www.newsobserver.com Open in urlscan Pro
104.85.251.10 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://newsobserver.com/
Effective URL:
https://www.newsobserver.com/
Submission Tags: analytics-framework
Submission: On April 17 via api (April 17th 2023, 1:07:09 pm UTC) from US — Scanned from DE

Summary HTTP 157 Redirects Behaviour Indicators

Summary

This website contacted 38 IPs in 5 countries across 32 domains to perform 157 HTTP transactions. The main IP is 104.85.251.10, located in Berlin, Germany and belongs to AKAMAI-AS, US. The main domain is www.newsobserver.com. The Cisco Umbrella rank of the primary domain is 119523.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on October 16th 2022. Valid for: a year.

This is the only time www.newsobserver.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	166.108.36.245 166.108.36.245	6118 (MCCLATCHY...) (MCCLATCHY-CORP)
45	104.85.251.10 104.85.251.10	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	3.5.28.101 3.5.28.101	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
2	151.101.194.132 151.101.194.132	54113 (FASTLY) (FASTLY)
1	2600:1901:0:7... 2600:1901:0:7416::1	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:161	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:223... 2600:9000:223e:3600:4:a557:4cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	34.211.209.234 34.211.209.234	16509 (AMAZON-02) (AMAZON-02)
1 7	172.64.154.204 172.64.154.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2	54.212.18.233 54.212.18.233	16509 (AMAZON-02) (AMAZON-02)
2	13.32.27.47 13.32.27.47	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:212... 2600:9000:2127:8800:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.45.98.71 52.45.98.71	14618 (AMAZON-AES) (AMAZON-AES)
1	35.201.104.135 35.201.104.135	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
6	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
1	65.9.97.61 65.9.97.61	16509 (AMAZON-02) (AMAZON-02)
1	34.120.253.250 34.120.253.250	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	13.32.121.37 13.32.121.37	16509 (AMAZON-02) (AMAZON-02)
1 2	107.178.250.234 107.178.250.234	15169 (GOOGLE) (GOOGLE)
2	99.86.4.31 99.86.4.31	16509 (AMAZON-02) (AMAZON-02)
1	2.19.229.35 2.19.229.35	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.155.18.159 54.155.18.159	16509 (AMAZON-02) (AMAZON-02)
3	34.98.72.95 34.98.72.95	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2	2600:1901:0:d... 2600:1901:0:d733::1	15169 (GOOGLE) (GOOGLE)
3	3.248.88.116 3.248.88.116	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	34.98.88.136 34.98.88.136	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.117.121.15 34.117.121.15	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.201.121.164 35.201.121.164	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.107.191.194 34.107.191.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.102.193.48 34.102.193.48	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
157	38

1 166.108.36.245 (Coral Springs, United States) 1 redirects

ASN6118 (MCCLATCHY-CORP, US)
PTR: vnet831.ejoco.com

newsobserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 104.85.251.10 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-85-251-10.deploy.static.akamaitechnologies.com

www.newsobserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.heraldsun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.mcclatchy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.mcclatchy-wires.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.mcclatchy-partners.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.5.28.101 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com

mcclatchy-next-apps-prod.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.132 (United States)

ASN54113 (FASTLY, US)

api.lab.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:7416::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)

flowerstreatment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:161 (United States)

ASN13335 (CLOUDFLARENET, US)

tags.pw.adn.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
logging.pw.adn.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223e:3600:4:a557:4cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

i086.newsobserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.211.209.234 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-211-209-234.us-west-2.compute.amazonaws.com

api2.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.64.154.204 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.212.18.233 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-212-18-233.us-west-2.compute.amazonaws.com

profile-api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.27.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-47.fra56.r.cloudfront.net

htlbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:8800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.98.71 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-98-71.compute-1.amazonaws.com

mcclatchy.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.104.135 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 135.104.201.35.bc.googleusercontent.com

vi.ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

c2.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.97.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-97-61.prg50.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.253.250 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 250.253.120.34.bc.googleusercontent.com

tag.wknd.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.32.121.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-37.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.250.234 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com

