accept-ranges: none
content-type: application/javascript

GET
H2 200 surveylogicinstance.min.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.35.2-release_1268240202/ 8 KB
3 KB 206ms
46ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_unified_window/10.35.2-release_1268240202/surveylogicinstance.min.js?version=10.35.2-release_1268240202
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:44:27 GMT
content-encoding: br
age: 184977
x-guploader-uploadid: ABPtcPrAwBV8_nVsBQS9T0o5d2sPFCes4nLQFSzqZwnZo-sPykmbhTCaXGm5DlT-_5Ty_tZMgkHhTW5Aeg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2373
last-modified: Sat, 27 Apr 2024 00:47:33 GMT
server: UploadServer
etag: W/"d53092c1d6e0a7a3d1bb802c67a6e1e9"
vary: Accept-Encoding
x-goog-generation: 1714178853614570
x-goog-hash: crc32c=GIGCsg==, md5=1TCSwdbgp6PRu4AsZ6bh6Q==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: public,max-age=31536000
x-goog-stored-content-length: 7866
accept-ranges: none
content-type: application/javascript

GET
H2 200 nR Show response
fp.qa.mcclatchy.com/itf-mm/4FWyC/LwrCCn/ 92 B
442 B 129ms
129ms XHR
text/plain 15.197.142.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fp.qa.mcclatchy.com/itf-mm/4FWyC/LwrCCn/nR?q=UNYVLaWM15tnda5MIRXl

Requested by

Host: fp.qa.mcclatchy.com
URL: https://fp.qa.mcclatchy.com/web/v3/UNYVLaWM15tnda5MIRXl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.197.142.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a46b405d1b15c420e.awsglobalaccelerator.com

Software

Resource Hash

4605f7132dfb8faa48b11b5181f51233bfaab7610a95c736ae7fdad9c0bfb272

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:24 GMT
content-security-policy: default-src 'none'; frame-ancestors 'none'
referrer-policy: no-referrer
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
x-frame-options: DENY
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Retry-After
cache-control: max-age=31536000, immutable, private
timing-allow-origin: *
x-robots-tag: noindex
content-length: 92

GET
H2 200 .js Show response
dyv1bugovvq1g.cloudfront.net/11/www.thenewstribune.com/ 24 KB
3 KB 564ms
442ms Fetch
application/json 2600:9000:223e:c00:5:82fd:2500:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dyv1bugovvq1g.cloudfront.net/11/www.thenewstribune.com/.js
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/thenewstribune.com/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:c00:5:82fd:2500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e0abcf22aa7ff8f89d75c84a565f0efff6e13df0e0a2e2a7f8c03ca7360745c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 02 May 2024 11:07:25 GMT
content-encoding: gzip
via: 1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 2208
x-amz-expiration: expiry-date="Tue, 02 Jul 2024 00:00:00 GMT", rule-id="cleanup"
last-modified: Thu, 02 May 2024 11:06:30 GMT
server: AmazonS3
etag: "11a3df9ae4303bda21addb3ab41a805b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: max-age=300
access-control-allow-credentials: true
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: Iw9d3KAcd9DDE1ckqGYs7vInfkPq96reVroRppyD0_q82_tAPs6b6Q==

GET
H2 200 thenewstribune.json Show response
www.thenewstribune.com/bylozis-on/data/datawall/ 126 B
898 B 212ms
209ms XHR
application/json 23.196.230.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/bylozis-on/data/datawall/thenewstribune.json
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/bylozis-on/thenewstribunecore.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-230-25.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 817875cd68037c353805b105c90fbf96f433f0f26d2d5acbe408eecbe5f7e0ab

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:24 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 193
x-cachebust
server-timing: ak_p; desc="1714648044431_34831257_70190783_14578_9779_40_0_219";dur=1
content-length: 124
new-varnish: true
last-modified: Wed, 01 May 2024 15:25:27 GMT
server: MI
etag: W/"7e-61766189847c0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 311592562, 3680021 3650165
content-type: application/json
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=178
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 markup3s_v4.html Show response
www.thenewstribune.com/bylozis-on/data/datawall/ 27 KB
5 KB 254ms
252ms XHR
text/html 23.196.230.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/bylozis-on/data/datawall/markup3s_v4.html
Requested by: Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/bylozis-on/thenewstribunecore.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-230-25.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 9a5e1bdbea96f3c5d3c726b22fe2950b290fb6725acfdfc73a2c5a863a018a8a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:24 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 829
x-cachebust
server-timing: ak_p; desc="1714648044431_34831257_70190784_16664_9582_40_0_219";dur=1
content-length: 4531
server: MI
etag: W/"6d11-61766189847c0"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html
access-control-allow-origin: *
x-varnish: 180098248, 633625266 641355652
vary: Accept-Encoding
access-control-allow-credentials: false
cache-control: max-age=180
mi-cache: HIT
access-control-allow-headers: *

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 3 KB
719 B 292ms
290ms Fetch
application/json 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/bylozis-on/woldoni.0db969b7e79c4ed7c2c3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3024e1cde4afb5400a7f7ffeefd0ff060ca22f64ffd0fab049d738af349f5fbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
X-Amp-Exp-User: eyJkZXZpY2VfaWQiOiIxMDJhYmExOC0xYWJkLTQyNGEtYjM3Yi1hMWE5MTRmYTliZGMiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwibGFuZ3VhZ2UiOiJkZS1ERSIsImxpYnJhcnkiOiJ5ei1leHAtY2xpZW50LzEuMCIsIm9zIjoiQ2hyb21lIDEyNCIsInBsYXRmb3JtIjoiV2ViIiwidXNlcl9pZCI6IiIsInVzZXJfcHJvcGVydGllcyI6eyJidXNpbmVzc191bml0IjoiVE5UIiwiY2Fub25pY2FsX3VybCI6Imh0dHBzOi8vd3d3LnRoZW5ld3N0cmlidW5lLmNvbS8iLCJjbXNfaWQiOiJIb21lcGFnZTo3MTAxIiwiY29udGVudF9zZXJ2aWNlIjoiUHJvZHVjdDogRXNjZW5pYyIsImZ1bGxfdXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsImhhc19mb2N1cyI6InllcyIsImlmcmFtZV9uZXN0aW5nIjoidG9wIiwicGFnZV9sZXZlbCI6IkhvbWUiLCJwYWdlX25hbWUiOiJIb21lOkhvbWVwYWdlIiwicGFnZV9wYXRoIjoiLyIsInB1YmxpY2F0aW9uX25hbWUiOiJUaGUgTmV3cyBUcmlidW5lIiwicmVmZXJyaW5nX2hvc3QiOiJub19yZWZlcnJlciIsInNka19pbml0X3N0YXR1cyI6InN0b3JhZ2UiLCJzZWN0aW9uIjoiSG9tZXBhZ2UiLCJzZXJ2ZXIiOiJ3d3cudGhlbmV3c3RyaWJ1bmUuY29tIiwidGF4b25vbXkiOiJfSG9tZVBhZ2V8fHx8IiwidXJsIjoiaHR0cHM6Ly93d3cudGhlbmV3c3RyaWJ1bmUuY29tLyIsImJyYXplX3VzZXJfYWxpYXMiOiIxMDJhYmExOC0xYWJkLTQyNGEtYjM3Yi1hMWE5MTRmYTliZGMiLCJkZXZpY2VfcG1vZGUiOiIwIiwiZGV2aWNlX29yaWVudGF0aW9uIjoidW5zdXBwb3J0ZWQiLCJkZXZpY2Vfc2NyZWVuX3NpemUiOiIxNjAweDEyMDAiLCJkZXZpY2VfdHlwZSI6Im90aGVyIiwibG9nZ2VkX2luIjpmYWxzZSwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjQuMC4wLjAgU2FmYXJpLzUzNy4zNiIsInNvcGhpX3Rlc3RzIjpbeyJ0ZXN0SWQiOiJwdzphcnRpY2xlOnRlc3Q0X2FiYyIsInRlc3RHcm91cCI6InZhcmlhbnQifV0sImRhdGUiOiIyMDI0LTA1LTAyIn19
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Authorization: Api-Key client-WXkdEms1kcNV81IeB1qqTRJToktXL0r2
Referer: https://www.thenewstribune.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 0
x-cache: MISS
content-length: 602
x-served-by: cache-fra-etou8220122-FRA
x-timer: S1714648044.410042,VS0,VE251
x-amzn-trace-id: Root=1-663373ec-04aea4df2be32bef7340c306
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 lp-origin-trial.min.js Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.27.1-release_1249614302/ 476 B
727 B 42ms
41ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.27.1-release_1249614302/lp-origin-trial.min.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e091d8f5f42fece940cc4faa3b8386a10753364193e3dfaf706bf2a188b3ca