js.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.4.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-31.fra6.r.cloudfront.net

tags.fullcontact.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.229.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-229-35.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.155.18.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-18-159.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.72.95 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 95.72.98.34.bc.googleusercontent.com

assets.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:d733::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)

scissorsstatement.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.248.88.116 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-88-116.eu-west-1.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.88.136 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 136.88.98.34.bc.googleusercontent.com

data.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.121.15 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 15.121.117.34.bc.googleusercontent.com

page.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.121.164 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 164.121.201.35.bc.googleusercontent.com

view.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.191.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.191.107.34.bc.googleusercontent.com

ids.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.193.48 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 48.193.102.34.bc.googleusercontent.com

e.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	newsobserver.com 1 redirects newsobserver.com — Cisco Umbrella Rank: 108260 www.newsobserver.com — Cisco Umbrella Rank: 119523 i086.newsobserver.com — Cisco Umbrella Rank: 290771	2 MB
12	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 974 c2.taboola.com — Cisco Umbrella Rank: 9247 trc.taboola.com — Cisco Umbrella Rank: 693 trc-events.taboola.com — Cisco Umbrella Rank: 1900 hp.taboola.com — Cisco Umbrella Rank: 64499	235 KB
8	amplitude.com api.lab.amplitude.com — Cisco Umbrella Rank: 5843 api2.amplitude.com — Cisco Umbrella Rank: 1437 profile-api.amplitude.com — Cisco Umbrella Rank: 52694	2 KB
7	connatix.com 1 redirects cd.connatix.com — Cisco Umbrella Rank: 2700 cds.connatix.com — Cisco Umbrella Rank: 2792 capi.connatix.com — Cisco Umbrella Rank: 2397 ins.connatix.com Failed pl.connatix.com Failed lit.connatix.com Failed assets.connatix.com — Cisco Umbrella Rank: 14529 vid.connatix.com Failed	281 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	241 KB
4	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 159	5 KB
3	cdnbasket.net data.cdnbasket.net — Cisco Umbrella Rank: 4187 page.cdnbasket.net — Cisco Umbrella Rank: 4192 view.cdnbasket.net — Cisco Umbrella Rank: 4191	1014 B
3	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1205	2 KB
3	bounceexchange.com assets.bounceexchange.com — Cisco Umbrella Rank: 1920	92 KB
2	cdnwidget.com ids.cdnwidget.com — Cisco Umbrella Rank: 3214 e.cdnwidget.com — Cisco Umbrella Rank: 9108	304 B
2	scissorsstatement.com scissorsstatement.com — Cisco Umbrella Rank: 58909	795 B
2	fullcontact.com tags.fullcontact.com — Cisco Umbrella Rank: 28210	19 KB
2	matheranalytics.com 1 redirects js.matheranalytics.com — Cisco Umbrella Rank: 10645 www.i.matheranalytics.com Failed	43 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 2695 p1.parsely.com — Cisco Umbrella Rank: 2100	24 KB
2	htlbid.com htlbid.com — Cisco Umbrella Rank: 10327	126 KB
2	mcclatchy-wires.com www.mcclatchy-wires.com — Cisco Umbrella Rank: 113114	120 KB
2	adn.cloud tags.pw.adn.cloud — Cisco Umbrella Rank: 39030 logging.pw.adn.cloud — Cisco Umbrella Rank: 41844	40 KB
2	mcclatchy.com media.mcclatchy.com — Cisco Umbrella Rank: 65901	5 KB
2	heraldsun.com www.heraldsun.com — Cisco Umbrella Rank: 387450	5 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
1	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196	26 KB
1	criteo.com gum.criteo.com — Cisco Umbrella Rank: 416	288 B
1	ntv.io s.ntv.io — Cisco Umbrella Rank: 3499	156 KB
1	wknd.ai tag.wknd.ai — Cisco Umbrella Rank: 4301	6 KB
1	ml314.com vi.ml314.com — Cisco Umbrella Rank: 15415	388 B
1	blueconic.net mcclatchy.blueconic.net — Cisco Umbrella Rank: 56977	704 B
1	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 608	483 B
1	mcclatchy-partners.com www.mcclatchy-partners.com — Cisco Umbrella Rank: 152247	21 KB
1	flowerstreatment.com flowerstreatment.com — Cisco Umbrella Rank: 59431	22 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	874 B
1	amazonaws.com mcclatchy-next-apps-prod.s3.amazonaws.com — Cisco Umbrella Rank: 61775	488 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 39 imasdk.googleapis.com Failed	1 KB
157	32

	Domain	Requested by
38	www.newsobserver.com	www.newsobserver.com
4	trc-events.taboola.com	cdn.taboola.com www.newsobserver.com blank
4	trc.taboola.com	cdn.taboola.com
4	sb.scorecardresearch.com	www.newsobserver.com cdn.taboola.com
4	fonts.gstatic.com	fonts.googleapis.com
4	api2.amplitude.com	www.newsobserver.com
3	jadserve.postrelease.com	s.ntv.io blank
3	assets.bounceexchange.com	tag.wknd.ai
2	assets.connatix.com	www.newsobserver.com
2	scissorsstatement.com	flowerstreatment.com
2	tags.fullcontact.com	www.newsobserver.com tags.fullcontact.com
2	js.matheranalytics.com	1 redirects www.newsobserver.com
2	cdn.taboola.com	www.newsobserver.com cdn.taboola.com
2	capi.connatix.com	www.newsobserver.com cd.connatix.com
2	htlbid.com	www.newsobserver.com
2	profile-api.amplitude.com	www.newsobserver.com
2	www.mcclatchy-wires.com	www.newsobserver.com
2	cds.connatix.com	www.newsobserver.com cd.connatix.com
2	i086.newsobserver.com	www.newsobserver.com i086.newsobserver.com
2	api.lab.amplitude.com	www.newsobserver.com
2	media.mcclatchy.com	www.newsobserver.com
2	www.heraldsun.com	www.newsobserver.com
1	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
1	e.cdnwidget.com	blank
1	ids.cdnwidget.com	assets.bounceexchange.com
1	view.cdnbasket.net	assets.bounceexchange.com
1	page.cdnbasket.net	assets.bounceexchange.com
1	data.cdnbasket.net	assets.bounceexchange.com
1	hp.taboola.com	cdn.taboola.com
1	securepubads.g.doubleclick.net	cd.connatix.com
1	gum.criteo.com	cdn.taboola.com
1	p1.parsely.com	www.newsobserver.com
1	logging.pw.adn.cloud	tags.pw.adn.cloud
1	s.ntv.io	www.newsobserver.com
1	tag.wknd.ai	www.newsobserver.com
1	cdn.parsely.com	www.newsobserver.com
1	c2.taboola.com	www.newsobserver.com
1	vi.ml314.com	www.newsobserver.com
1	mcclatchy.blueconic.net	i086.newsobserver.com
1	static.adsafeprotected.com	www.newsobserver.com
1	www.gstatic.com	www.google.com
1	www.mcclatchy-partners.com	www.newsobserver.com
1	cd.connatix.com	1 redirects
1	tags.pw.adn.cloud	www.newsobserver.com
1	flowerstreatment.com	www.newsobserver.com
1	www.google.com	www.newsobserver.com
1	mcclatchy-next-apps-prod.s3.amazonaws.com	www.newsobserver.com
1	fonts.googleapis.com	www.newsobserver.com
1	newsobserver.com	1 redirects
0	imasdk.googleapis.com Failed	cd.connatix.com
0	vid.connatix.com Failed	cd.connatix.com
0	lit.connatix.com Failed	cd.connatix.com
0	pl.connatix.com Failed	cd.connatix.com
0	ins.connatix.com Failed	cd.connatix.com
0	www.i.matheranalytics.com Failed	www.newsobserver.com
157	55

This site contains no links.