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:30:56 GMT
age: 185788
x-guploader-uploadid: ABPtcPqqxU2S_Y2eJFu177c5L7F3t0UmUqW-Pn333PvaHIN29dtoFvesC5TcmCRh28dw-9cPRSeW6KgK5A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 476
last-modified: Sat, 13 Apr 2024 00:58:12 GMT
server: UploadServer
etag: "7d44c520c37ffbd0eac5c4b3d3e63049"
x-goog-generation: 1712969892032062
x-goog-hash: crc32c=4nqNBQ==, md5=fUTFIMN/+9DqxcSz0+YwSQ==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: public,max-age=31536000
x-goog-stored-content-length: 476
accept-ranges: bytes
content-type: application/javascript

GET
BLOB 200
OK 1ff5ccc3-ac56-4176-88ea-8729efe696ef
https://www.thenewstribune.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/1ff5ccc3-ac56-4176-88ea-8729efe696ef
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H3 200 desktopEmbedded.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.35.2-release_1268240202/ 1 MB
253 KB 43ms
43ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_unified_window/10.35.2-release_1268240202/desktopEmbedded.js?version=10.35.2-release_1268240202
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 4fbdeb90501ff8ef441a031acd1d3cbfb57ce5cc07bbe7dedcd1abe21dafc0b7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 27 Apr 2024 02:10:22 GMT
content-encoding: br
age: 464222
x-guploader-uploadid: ABPtcPqoLCZ-Y78FsNWUYCTb8YZv0G25XDtanGZf_tOSERyf5pIWFWLbFHZ-CW_Gk5StAjuPVJXOMsW71g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 259067
last-modified: Sat, 27 Apr 2024 00:47:33 GMT
server: UploadServer
etag: W/"a580aeb41033679b7a339a66a2844e51"
vary: Accept-Encoding
x-goog-generation: 1714178853044464
x-goog-hash: crc32c=HsUn4w==, md5=pYCutBAzZ5t6M5pmooROUQ==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: public,max-age=31536000
x-goog-stored-content-length: 1069605
accept-ranges: none
content-type: application/javascript

GET
H2 200 storage.secure.min.html
lpcdn.lpsnmedia.net/le_secure_storage/3.27.1-release_1249614302/ Frame 6B4C 0
0 130ms
40ms Document
text/html 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.27.1-release_1249614302/storage.secure.min.html?loc=https%3A%2F%2Fwww.thenewstribune.com&site=2196236&env=prod&isCrossDomain=true&accdn=accdn.lpsnmedia.net
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.thenewstribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: none
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
age: 545128
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=31536000
content-encoding: br
content-length: 16210
content-type: text/html
date: Fri, 26 Apr 2024 03:41:56 GMT
etag: W/"e098d3d727aaf27bf2da4b85e6ad4919"
last-modified: Sat, 13 Apr 2024 00:58:12 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1712969892120874
x-goog-hash: crc32c=fA9DNw== md5=4JjT1yeq8nvy2kuF5q1JGQ==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 48087
x-guploader-uploadid: ABPtcPqGCVQAN1Zs1G2DjnpIYpLc81eU8wJV0lfWgqxPVcnGYQXO1H7OLuFLF02CvUqiqZDm_h8

GET
H3 200 storage.secure.min.js Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.27.1-release_1249614302/ 43 KB
15 KB 43ms
43ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.27.1-release_1249614302/storage.secure.min.js?loc=https%3A%2F%2Fwww.thenewstribune.com&site=2196236&force=1&env=prod&isCrossDomain=true&accdn=accdn.lpsnmedia.net
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 38d46dcff34248f80e9e7934e6fd325d865718e8c3e1958d37c1eb0b59d0890f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 03:42:37 GMT
content-encoding: br
age: 545087
x-guploader-uploadid: ABPtcPrrVw1e9SqRzxfIYrIXyy4bIEmRQGA6HqI_NTDxbqLZ44uit8yJf4yVMCk5l6H3Etfwj9KS2cKR9g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15063
last-modified: Sat, 13 Apr 2024 00:58:12 GMT
server: UploadServer
etag: W/"afacd51b3dd0b038f579f6d6b27bfdd2"
vary: Accept-Encoding
x-goog-generation: 1712969892028204
x-goog-hash: crc32c=bWmpuQ==, md5=r6zVGz3QsDj1efbWsnv90g==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: public,max-age=31536000
x-goog-stored-content-length: 44303
accept-ranges: none
content-type: application/javascript

GET
H2 200 oPS.js Show response
d15kdpgjg3unno.cloudfront.net/ 112 KB
25 KB 205ms
45ms Script
text/javascript 2600:9000:2490:d400:11:b309:9100:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=11
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:d400:11:b309:9100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e7e44422c447462738826b8aa12cb9d83ca7b78622a56c0c4cfbe29b321d6ded

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 01:47:09 GMT
x-amz-version-id: TPOW4DFMYS9nE1rRn_9jHyqJrGhOTDDA
content-encoding: gzip
last-modified: Fri, 26 Apr 2024 22:57:10 GMT
server: AmazonS3
via: 1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
etag: W/"e79ba5c2c5a65b56dd63786ece5a192e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=84600
age: 33617
x-amz-cf-id: k63TWoTiO9HwtNxCmeUUbVHvFHsVHlL31iPQFLjMxxsoyF2IuOwGCQ==

GET
H/1.1 200
OK 1x1-pixel.png
ams-pageview-public.s3.amazonaws.com/ 68 B
448 B 464ms
126ms Image
image/png 16.182.69.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ams-pageview-public.s3.amazonaws.com/1x1-pixel.png?id=1d5c59e663ea
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 16.182.69.17 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 11:07:26 GMT
Last-Modified: Mon, 26 Oct 2020 16:52:19 GMT
Server: AmazonS3
x-amz-request-id: 7AS30YX0E48WMVZ2
ETag: "91e42db1c66c0b276abf6234dc50b2eb"
Content-Type: image/png
Cache-Control: no-store
Accept-Ranges: bytes
Content-Length: 68
x-amz-id-2: vegzOd0a6dQqXPk7eyZvqxNkmk3GEWBa5l5KGcAJ847xEftgIXhdCP3N/b61vUfbXUUVna8dYEM=

GET
H2 200 css
fonts.googleapis.com/ 11 KB
927 B 46ms
45ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:400,500,600,700

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e33d4565bdbaf2ffd0d9fc9964475d388d74012e261f01975b18705df8041cd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 May 2024 11:07:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 May 2024 11:04:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 May 2024 11:07:25 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
752 B 47ms
47ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Serif:400,700

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f3f8d02a7a7b9fc07dcc70c897787cc409719570b458412f476e9ccd97c7d2d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 May 2024 11:07:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 May 2024 10:23:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 May 2024 11:07:25 GMT

GET
H2 200 thenewstribune-black.png
www.thenewstribune.com/bylozis-on//images/logos/ 10 KB
10 KB 59ms
59ms Image
image/png 23.196.230.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/bylozis-on//images/logos/thenewstribune-black.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-230-25.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 0f183d0f4e84ac50c22fe0b6299ec2ca8c664eff2f3c2b13b02a58c0c1bfae2e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:25 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 379
x-cachebust
server-timing: ak_p; desc="1714648045093_34831257_70191297_961_10445_39_0_146";dur=1
content-length: 9785
new-varnish: true
last-modified: Wed, 01 May 2024 15:25:27 GMT
server: MI
etag: "2639-61766189847c0"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 319488055 316146212
content-type: image/png
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=597136
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

POST
H2 200 httpapi Show response
api2.amplitude.com/2/ 94 B
308 B 232ms
232ms Fetch
application/json 54.149.37.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/bylozis-on/escenic.0db969b7e79c4ed7c2c3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.149.37.245 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-149-37-245.us-west-2.compute.amazonaws.com

Software

Resource Hash

27c2409d6f7b03264e81dbdcca6dc7db59add330945f1374e1aa9ad151621d2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Accept: */*
Referer: https://www.thenewstribune.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:25 GMT
strict-transport-security: max-age=15768000
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
trace-id: Root=1-663373ed-4307901b71e0f20e224c9d93
content-length: 94