Subject Issuer	Validity	Valid
www.mcclatchydc.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-16` - `2023-10-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.s3.amazonaws.com Amazon	`2022-09-21` - `2023-08-26`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.lab.amplitude.com GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-02-25` - `2024-03-28`	a year	crt.sh
flowerstreatment.com R3	`2023-04-07` - `2023-07-06`	3 months	crt.sh
adn.cloud Cloudflare Inc ECC CA-3	`2022-05-31` - `2023-05-30`	a year	crt.sh
l758.theolympian.com Amazon RSA 2048 M01	`2022-11-25` - `2023-12-25`	a year	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2023-01-23` - `2024-02-14`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
htlbid.com Amazon RSA 2048 M01	`2023-02-21` - `2023-11-19`	9 months	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2022-08-22` - `2023-09-23`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M01	`2023-02-24` - `2023-09-04`	6 months	crt.sh
*.blueconic.net Amazon RSA 2048 M01	`2023-02-28` - `2023-10-21`	8 months	crt.sh
vi.ml314.com GTS CA 1D4	`2023-02-20` - `2023-05-21`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.parsely.com Amazon RSA 2048 M01	`2023-02-24` - `2023-07-04`	4 months	crt.sh
tag.wknd.ai R3	`2023-03-25` - `2023-06-23`	3 months	crt.sh
*.scorecardresearch.com Amazon RSA 2048 M02	`2023-03-01` - `2024-01-28`	a year	crt.sh
*.fullcontact.com Amazon RSA 2048 M02	`2023-02-28` - `2024-01-19`	a year	crt.sh
*.ntv.io DigiCert TLS RSA SHA256 2020 CA1	`2022-10-24` - `2023-10-26`	a year	crt.sh
assets.bounceexchange.com GTS CA 1D4	`2023-03-26` - `2023-06-24`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
scissorsstatement.com R3	`2023-04-05` - `2023-07-04`	3 months	crt.sh
*.postrelease.com Amazon RSA 2048 M01	`2023-02-09` - `2024-02-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
data.cdnbasket.net GTS CA 1D4	`2023-03-23` - `2023-06-21`	3 months	crt.sh
page.cdnbasket.net GTS CA 1D4	`2023-03-23` - `2023-06-21`	3 months	crt.sh
view.cdnbasket.net GTS CA 1D4	`2023-03-22` - `2023-06-20`	3 months	crt.sh
ids.cdnwidget.com R3	`2023-04-02` - `2023-07-01`	3 months	crt.sh
e.cdnwidget.com R3	`2023-03-11` - `2023-06-09`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.newsobserver.com/
Frame ID: 23BBA068C4F67D7D4A2FCAFB91CF2D86
Requests: 125 HTTP requests in this frame

Frame: https://cds.connatix.com/p/257620/connatix.player.dc.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
Frame ID: D80206F4B0D416AA469E981E8F05E58E
Requests: 20 HTTP requests in this frame

Frame: blob://https://www.newsobserver.com/053dccc6-97d4-4981-b067-7341e574486c
Frame ID: F6CF98CECE5FCA5A22415319582C176A
Requests: 1 HTTP requests in this frame

Frame: blob://https://www.newsobserver.com/2633d3da-2713-4fb1-8111-f5d1d21502fe
Frame ID: EEAE66F8994D814CE890020140BBF802
Requests: 3 HTTP requests in this frame

Frame: blob://https://www.newsobserver.com/eb6feac0-8804-4612-bbf9-dfccdef4e4e9
Frame ID: C80693B68702C1297E2FE66D1863BBD4
Requests: 3 HTTP requests in this frame

Frame: blob://https://www.newsobserver.com/6b72303b-02cb-4ffc-8c12-94b7f32d15af
Frame ID: 219BB70F558259116A5BC170333D7320
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://newsobserver.com/ HTTP 301
https://www.newsobserver.com/ Page URL

Detected technologies

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

157
Requests

73 %
HTTPS

29 %
IPv6

32
Domains

55
Subdomains

38
IPs

5
Countries

3263 kB
Transfer

7938 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://newsobserver.com/ HTTP 301
https://www.newsobserver.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://cd.connatix.com/connatix.player.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a HTTP 302
https://cds.connatix.com/p/257620/connatix.player.dc.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a