GET
H2 200 o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2
fonts.gstatic.com/s/notosans/v36/ 38 KB
0 0ms
0ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v36/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91c01ec0de315f973f4c00041b7ae25e1a790cedff79a6fbb56c571bba379142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.thenewstribune.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 20:42:40 GMT
x-content-type-options: nosniff
age: 51881
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39412
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 22:43:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 May 2025 20:42:40 GMT

GET
H2 200 o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2
fonts.gstatic.com/s/notosans/v36/ 38 KB
0 2ms
2ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v36/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91c01ec0de315f973f4c00041b7ae25e1a790cedff79a6fbb56c571bba379142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.thenewstribune.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 20:42:40 GMT
x-content-type-options: nosniff
age: 51881
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39412
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 22:43:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 May 2025 20:42:40 GMT

GET
H2 200 ga6daw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTYf6D30.woff2
fonts.gstatic.com/s/notoserif/v23/ 42 KB
0 0ms
0ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v23/ga6daw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTYf6D30.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d3959df4ebd84904a1622b6d7c9728f487e0c4d372f9bc2f59d0c480702f9c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.thenewstribune.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 21:05:26 GMT
x-content-type-options: nosniff
age: 223315
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43212
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 00:59:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Apr 2025 21:05:26 GMT

GET
H2 200 ga6daw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTYf6D30.woff2
fonts.gstatic.com/s/notoserif/v23/ 42 KB
0 1ms
1ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v23/ga6daw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTYf6D30.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d3959df4ebd84904a1622b6d7c9728f487e0c4d372f9bc2f59d0c480702f9c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.thenewstribune.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 21:05:26 GMT
x-content-type-options: nosniff
age: 223315
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43212
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 00:59:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Apr 2025 21:05:26 GMT

POST
H2 200 / Show response
fp.qa.mcclatchy.com/ 363 B
867 B 543ms
317ms XHR
text/plain 15.197.142.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fp.qa.mcclatchy.com/?ci=js/3.9.4&q=UNYVLaWM15tnda5MIRXl&ii=fingerprint-pro-custom-subdomain/1.0.0/procdn

Requested by

Host: fp.qa.mcclatchy.com
URL: https://fp.qa.mcclatchy.com/web/v3/UNYVLaWM15tnda5MIRXl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.197.142.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a46b405d1b15c420e.awsglobalaccelerator.com

Software

Resource Hash

00d63fc5af0ee7f5ea662cb5a2870cf4118fa22d7d86a8072efbb06580c99030

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 02 May 2024 11:07:25 GMT
content-security-policy: default-src 'none'; frame-ancestors 'none'
referrer-policy: no-referrer
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
vary: Origin
x-frame-options: DENY
content-type: text/plain
access-control-allow-origin: https://www.thenewstribune.com
access-control-expose-headers: Retry-After
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 363

POST
H/1.1 200
OK Test_oPS_Script_Loads Show response
sqs.us-east-1.amazonaws.com/397719490216/ 378 B
682 B 506ms
150ms XHR
text/xml 3.236.169.64
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sqs.us-east-1.amazonaws.com/397719490216/Test_oPS_Script_Loads?Action=SendMessage&MessageBody=cid%3D11%26bt%3Dnull
Requested by: Host: d15kdpgjg3unno.cloudfront.net
URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=11
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.236.169.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-236-169-64.compute-1.amazonaws.com
Software: /
Resource Hash: 8e48f529c53402f70a3d115dc650d906d862147db605aa3a1c61a5483a8964a9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
Date: Thu, 02 May 2024 11:07:25 GMT
connection: keep-alive
x-amzn-RequestId: e69e5bae-8dfa-5854-b9bd-0503fbd7d671
Content-Length: 378
Content-Type: text/xml

POST
H2 200 httpapi Show response
api2.amplitude.com/2/ 94 B
309 B 228ms
228ms Fetch
application/json 54.149.37.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/bylozis-on/escenic.0db969b7e79c4ed7c2c3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.149.37.245 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-149-37-245.us-west-2.compute.amazonaws.com

Software

Resource Hash

eddd19f1620a514a8c991b78ccee87787ae0b9168d511575d477d2f817dad620

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Accept: */*
Referer: https://www.thenewstribune.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:25 GMT
strict-transport-security: max-age=15768000
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
trace-id: Root=1-663373ed-214fa40913daa6347c1dfca9
content-length: 94

GET
H2 200 postmessage.min.html
va.idp.liveperson.net/postmessage/ Frame 7553 0
0 500ms
124ms Document
text/html 208.89.15.170
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.idp.liveperson.net/postmessage/postmessage.min.html?bust=1714648045747&loc=https%3A%2F%2Fwww.thenewstribune.com

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.15.170 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.idp.liveperson.net

Software

ws /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.thenewstribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-allow-methods: GET, POST, PATCH
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
content-encoding: gzip
content-type: text/html
date: Thu, 02 May 2024 11:07:26 GMT
etag: W/"5f2ff440-2a51"
last-modified: Sun, 09 Aug 2020 13:04:00 GMT
server: ws
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 utsync.ashx Show response
ml314.com/ Frame 06A1 62 B
254 B 66ms
65ms Script
application/javascript 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=88280&ct=js&pi=&fp=102aba18-1abd-424a-b37b-a1a914fa9bdc&clid=&if=1&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.thenewstribune.com%2F&pv=1714648043206_9um6dno4h&bl=de-de&cb=65702&return=&ht=&d=&dc=&si=1714648043206_9um6dno4h&cid=mi_ti_tnt_102aba18-1abd-424a-b37b-a1a914fa9bdc_1714648041832_1714648041817&s=1600x1200&rp=https%3A%2F%2Fwww.thenewstribune.com%2F&v=2.7.1.157
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 11:07:26 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/javascript
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H2 200 2196236 Show response
va.v.liveperson.net/api/js/ 243 B
1 KB 723ms
302ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.v.liveperson.net/api/js/2196236?&cb=lpCb29266x29013&t=sp&ts=1714648045741&pid=175123177&tid=8341194703&pt=Tacoma%20WA%20Breaking%20News%2C%20Crime%20%26%20More%20%7C%20Tacoma%20News%20Tribune&u=https%3A%2F%2Fwww.thenewstribune.com%2F&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%2C%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%2C%22sub%22%3A%226761b2e6-f4d9-4503-a1b2-e6f4d9350305%22%2C%22account%22%3A%222196236%22%7D%5D

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.v.liveperson.net

Software

ws /

Resource Hash

af8a85b580c31f6aeade239c4abdaa72eba29fc08e5ce72725f3f7e2925960be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 2196236 Show response
va.v.liveperson.net/api/js/ 111 B
900 B 129ms
129ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.v.liveperson.net/api/js/2196236?sid=8DmxFMCIRT6buQfXjqQBWw&cb=lpCb34561x56782&t=pl&ts=1714648046704&pid=175123177&tid=8341194703&vid=VmYTRjM2EwNTBlZDIyMTI4

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.v.liveperson.net

Software

ws /

Resource Hash

9a223fcadff5f121adc62d752d588593c8abc5e59f3880e026a154b881f70b17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
BLOB 200
OK 6365b1e7-1149-4ae6-8b35-4352e379df5e Show response
https://www.thenewstribune.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/6365b1e7-1149-4ae6-8b35-4352e379df5e
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11515027aff3195020d827b678f2e70f556e640e47d037c2b54e2c0a3f04ae1a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H2 200 variantTopBarModal.0db969b7e79c4ed7c2c3.js Show response
www.thenewstribune.com/bylozis-on/ 75 KB
12 KB 57ms
57ms Script
application/javascript 23.196.230.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thenewstribune.com/bylozis-on/variantTopBarModal.0db969b7e79c4ed7c2c3.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.230.25 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-196-230-25.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 5fbfcfa6e4d46e69bd46f262cd2cc664017a5967a7ec471d391387ec6c2c3821

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:28 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 557
x-cachebust
server-timing: ak_p; desc="1714648048715_34831257_70194422_711_10776_39_0_146";dur=1
content-length: 11423
last-modified: Wed, 01 May 2024 15:25:26 GMT
server: MI
etag: W/"12ba1-6176618890580"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 638401493, 176299052 178820862
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=597156
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H3 200 css
fonts.googleapis.com/ 20 KB
950 B 50ms
50ms Stylesheet
text/css 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:100,200,300,400,500,600,700

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

ESF /

Resource Hash

5096fbe26ded2024e322b44e7643ac4d32c7e662daf74b23530ca17dcd955b77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 May 2024 11:07:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 May 2024 11:07:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 May 2024 11:07:28 GMT

GET
H2 200 o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2
fonts.gstatic.com/s/notosans/v36/ 38 KB
0 0ms
0ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v36/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91c01ec0de315f973f4c00041b7ae25e1a790cedff79a6fbb56c571bba379142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.thenewstribune.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 20:42:40 GMT
x-content-type-options: nosniff
age: 51881
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39412
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 22:43:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 May 2025 20:42:40 GMT

POST
H2 200 httpapi Show response
api2.amplitude.com/2/ 94 B
310 B 234ms
234ms Fetch
application/json 54.149.37.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/bylozis-on/escenic.0db969b7e79c4ed7c2c3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.149.37.245 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-149-37-245.us-west-2.compute.amazonaws.com

Software

Resource Hash

20638dc94e674f694097cdaf081531d3b53401933f412a43dbe2c7304584b19b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Accept: */*
Referer: https://www.thenewstribune.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:28 GMT
strict-transport-security: max-age=15768000
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
trace-id: Root=1-663373f0-2dfb95dd39d5bd8b428edb49
content-length: 94

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 164ms
47ms Preflight
text/plain 46.228.174.115

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.thenewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.thenewstribune.com
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Thu, 02 May 2024 11:07:32 GMT

POST
H2 200 unruly_prebid Show response
targeting.unrulymedia.com/ 11 B
240 B 151ms
54ms Fetch
application/json 46.228.174.115

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/thenewstribune.com/htlbid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: application/json

Response headers

pragma: no-cache
date: Thu, 02 May 2024 11:07:32 GMT
observe-browsing-topics: ?1
content-type: application/json
access-control-allow-origin: https://www.thenewstribune.com
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 11

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
118 B 144ms
48ms Fetch 185.64.189.112

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/thenewstribune.com/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.thenewstribune.com
date: Thu, 02 May 2024 11:07:31 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebid Show response
ib.adnxs-simple.com/ut/v3/ 253 B
825 B 310ms
216ms Fetch
application/json 37.252.171.52

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs-simple.com/ut/v3/prebid

Requested by

Host: htlbid.com
URL: https://htlbid.com/v3/thenewstribune.com/htlbid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 -, , ASN (),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

71b092450d47c5678bfe12f92b3f59fd7379718543179d403a953221df8b31f4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 May 2024 11:07:32 GMT
an-x-request-uuid: b23fce95-c5a1-4a95-8738-92b845c517a8
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.123; 80.255.7.123; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs-simple.com
content-length: 253
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK mcclatchy Show response
direct.adsrvr.org/bid/bidder/ 0
406 B 204ms
64ms Fetch
application/json 35.71.170.66

General

Check archive.org

Show headers Download Go to

Full URL: https://direct.adsrvr.org/bid/bidder/mcclatchy
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/thenewstribune.com/htlbid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.71.170.66 -, , ASN (),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 02 May 2024 11:07:31 GMT
x-openrtb-version: 2.3
server: Kestrel
content-type: application/json
access-control-allow-origin: https://www.thenewstribune.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 397 B
611 B 158ms
71ms Fetch
application/json 2602:803:c003:200::21

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=6291&site_id=80342&zone_id=2551742&size_id=2&alt_size_ids=55%2C57&gdpr=1&gdpr_consent=CP9_GsAP9_GsAEXiMADEAyEwAAAAAEPgAAYgAAAAAAAA&us_privacy=1---&eid_pubcid.org=857c9bff-2c37-413c-8e41-e152b208a8f6%5E1&rf=https%3A%2F%2Fwww.thenewstribune.com%2F&tg_i.domain=thenewstribune.com&tg_i.page=https%3A%2F%2Fwww.thenewstribune.com%2F&tg_i.pbadslot=%2F7675%2FTAC.site_thenewstribune%2F_HomePage%232&tk_flint=pbjs_lite_v8.35.0&x_source.tid=4bd4f104-ce4b-43a1-bed7-ef20856edb10&l_pb_bid_id=14e69aecabae168&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=83dd8b75-d34e-4293-b796-5cb6f5343e39&rp_hard_floor=0.1&rp_maxbids=1&p_gpid=%2F7675%2FTAC.site_thenewstribune%2F_HomePage%232&m_ch_ua=%22Google%20Chrome%22%7Cv%3D%22124%22%2C%22Not%3AA-Brand%22%7Cv%3D%228%22%2C%22Chromium%22%7Cv%3D%22124%22&m_ch_full_ver=%22Google%20Chrome%22%7Cv%3D%22124%22%2C%22Not%3AA-Brand%22%7Cv%3D%228%22%2C%22Chromium%22%7Cv%3D%22124%22&m_ch_mobile=%3F0&m_ch_platform=Win32&slots=1&rand=0.7850681863042495
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/thenewstribune.com/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 -, , ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ff713469a66a50c014a4f8460cf5d4348f7491ffc981cf20f6c5dbcaa54cd192

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 May 2024 11:07:32 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 397
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 394 B
428 B 175ms
88ms Fetch
application/json 2602:803:c003:200::21

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=6291&site_id=80342&zone_id=2551730&size_id=2&alt_size_ids=55&gdpr=1&gdpr_consent=CP9_GsAP9_GsAEXiMADEAyEwAAAAAEPgAAYgAAAAAAAA&us_privacy=1---&eid_pubcid.org=857c9bff-2c37-413c-8e41-e152b208a8f6%5E1&rf=https%3A%2F%2Fwww.thenewstribune.com%2F&tg_i.domain=thenewstribune.com&tg_i.page=https%3A%2F%2Fwww.thenewstribune.com%2F&tg_i.pbadslot=%2F7675%2FTAC.site_thenewstribune%2F_HomePage%233&tk_flint=pbjs_lite_v8.35.0&x_source.tid=4bd4f104-ce4b-43a1-bed7-ef20856edb10&l_pb_bid_id=151a8588b55950b&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=15d61d74-2cb2-4105-b163-c1654718b44d&rp_hard_floor=0.1&rp_maxbids=1&p_gpid=%2F7675%2FTAC.site_thenewstribune%2F_HomePage%233&m_ch_ua=%22Google%20Chrome%22%7Cv%3D%22124%22%2C%22Not%3AA-Brand%22%7Cv%3D%228%22%2C%22Chromium%22%7Cv%3D%22124%22&m_ch_full_ver=%22Google%20Chrome%22%7Cv%3D%22124%22%2C%22Not%3AA-Brand%22%7Cv%3D%228%22%2C%22Chromium%22%7Cv%3D%22124%22&m_ch_mobile=%3F0&m_ch_platform=Win32&slots=1&rand=0.3507685761285222
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/thenewstribune.com/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 -, , ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 521244e54173f73dfad910e53cba855ee1df7f9ca4256fd64a87bb60b7c80591

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 May 2024 11:07:32 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 394
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
201 B 384ms
303ms Fetch 178.250.1.8

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.35.0&cb=17103558497&lsavail=1

Requested by

Host: htlbid.com
URL: https://htlbid.com/v3/thenewstribune.com/htlbid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.thenewstribune.com
date: Thu, 02 May 2024 11:07:32 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
333 B 132ms
41ms Fetch
application/json 18.157.230.4

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=8.35.0&referrer=https%3A%2F%2Fwww.thenewstribune.com%2F&tmax=2000&gdpr=true&cmp_cs=CP9_GsAP9_GsAEXiMADEAyEwAAAAAEPgAAYgAAAAAAAA&us_privacy=1---

Requested by

Host: htlbid.com
URL: https://htlbid.com/v3/thenewstribune.com/htlbid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.157.230.4 -, , ASN (),

Reverse DNS

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
content-encoding: gzip
x-auction-status: 16, 16
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
551 B 201ms
115ms Fetch
application/json 104.18.36.155

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=907016
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/thenewstribune.com/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 81a0a7f5ab0cac7dcb44d7a02ca62310d401c085d9c1cb9efacbe0cb870c4431

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 May 2024 11:07:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q3oP6IT71Hb%2BppYnZhVmARoWo%2B2yprteQS7CprCQP3QoFAMEQ4Y2EPK4m5PYccv539BoIUhLS2sLqe%2BKWTZIzJ5tl8u5xhaKAcAUltP8VMwIIXWuQtZ4zq4IGZe57z7oMEMzfnWN"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.thenewstribune.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 87d78c582e276a76-TXL
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
263 B 214ms
126ms Fetch
text/plain 35.186.253.211