Request Chain 96

https://js.matheranalytics.com/s/ma12095/74930332/all/ml.js?cb=1622 HTTP 301
https://js.matheranalytics.com/static/ltm/ma12095/all/10/ml.br.js

157 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.newsobserver.com/
Redirect Chain

https://newsobserver.com/
https://www.newsobserver.com/

190 KB
24 KB

797ms
670ms

Document
text/html

104.85.251.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.251.10 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-251-10.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: e19721651ab51d473870ef17c5bff5896be07c47d555503bf09447ef314c53eb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 22926
content-type: text/html;charset=utf-8
date: Mon, 17 Apr 2023 13:06:38 GMT
etag: W/"2f769-zi3MBjAKIgbYHyqOQLVB5O9gFQY"
expires: Mon, 17 Apr 2023 13:06:38 GMT
last-modified: Mon, 17 Apr 2023 13:05:07 GMT
mi-api: WPS
mi-cache: HIT
mi-cache-age: 90
pragma: no-cache
server: MI
server-timing: ak_p; desc="467149_1490933439_889520621_64599_9017_11_0";dur=1
surrogate-control: varnish=ESI/2.1
vary: Accept-Encoding
x-akamai-transformed: 9 22739 0 pmb=mTOE,4
x-mi-in-market: 0
x-proxy-forwarding-type: BlackList
x-varnish: 815702653, 6236256 8499711

Redirect headers

Connection: Keep-Alive
Content-Length: 237
Content-Type: text/html; charset=iso-8859-1
Date: Mon, 17 Apr 2023 13:06:37 GMT
Keep-Alive: timeout=5, max=100
Location: https://www.newsobserver.com/
Server: Apache

GET
H2 200 newsobservercore.js Show response
www.newsobserver.com/no-bziylos/ 273 KB
75 KB 203ms
202ms Script
application/javascript 104.85.251.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/no-bziylos/newsobservercore.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.251.10 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-251-10.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 0137d038d24a70183ea1467d7f3210a388e342535d4aef6ce0977a1a4a5a359b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:38 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 227
server-timing: ak_p; desc="467149_1490933439_889522130_13702_7518_11_0";dur=1
content-length: 76627
last-modified: Thu, 13 Apr 2023 21:41:39 GMT
server: MI
etag: W/"44468-5f93e96edaac0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 995657542, 97749834 84610551
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=282
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 vendor.bundle-e8bf89b42a8198ff411c.js Show response
www.newsobserver.com/wps/build/webpack/ 99 KB
34 KB 93ms
92ms Script
application/javascript 104.85.251.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/build/webpack/vendor.bundle-e8bf89b42a8198ff411c.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.251.10 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-251-10.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 798b67bb2ea3243fac61fc7df7e5585a5adc40887e278bdf62598ca5d7629903

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:38 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 70944
server-timing: ak_p; desc="467149_1490933439_889522170_1605_6659_11_0";dur=1
content-length: 34371
last-modified: Wed, 12 Apr 2023 15:39:37 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"18ca4-187761f52a8"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 1005853110, 120511860 106551346
content-type: application/javascript;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=579710
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 mi-header.bundle-325cb502abf5181a4183.js Show response
www.newsobserver.com/wps/build/webpack/ 8 KB
3 KB 96ms
95ms Script
application/javascript 104.85.251.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/build/webpack/mi-header.bundle-325cb502abf5181a4183.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.251.10 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-251-10.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 2713c7f23a5c9ecc5665c7d755c559d9be4104bf57fb273c1019511ddedd3588

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:38 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 388710
server-timing: ak_p; desc="467149_1490933439_889522171_1601_6690_11_0";dur=1
content-length: 2841
last-modified: Mon, 27 Mar 2023 17:27:42 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"2147-187241c86b0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 483126522, 640695335 307238004
content-type: application/javascript;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=90914
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 43ms
18ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

03c5168b9326913b1e13b493a67a64a7fd5d153a25ec7a68ea5de5f13dae5722

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 17 Apr 2023 13:06:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 13:06:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 Apr 2023 13:06:38 GMT