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/thenewstribune.com/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b728f122b7eb68e011d074c2e082f648e3a73dafb12ee4a3e54b6bdc741be56c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 02 May 2024 11:07:32 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.thenewstribune.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ Frame E84E 43 B
245 B 117ms
116ms Image
image/gif 54.224.102.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pe&tv=js-3.0.165&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=de-DE&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=11&tvcfg=all&f_privb=0&tid=db8b84e9-0e13-436c-b4ef-7f822475ff42&pid=a078609f-3095-4b2e-80a3-b7a3d25b7be9&dtm=1714648052570&qnm=_matherq&visible=1&tabid=7a5587fc-af1c-47ee-9b2c-edd4e4f1db97&refr=https%3A%2F%2Fwww.thenewstribune.com%2F&url=https%3A%2F%2Fwww.thenewstribune.com%2F&vrefr=https%3A%2F%2Fwww.thenewstribune.com%2F&vp=0x0&ds=0x0&tofa=1714648043&vid=1&lvidt=1714648043&duid=bfa9566c-f20b-4dac-bc55-8c7f8435a06b&fp=1187562409&cid=ma12095&mrk=74930801&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTcxNDY0ODAzNzc4NyIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiI0My4zODkzMDltYiIsImhlYXBUIjoiNjEuNTIxMzI1bWIiLCJmc3RQYWludCI6IjM4ODAiLCJmZXRjaFMiOiIyODk0IiwiZG9tYWluUyI6IjI5MzMiLCJkb21haW5FIjoiMjkzMyIsImNvbm5TIjoiMjkzMyIsImNvbm5FIjoiMzA1NCIsInNzbFMiOiIyOTc2IiwicmVxdVMiOiIzMDU0IiwicmVzcFMiOiIzMTMwIiwicmVzcEUiOiIzMTQxIiwiZG9tTG9hZCI6IjMxMzQiLCJkb21JbnRlciI6IjM5NDMiLCJkb21Mb2FkUyI6IjM5NzciLCJkb21Mb2FkRSI6IjM5NzkiLCJkb21DbXBsdCI6IjQ4NDEiLCJsb2FkUyI6IjQ4NDEiLCJsb2FkRSI6IjUyMTEifX0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.224.102.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-224-102-229.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date: Thu, 02 May 2024 11:07:32 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 204 js_tracking Show response
tags.srv.stackadapt.com/ Frame ED3A 0
156 B 131ms
131ms XHR
text/plain 3.121.4.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/js_tracking?url=https%3A%2F%2Fwww.thenewstribune.com%2F&uid=XDbR9bgzYgamKCe5q8YQuw%2C%20hXFHelqg_0qGLqDaoIkgLQ%2C%20GHZN9LleKWz0uNsDtvQTcQ&v=1&host=https%3A%2F%2Fwww.thenewstribune.com
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.121.4.172 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-4-172.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://www.thenewstribune.com
date: Thu, 02 May 2024 11:07:33 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET

POST
H2 201 / Show response
sdk.iad-05.braze.com/api/v3/data/ 2 B
195 B 251ms
251ms XHR
application/json 2606:4700:4400::ac40:965f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-05.braze.com/api/v3/data/

Requested by

Host: www.thenewstribune.com
URL: https://www.thenewstribune.com/bylozis-on/hanealneh.0db969b7e79c4ed7c2c3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:965f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-Braze-Api-Key: 83d75cce-ff55-432f-b0b6-78b7ba1ad6a8
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type: application/json
X-Braze-Last-Req-Ms-Ago: 11173
Referer: https://www.thenewstribune.com/
X-Requested-With: XMLHttpRequest
X-Braze-Req-Attempt: 1
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:34 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: c919f1fd-2e2f-444b-a333-02b98cb87997
x-runtime: 0.026784
server: cloudflare
etag: W/"44136fa355b3678a1146ad16f7e8649e"
vary: Origin,Accept-Encoding
access-control-allow-methods: POST, GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
x-ratelimit-reset: 1714648056
access-control-max-age: 7200
x-ratelimit-limit: 500.0
cf-ray: 87d78c635f6a9a39-FRA
x-ratelimit-remaining: 418.0

GET
BLOB 200
OK dc0bd3a7-fcf1-49fa-82c0-5f102de7978c
https://www.thenewstribune.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thenewstribune.com/dc0bd3a7-fcf1-49fa-82c0-5f102de7978c
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ 0
258 B 151ms
49ms Fetch 34.120.133.55

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity/envelope?pid=1405&ct=4&cv=CP9_GsAP9_GsAEXiMADEAyEwAAAAAEPgAAYgAAAAAAAA
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/thenewstribune.com/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.133.55 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 02 May 2024 11:07:35 GMT
via: 1.1 google
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.thenewstribune.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame 425A 0
0 558ms
42ms Document
text/html 95.101.149.233

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=CP9_GsAP9_GsAEXiMADEAyEwAAAAAEPgAAYgAAAAAAAA&us_privacy=1---
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.thenewstribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 224
Content-Type: text/html; charset=UTF-8
Date: Thu, 02 May 2024 11:07:36 GMT
ETag: "28052a-10d-6142d69a886c0"
Last-Modified: Thu, 21 Mar 2024 15:32:19 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 sync
eb2.3lift.com/ Frame D893 0
0 552ms
39ms Document
image/gif 76.223.111.18

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?gdpr=true&cmp_cs=CP9_GsAP9_GsAEXiMADEAyEwAAAAAEPgAAYgAAAAAAAA&us_privacy=1---&
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.thenewstribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Thu, 02 May 2024 11:07:36 GMT

GET
H2 200 ixmatch.html
js-sec.indexww.com/um/ Frame 6A3F 0
0 551ms
51ms Document
text/html 172.64.149.180

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.149.180 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.thenewstribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 18
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 87d78c707d4158ea-TXL
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 02 May 2024 11:07:36 GMT
expires: Thu, 02 May 2024 15:07:36 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D5A4 0
0 548ms
41ms Document
text/html 23.35.236.201

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159414&gdpr=1&gdpr_consent=CP9_GsAP9_GsAEXiMADEAyEwAAAAAEPgAAYgAAAAAAAA&us_privacy=1---
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.thenewstribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: max-age=40491
content-encoding: gzip
content-length: 5685
content-type: text/html
date: Thu, 02 May 2024 11:07:36 GMT
expires: Thu, 02 May 2024 22:22:27 GMT
last-modified: Tue, 13 Feb 2024 04:57:54 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 pd
mcclatchy-d.openx.net/w/1.0/ Frame 5091 0
0 551ms
49ms Document
text/html 34.98.64.218

General

Check archive.org

Show headers Download Go to

Full URL: https://mcclatchy-d.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=CP9_GsAP9_GsAEXiMADEAyEwAAAAAEPgAAYgAAAAAAAA&us_privacy=1---
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 -, , ASN (),
Reverse DNS
Software: OXGW/0.0.0 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.thenewstribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 151
content-type: text/html
date: Thu, 02 May 2024 11:07:36 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 usersync
match.adsrvr.org/track/ 70 B
149 B 174ms
55ms Image
image/gif 35.71.131.137

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/usersync?us_privacy=1---&gdpr=1&gdpr_consent=CP9_GsAP9_GsAEXiMADEAyEwAAAAAEPgAAYgAAAAAAAA&ust=image
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 -, , ASN (),
Reverse DNS
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thenewstribune.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 11:07:35 GMT
server: Kestrel
content-length: 70
content-type: image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tags.fullcontact.com
URL: https://tags.fullcontact.com/anon/fullcontact.js

Verdicts & Comments Add Verdict or Comment

229 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.scr-srvldappz.delfrutto.pe/	1969-12-31 23:59:59	Name: PHPSESSID Value: a78de38e0620d3a4c6b3eccf3a708858
.thenewstribune.com/	1970-01-21 05:46:16	Name: _awl Value: 2.1714648042.5-e93373428dff6e540699d7266d7cc0ff-6763652d6575726f70652d7765737431-0
.thenewstribune.com/	1970-01-20 20:17:35	Name: ak_bmsc Value: 2E334BD8D704B511FAD3002BF203135E~000000000000000000000000000000~YAAQmXsTAl28KTOPAQAAZcv8OBdAscvS6Pm7flnSTCITxbXpMHwwM3AIrr+G/1kDLvFXm10M5Q5QzeGycF0j8OiGbx1/t+2ozkpbTcsbBJzirUsfNLaNb0s12m3FZQmkrmc5LmheenkPUiOrXCgqdqDlTk0BsIvywFIFJRSbZt9HzGU4E5zo2j3/2f0jei2CfI4oY0NBSHXDddG2QrplbchXXZNPpEOy309PR/Pxx1cnSIvhNgAvaHB9b0x2tiNjiVEXcJZyuHGyP53kZF7eEy/5U/QFpxYrqCY5fmhwiKaMLwmOl50zKXHZ+YiKUnkh2QuQLnQo4YM1JDCxufTKjGTIuERxbklOUsnT3fVBIr6qGG8UXBkoKMdPgX2fHfIz/G1nGEEV4lcO9SVLSlTDLyuliUZkdCy0KrAtGGur47HwUTGJ3cqFTlc3wEfltZLfK8w52/I2Ss44I8ctmHFd3xyJ7xE=
tags.srv.stackadapt.com/	1970-01-21 05:03:04	Name: sa-user-id Value: s%3A0-fc4db73a-0950-5d55-6a04-d08348f972c5.Sf8R2Xf6qwbjKtAdkL9ABcLPVFK4aQ4MwqDhv9adrqs
.srv.stackadapt.com/	1970-01-21 05:03:04	Name: sa-user-id Value: s%3A0-fc4db73a-0950-5d55-6a04-d08348f972c5.Sf8R2Xf6qwbjKtAdkL9ABcLPVFK4aQ4MwqDhv9adrqs
tags.srv.stackadapt.com/	1970-01-21 05:03:04	Name: sa-user-id-v2 Value: s%3A_E23OglQXVVqBNCDSPlyxVD_B3s.z9tH0XI%2FYeCtZvTP4yx9fxKprRBTMxm%2Fa3YHz0heKfo
.srv.stackadapt.com/	1970-01-21 05:03:04	Name: sa-user-id-v2 Value: s%3A_E23OglQXVVqBNCDSPlyxVD_B3s.z9tH0XI%2FYeCtZvTP4yx9fxKprRBTMxm%2Fa3YHz0heKfo
tags.srv.stackadapt.com/	1970-01-21 05:03:04	Name: sa-user-id-v3 Value: s%3AAQAKIOGvX5qiC6aG6CufUTogd2SzCPNxg9X5TZJCyIJcfFrnEHwYBCDr582xBjABOgS9M-cxQgSUlmpP.nh5kf12leXkQKiosBSbJ4VUjS9UEMJKtmCNNkk8DXII
.srv.stackadapt.com/	1970-01-21 05:03:04	Name: sa-user-id-v3 Value: s%3AAQAKIOGvX5qiC6aG6CufUTogd2SzCPNxg9X5TZJCyIJcfFrnEHwYBCDr582xBjABOgS9M-cxQgSUlmpP.nh5kf12leXkQKiosBSbJ4VUjS9UEMJKtmCNNkk8DXII
.thenewstribune.com/	1970-01-20 20:17:35	Name: bm_sv Value: 3391E58FA9A5E22D7B7763E035642895~YAAQmXsTAqK8KTOPAQAATNT8OBc+EPAnlNM+MCi+le5m6ao3+rtIqorJgrf2jx0ISHb/xtViROeDzk1qrS3nrVyJbM69SRhr3aaU3mvbJph14WOvwt7/HETyFLrrud9BZTJ5YiSjR1UHYlO8KcZmIifiSzIWAZHr1/ac0MHRvm5D0541xJTbhPVunrHuQMwbiPsYZzMehMz9N4CiCLhne4MaRJTkY2Ilh9qYr1U9022TR8UzvK/EGmAf+GDSr+DjUXzaL7ggR0k=~1
.mcclatchy.com/	1970-01-21 05:03:04	Name: _iidt Value: cKopqSOEYoE77eSQN7pIUtB7J1QDMTbr6JdgM0D9WsSAefLx+kjiqqq8ZQSVw7KkfOxCAqokZFwC2w==