GET
H2 200 mi-styles.687f76e8eb118b9210fb.css
www.newsobserver.com/wps/build/webpack/css/ 217 KB
46 KB 97ms
97ms Stylesheet
text/css 104.85.251.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/build/webpack/css/mi-styles.687f76e8eb118b9210fb.css
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.251.10 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-251-10.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 8e6cf02b45fd93e64d2a3f7fb14f6f5f9e7856390ee7472de109dbd07dd78e7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:38 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 85
server-timing: ak_p; desc="467149_1490933439_889522169_1715_6495_11_0";dur=1
content-length: 46673
last-modified: Fri, 07 Apr 2023 11:40:40 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"362e3-1875b84c2c0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 955180642, 772826999 777442059
content-type: text/css;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=160950
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H/1.1 200
OK style.css
mcclatchy-next-apps-prod.s3.amazonaws.com/custom-css/all/ 64 B
488 B 332ms
117ms Stylesheet
text/css 3.5.28.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mcclatchy-next-apps-prod.s3.amazonaws.com/custom-css/all/style.css
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.28.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4bc5c40c719fdc3bcf4b05cf341d262c15237c33140439bb1585f3228f8bfb8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 13:06:39 GMT
Last-Modified: Wed, 12 Apr 2023 23:21:35 GMT
Server: AmazonS3
x-amz-request-id: BR0T0E2A5C1JYNZ0
ETag: "2564e08f79012936ef68f704939bf664"
x-amz-server-side-encryption: AES256
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 64
x-amz-id-2: XOf6qoIG9np0myeOCssQFA35wEDCzfM1xqVn6RNha1CU5fRAgNDTwhUSLlU/3OWSKyKhzkO8YNHm158LdDsuLPviE7pENs8qlcfBzWP2mtI=

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
874 B 38ms
16ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4e69c68f5c5b6c87b4b0437ddce158f64c43653e489a7f0731492243ea115ad7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 554
x-xss-protection: 1; mode=block
expires: Mon, 17 Apr 2023 13:06:38 GMT

GET
H2 200 1b9bd4c Show response
www.newsobserver.com/akam/13/ 26 KB
10 KB 43ms
42ms Script
application/javascript 104.85.251.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/akam/13/1b9bd4c
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.251.10 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-251-10.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 98c487b9751731fd98bb870a62626fe184d8327cbafdf00349ad4f6fc34fead1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:38 GMT
content-encoding: gzip
server-timing: ak_p; desc="467149_1490933439_889522667_786_4489_15_0";dur=1
content-length: 8776
pragma: no-cache
last-modified: Wed, 09 Feb 2022 15:06:15 GMT
etag: "135da52d8ace7095899627c27eff4c3da9b0b6f8145042bcbec0e011f971ca70"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
access-control-allow-headers: *
expires: Mon, 17 Apr 2023 13:06:38 GMT

GET
H2 200 logo.svg
www.newsobserver.com/wps/build/images/newsobserver/ 4 KB
2 KB 41ms
39ms Image
image/svg+xml 104.85.251.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/wps/build/images/newsobserver/logo.svg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.251.10 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-251-10.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 3081cd5942a29f59f16b662f9487cdb95dc4473722804097a0d697bd72fb1693

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:38 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 75922
server-timing: ak_p; desc="467149_1490933439_889522682_352_8633_15_0";dur=1
content-length: 1605
last-modified: Mon, 27 Mar 2023 17:27:42 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"10fe-187241c86b0"
mi-cache: HIT
vary: Accept-Encoding
x-varnish: 517626285, 583694973 574923759
content-type: image/svg+xml;charset=ISO-8859-1
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=447765
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 favicon-96.png
www.newsobserver.com/wps/build/images/newsobserver/ 2 KB
2 KB 41ms
39ms Image
image/png 104.85.251.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/wps/build/images/newsobserver/favicon-96.png
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.251.10 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-251-10.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: b3fade7f40077dbf91f4dafb3cb005a98b14eb081e557321e7a567cb794b35c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:38 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 324107
server-timing: ak_p; desc="467149_1490933439_889522684_414_11307_15_0";dur=1
content-length: 2093
last-modified: Mon, 27 Mar 2023 17:27:42 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"82d-187241c86b0"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 751594227, 443654417 120506749
content-type: image/png;charset=ISO-8859-1
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=92433
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 logo-tab.svg
www.heraldsun.com/wps/build/images/heraldsun/ 7 KB
4 KB 262ms
27ms Image
image/svg+xml 104.85.251.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldsun.com/wps/build/images/heraldsun/logo-tab.svg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.251.10 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-251-10.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 8b4bf46a7ee17fa868ac3a6ed47a74783271577c926748bcdbe6327921fca200