48 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	error	URL: https://www.thenewstribune.com/ Message: Custom state pseudo classes are changing from ":--webkit-scrollbar-track" to ":state(webkit-scrollbar-track)" soon. See more here: https://github.com/w3c/csswg-drafts/issues/4805
javascript	warning	URL: https://www.thenewstribune.com/bylozis-on/thenewstribunecore.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.thenewstribune.com/bylozis-on/thenewstribunecore.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	warning	URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://cmp.osano.com/16A0CuTCdGtXx3A1C/ec63760f-40b0-4c2c-b76a-e71dda7f148e/osano.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1405&ct=4&cv=CP9_GsAP9_GsAEXiMADEAyEwAAAAAEPgAAYgAAAAAAAA Message: Failed to load resource: the server responded with a status of 451 ()
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thenewstribune.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accdn.lpsnmedia.net
ads.pubmatic.com
ams-pageview-public.s3.amazonaws.com
api.dsp.mcclatchy.com
api.lab.amplitude.com
api.rlcdn.com
api2.amplitude.com
bidder.criteo.com
cd.connatix.com
cdn.confiant-integrations.net
cdn.keywee.co
cds.connatix.com
cmp.osano.com
d15kdpgjg3unno.cloudfront.net
direct.adsrvr.org
dyv1bugovvq1g.cloudfront.net
eb2.3lift.com
edge.quantserve.com
eus.rubiconproject.com
fastlane.rubiconproject.com
flowerstreatment.com
fonts.googleapis.com
fonts.gstatic.com
fp.qa.mcclatchy.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
htlbid.com
ib.adnxs-simple.com
img.connatix.com
js-sec.indexww.com
js.matheranalytics.com
lpcdn.lpsnmedia.net
lptag.liveperson.net
match.adsrvr.org
mcclatchy-d.openx.net
mcclatchy-next-apps-prod.s3.amazonaws.com
ml314.com
profile-api.amplitude.com
region1.analytics.google.com
rtb.openx.net
rules.quantcount.com
sb.scorecardresearch.com
scissorsstatement.com
sdk.iad-05.braze.com
secure-us.imrworldwide.com
securepubads.g.doubleclick.net
sqs.us-east-1.amazonaws.com
static.adsafeprotected.com
stats.g.doubleclick.net
tags.fullcontact.com
tags.srv.stackadapt.com
targeting.unrulymedia.com
thenewstribune.com
tlx.3lift.com
va.idp.liveperson.net
va.v.liveperson.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.i.matheranalytics.com
www.mcclatchy-partners.com
www.mcclatchy-wires.com
www.scr-srvldappz.delfrutto.pe
www.thenewstribune.com
tags.fullcontact.com
104.18.36.155
104.18.41.104
107.178.250.234
108.138.7.125
13.32.27.39
142.250.184.228
142.250.185.234
15.197.142.117
151.101.130.132
16.182.69.17
162.240.171.188
166.108.36.245
172.217.16.195
172.64.144.166
172.64.149.180
178.249.97.23
178.249.97.99
178.250.1.8
18.157.230.4
185.64.189.112
2001:4860:4802:32::36
208.89.12.87
208.89.15.170
23.196.230.25
23.35.236.201
2600:1901:0:7416::1
2600:1901:0:d733::1
2600:9000:20ab:de00:8:48e:53c0:93a1
2600:9000:223c:d800:6:44e3:f8c0:93a1
2600:9000:223e:c00:5:82fd:2500:21
2600:9000:2490:d400:11:b309:9100:21
2600:9000:266e:4c00:3:b7e:8940:93a1
2600:9000:266e:a00:e:ec66:e40:93a1
2602:803:c003:200::21
2606:4700:4400::ac40:965f
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::200a
2a00:1450:4001:81c::2003
2a00:1450:4001:82f::2008
2a00:1450:400c:c00::9a
2a02:26f0:3500:18::1724:a28d
3.121.4.172
3.236.169.64
34.117.77.79
34.120.133.55
34.120.154.120
34.98.64.218
35.186.253.211
35.71.131.137
35.71.170.66
37.252.171.52
44.228.37.53
46.228.174.115
52.217.108.92
52.85.158.7
52.85.158.91
54.149.37.245
54.170.62.78
54.224.102.229
76.223.111.18
95.101.149.233
00d63fc5af0ee7f5ea662cb5a2870cf4118fa22d7d86a8072efbb06580c99030
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
07e8578f77ebfb48f789ec516d7ca30961c9f483fdac695c3fc3e54ecf408917
08712c19859f7f0982bdec2bf49d255524d293aabb60829e27596cda98cec96c
087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd
096d737de4e9d2ccaf1e6b46be90c8d4cc8e5186e13eb2a0d3936509c3512040
0bb3754e5ea2f7bc2ee48c5dd9511630fd8440667c48040c7f7b1ae2cbec4d55
0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438
0e0abcf22aa7ff8f89d75c84a565f0efff6e13df0e0a2e2a7f8c03ca7360745c
0f183d0f4e84ac50c22fe0b6299ec2ca8c664eff2f3c2b13b02a58c0c1bfae2e
11515027aff3195020d827b678f2e70f556e640e47d037c2b54e2c0a3f04ae1a
12a91fa17092aea6371efed1458da78cb91c1250696704fad984996be5a24e15
18f35c576aabd3eb7c3386c0467cd6f87bc054a669e66f6181152a46f397d63a
1ab7de4d6166c51fa9eb83ed2ec5f2eaadb30ffdae864fdf8fb8adbbc8473151
1ae4d301d98fce40b10e39afa3eb683bbfb7818606cd21bcbb3641ef2c5996a6
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1ca1bebe09e064e74b029916ad8f6d9ebb862a5e4ae16aec225a73288610b3f9
1e862bf1e216f81d079dc802b0dae8313937d4857175abb0f4706ec8f8f07cdc
2028dc7432b6a70e68a6e62e130a39ccb303d29eab5026b78ea163228cf5233d
20638dc94e674f694097cdaf081531d3b53401933f412a43dbe2c7304584b19b
233451371f7890075850b66808b4dac8ac46a1d8a5bebbbb440114fb9191f234
246f50b59a7426dbb5910cfe0785110ae6df50cdaed539b90d30bd894e3998a5
266ae0b8a5f9ca7bde14d62f55e7780b60fcf8fbb660cf40811b210d97ebcd20
26b311640fb08f25649988a13944fc8a708b4df6eee15ef5d2b20802b7b8d36b
27c2409d6f7b03264e81dbdcca6dc7db59add330945f1374e1aa9ad151621d2b
299b23d0399e5f27ec39ebeeef468abc442c8b7588d1c7e5ccd1ccc2425c218e
2d9cf3156fe0b513822e66fa845a4b16376e0df84e264931a2b42b2b7a9c44fc
2ea1c8e03601f5a205b41afd29f99c70bb4afb010d85c35bda6d7bf206106a6a
3024e1cde4afb5400a7f7ffeefd0ff060ca22f64ffd0fab049d738af349f5fbf
312b9102cbc04d986c3894c9109b880c00f415e8e87e1646c96edb3a881354da
32bd4e40ff1ffa1a2006c57a04c624c0f34d5d8fdc105ea0fe3f91769d17e316
32d6e2dbea16096854d67cecc0749023f5eedf087210b39a86e5f08d90e2dd1c
33560c1b3cdb0f0066d12bc667eaffaeadae008628e5d945d8e8758c0d7859a2
3600a4f3cb38184c7ad77fc3b129b40666856e9791d2b575ac63452e0ce416da
36e7e3945b082b2a41bc9408f0f5d4dc4ae33d7850001ad8758987a1b1e72919
38d46dcff34248f80e9e7934e6fd325d865718e8c3e1958d37c1eb0b59d0890f
3a0766e1f88afd34ad646382743f4d9bf00df6c653be17b858abfc2a92948a80
3a317eb36ea9f699f2c2889330638ae052905ef507c589138d4336d6e223bd12
3cd1cbd90afd468d519c72075d1816205843f3c654d1b3a3d3968f6802969c38
3d436e3d55dc0a983b927c5f703efa9813d4fda57fe329a5e2552922b985951b
3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983
421a2faa1be177751a391f5446f23692f55aa0d998d3c6919ef6f5679c030faa
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
43768da895b936155a74478241510dc3498e10d0087889a5874b0382f45abc23
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44158bd2cc9e8b8702ac8c204cba0eea4b1895d210dcd0d32c44552eeb374d93
443d4712023350c84b387ad8b58d6b4b8296b64243e08b4ed0ea3f60121c741c
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
4605f7132dfb8faa48b11b5181f51233bfaab7610a95c736ae7fdad9c0bfb272
494ffae017f684ef38ac5aea993427f0feafdef216c80d5ea65407a2c60b642a
4a5bca6580a6caf83f9bf95c31541f90aa9114f80798948c82736d141c0d2e66
4d11f5e962c2ac48c591a4c060a202680f5afe6dedbba3e00b8b9f036793b331
4d573d1127bf81686fdd5544b6a35b6b58046ff02287ff7221de39498aa612da
4fbdeb90501ff8ef441a031acd1d3cbfb57ce5cc07bbe7dedcd1abe21dafc0b7
5096fbe26ded2024e322b44e7643ac4d32c7e662daf74b23530ca17dcd955b77
521244e54173f73dfad910e53cba855ee1df7f9ca4256fd64a87bb60b7c80591
523a329ca36afccf4db0b70763b86bc5efa3ffac6e514a74f7765f0309c04ea4
557996eaa6e26b810e77bb52a12d6231a95cb3a774ffaafffff7daf8befcdf31
589d11bbdbb3c6e65b9c737bde980cff7168c8482006bbf8e976945defaca3fb
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5e33790c4c6d5893103a96a4feb3b597173a66b1d9b3a9051071f9e1d5d4487d
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5f3013245f4ee591e331364ee5044664a65048925168bfee28037bb16082f5b2
5fbfcfa6e4d46e69bd46f262cd2cc664017a5967a7ec471d391387ec6c2c3821
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
64b0c917f1c05d48abb72d836a571da26673e6cc26e4b6ba1faca85789c7f46d
68b8e71982e93fa7dd2f406283c640fa9e5cb2bcae72669d20f54012c428da3d
69b2f599e26d08288df4c17f87c5d0bde04b4cb1b764c5cd91f22b06247280a9
6ad715f9b8af691020c2ad5a312a31ac88aa2f0feb5b5ec50ab72f1bf1c0fb87
6d2c5fea6101695a0b14830ddfdd0dd8ea1d3309db1d68dd665cd9f04b86f369
6fdf3306a6d2db48646ad7c15779d3bc944208073a9904090af533c5a9639f17
70a53f78fb49a39dd034e0e798a3a6f4187ecc9dde2a5929a5df84d847c8c543
70b914de15dd75628895223bfe09012e3687598bca4dbaa34a97234f6a8826e9
71b092450d47c5678bfe12f92b3f59fd7379718543179d403a953221df8b31f4
72467bcf68a6e21f73fd171994eec39087ab6f257c66bc3d957b9924aed99993
74b1c9d0e9a310c68a2437a307ddc5f8c58ab3dd1ef63299c2982961837abe5d
75d9d212e2811afea51e1b0d425566c5b3f2be843066b5a8f91f9df7c328cda6
76a2b3f9a2fbe5578d0c7843efc5432bf37a96d85e9346943796648489188678
78316d0dee827a39ff1fc9b0b1ba86f6ac0807211281af153943faa61f3ccdb4
7a52a88a2f21c8e7b21c78398fb9b2bf9e34ac7d04d976033aba28f8931e3f52
7aa53b6f5be7864f11e29318a7c9c7fd8969bbfd381c39adf480b793ac73af56
7ac0860b77d9b48c62ab343e834ce949f5b98c27fcb85128cd85c8a3a93fdfd5
7b86cdf2629fc724878a4dd3fef7fbff2ac95555bfb0faa9401f27c789dbfe12
7ec6628ca649036348da6c1cc9db9489ac669d70a10c70d9a7a3898be0b68a92
7eefee06bdc64fa60ef5e0752071498970f1f5a8d76832bffe09b4f6ce5e1767
7f4bfaeaf071f2a6cbe8cafb02a1eab6858575afb89659c7b991ffb148ed90b3
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
817875cd68037c353805b105c90fbf96f433f0f26d2d5acbe408eecbe5f7e0ab
81a0a7f5ab0cac7dcb44d7a02ca62310d401c085d9c1cb9efacbe0cb870c4431
841b376b295a344c5818c66213a1b95600055a200f527ac2e233d9fa81a9f869
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8527bd74842ff05938bd4dd0c4b59fbd26ec32110a79471cd4b10d59409911ab
87b8dd1e7f0dd57e81214a048970f9c0738783f156c7da38493f217707d2411d
8856cb0a8fb9615673fae7be84a0bac4128660b2eac4492c648dd38e19746bd8
8bd5fcf747e902c6b84efe2a114ec4a899bb317f20c287c34209495af7d6cd02
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dab392b28d325d42c0365fdf71e1be56f966651b26f27b123246696373a4a7e
8e2879060bff403befc92b267095e223305acdcfbdf68786914d3f3ac00a6e82
8e48f529c53402f70a3d115dc650d906d862147db605aa3a1c61a5483a8964a9
900bc17f4833e66506b5c6eb81b411b978b7e3bebab10640beda1eda7088f9db
91c01ec0de315f973f4c00041b7ae25e1a790cedff79a6fbb56c571bba379142
92b0b6286c1d95f3b0c6e1a65d0b3374dd2d5855b57d18df246fa41b6bf1b6ad
9345767e78ab3b5ebe1b253ede72b27b2a969fb55fbefa0ca7220beed7876389
9442f777b8d9ac935eeb2d83790aceb4b7c29f6e5b64d577b66069aca5d50daf
9a223fcadff5f121adc62d752d588593c8abc5e59f3880e026a154b881f70b17
9a5e1bdbea96f3c5d3c726b22fe2950b290fb6725acfdfc73a2c5a863a018a8a
9bb7c384f5040574116f7a27f08cc44dfa3a838fa3198acd6d74abe5382fa5e7
9d3959df4ebd84904a1622b6d7c9728f487e0c4d372f9bc2f59d0c480702f9c5
9d3a6b3cee3005d8efeabd6a59491613fd374d92f49290fe5b5d7bc493185ec3
9f4c6e80303359c900ced647be01f45d2a6f995fd5935eac640769ff009ace52
a084cb4687796fe0d8a337abc919d941c9d9b15841988064d984129078b3a548
a1a850fd1774ef1f9ad3314570b39867b72669a78e9dc00c7dbae09e3e81a010
a28c8285cf359ff4ef1ad357b2480770784260346e16532b55b29b64865d9415
aeefaae7e90680816ec89d5a80f2e8e9f07ef6a56a1d66fa2f8dc07a8a92b820
af8a85b580c31f6aeade239c4abdaa72eba29fc08e5ce72725f3f7e2925960be
b00ad6c5da6cf409fbfac83885cd7c5b117cd3252375ab8b511ccd797229f2ae
b2e091d8f5f42fece940cc4faa3b8386a10753364193e3dfaf706bf2a188b3ca
b711808fd4356948e0020a4ca8ae6a08b37d1c45701008da7637c2e8985ab9f1
b728f122b7eb68e011d074c2e082f648e3a73dafb12ee4a3e54b6bdc741be56c
b95d2d2242abb674a699bb93bfb29c2c0af10a92e8db0ab0f7893896c9734ae1
bc6c1d02b156722d8e6cc1864498d4cb8e71dc6ca87a73b1be531d3075875576
bd2d49932c691b72fe6b0ecf521ed7eb328dd895be92127a950c26318099f896
bedd1197a3191552c44d7f454444bc732e231f805254e532f433e9d1361ebf13
bf8afeae1dceeae46193da68f95406a032cc6f8f19775f3a811aabc46f36eff3
c073b660c35f54f8d5dabdf1bbc7914fbdc02680a6bab2ca243cf0b6ae12eed7
c082c30d1f6a7bc9b03f8aea62866ef749cd23eda840d648de96a8f20b6b8ea6
c121537f660621459c2fad086c9b028cdfc5c38c4eb1e855115b278322c5b29e
c154dfb68876bdcb1d8a1788b850523975612fbeaa321dcac8bf5961a5b37e0b
c613bd0434cd5a0f6d1db345a5b36c8bdc6339e96ffde9695340aa1094399f43
c8269e438637b4fc760ddd4501e2aeaa4d158a288a0d6a1583ffe1a14896459d
c993d05bb60da456288d4de69e2b187b8505fc17491f670dff7014aaf98030c9
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cef8e444876d82067d1619f07db6cb6fabbea2f7f51c23375785842abf319940
d00b3428f55e66e952b416d83d14e8aeeb10fb9ca6b3ad671fd7ce2b4625b140
d10f564111b281963c5fb5366bf9a944c91d141643ea0e711f7a9803d49f1b2a
d172d3fa9e3a275a4c24dfa2f6e93f529f8ce5ac88f40cb0b221a4e8da0a0b91
d29d84e698eb10452f97d8a6f249b73496beb844cef58e920e3832bd321d64a2
d318a29d490d804ac9f45e464a4c0fd658d44bf30417001c1719313f3a316278
d35851b6105713ee65d3d0de39a15b81aac4e989ab552d8383fad0618b374e83
d513ee15141ebc5165f94559c27585c8a11c6e95545374a3ab59b6ec2cfb7b5d
d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2
d5b0d679af7853ecdb4f52ca4833c02a0b87624f92a5c487388bda1c06aa5e58
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d722b262f280460d6f3092516abf3ad852bf0f5082e9a9727470be6e8dfef07b
d8ec6349a216d77f1f33ed4bf7415efbc85895dabac621905c466e6894647cbb
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df3327d0aab9599e0caaadab0d7158401dcc904ccc26c4d9d279c59106862b7a
df966430d36d0f9a0c25cb72a40a5f24a4c82d3eebb4a9f51ad563d328487eaf
e16763a0552a1cadd3c2225e18ff241a47c1e95e001eae3e6abc682e96ee3744
e33d4565bdbaf2ffd0d9fc9964475d388d74012e261f01975b18705df8041cd9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e421f99080a6b360c6aa740d7370b9edc1bed7486dd68bd05ad1f4fe6e821df8
e52d6545c56454039b04d25947d5ca42b73803b408ea865affc8b91fb27efb3b
e53e87e8c3bb1f83de4d7bc760d5ba841bad1595beffd15610a45140acc1f850
e5e3f2c1c7c18f6d483573a11a8e1e58250c7617e675208082bc5a65577cc159
e64faa6b31ccabef6314122f574b8a7359229da1c9df4f0739a3b12aefcf9767
e7e44422c447462738826b8aa12cb9d83ca7b78622a56c0c4cfbe29b321d6ded
e84579046013ee288fc4ea3698f886f1c6d2e83df294eb851283c12e63b5ef33
e8640da585b9aa84c676fc0f3ed814d2080edb80afb3f96d8ec243ccc970e84b
eb20f6b9f8a85c2b64c6fc615a3d0c910721a4ac4439e5f90a3fa29204cd56e7
ec73a03ddfb93ac643177e88d38d4060665abfa35517953b9cd8101218354ee7
edb8e87e582af5c3dc16c35d2050ba18ba55372ed957e3c4a44432de85933396
eddd19f1620a514a8c991b78ccee87787ae0b9168d511575d477d2f817dad620
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa35cadd3d526fb32e70148ec1c145dda43cde286d0bc4e94adfc31470dfcc8
f3cdbc2fb67355a5bed72a60b784bbb90533a584dc67e9752e3b004eb77155d5
f3f8d02a7a7b9fc07dcc70c897787cc409719570b458412f476e9ccd97c7d2d6
f4e7aa32fc31c8002b5cc2db4e7106ac090478441dffa01b36451f54fda83680
f60413dd2940de49e26d7c52c0b49339c08cf94393b5d6930e7817cd829703ab
f6e4be20312e2b84c81275836c74764a61075c14fc7c58073c778e61efd19428
f736f13014bee238f93fe8d921f6aad403db0ab84ab2c71563c66e0720213fad
f9a5649d70f74cde04ab0c3f8a8f41810772e9970befa7fee8e339bcf4dd3b08
f9c44215b84841e06dfcf8d2ce96d30562a3334bf71a5a308bce50fda63fd437
fbf5a809affc2436edaeec5bf7b723d8feaf4f9e7cbd8ba5f7f0f1e237b17f27
ff713469a66a50c014a4f8460cf5d4348f7491ffc981cf20f6c5dbcaa54cd192

www.thenewstribune.com Open in urlscan Pro 23.196.230.25 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

230 Requests

79 %HTTPS

30 %IPv6

45 Domains

65 Subdomains

62 IPs

5 Countries

5667 kBTransfer

11174 kBSize

11 Cookies

31 Outgoing links

Page URL History

Redirected requests

230 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.thenewstribune.com Open in urlscan Pro
23.196.230.25 Public Scan

Screenshot
Live screenshot

Full Image

230
Requests

79 %
HTTPS

30 %
IPv6

45
Domains

65
Subdomains

62
IPs

5
Countries

5667 kB
Transfer

11174 kB
Size

11
Cookies

230 HTTP transactions
2 data transactions