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:39 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 29696
server-timing: ak_p; desc="467149_1490933439_889523118_722_6952_11_0";dur=1
content-length: 3240
last-modified: Mon, 27 Mar 2023 17:27:42 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"1c45-187241c86b0"
mi-cache: HIT
vary: Accept-Encoding
x-varnish: 502671285, 352809676 348314385
content-type: image/svg+xml;charset=ISO-8859-1
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=404574
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 square-icon.svg
www.heraldsun.com/wps/build/images/heraldsun/ 2 KB
2 KB 262ms
28ms Image
image/svg+xml 104.85.251.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heraldsun.com/wps/build/images/heraldsun/square-icon.svg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.251.10 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-251-10.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 583365753b0cc7d65fa510a1d9bbe90bb50647ad28a11e45891f1e6d793dbcc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:39 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 446112
server-timing: ak_p; desc="467149_1490933439_889523119_725_7144_11_0";dur=1
content-length: 1072
last-modified: Mon, 27 Mar 2023 17:27:42 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"868-187241c86b0"
mi-cache: HIT
vary: Accept-Encoding
x-varnish: 764058098, 1000617207 572525858
content-type: image/svg+xml;charset=ISO-8859-1
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=257804
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 badge-rb.svg
media.mcclatchy.com/static/images/logos/ 4 KB
4 KB 949ms
817ms Image
image/svg+xml 104.85.251.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.mcclatchy.com/static/images/logos/badge-rb.svg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.251.10 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-251-10.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 02e1948e54c1b23b0d5e5a5ed4cdac9a923a50af0d6f0cc459201ec903ca76c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:39 GMT
last-modified: Fri, 27 Jan 2023 19:41:07 GMT
server: Apache
etag: "ff3-5f3440bf65e58"
vary: Origin
content-type: image/svg+xml
accept-ranges: bytes
content-length: 4083

GET
H2 200 icon-rb.svg
media.mcclatchy.com/static/images/logos/ 1012 B
1 KB 582ms
450ms Image
image/svg+xml 104.85.251.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.mcclatchy.com/static/images/logos/icon-rb.svg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.251.10 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-251-10.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8ad027b5063a7e692442a0ac1728160f7e6f8a2723e844235ed73527a9efbf2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:39 GMT
last-modified: Fri, 27 Jan 2023 19:41:07 GMT
server: Apache
etag: "3f4-5f3440bf73b5c"
vary: Origin
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1012

GET
H2 200 mastheadPage.bundle-f12ba010901bb2c7f092.js Show response
www.newsobserver.com/wps/build/webpack/ 91 KB
32 KB 22ms
22ms Script
application/javascript 104.85.251.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/build/webpack/mastheadPage.bundle-f12ba010901bb2c7f092.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.251.10 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-251-10.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 1dc55e0f9a43bf2a2252433d23a6c7c7cf08fd9782877f6bef134032944781a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:38 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 45
server-timing: ak_p; desc="467149_1490933439_889522458_23_9729_12_0";dur=1
content-length: 32508
last-modified: Mon, 27 Mar 2023 17:27:49 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"16aca-187241ca208"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 429920120, 238967874 260409569
content-type: application/javascript;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=500099
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 mi-footer.bundle-9e59a31b822d120051b7.js Show response
www.newsobserver.com/wps/build/webpack/ 8 KB
3 KB 60ms
58ms Script
application/javascript 104.85.251.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/build/webpack/mi-footer.bundle-9e59a31b822d120051b7.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.251.10 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-251-10.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 764df958623e81ae49b597536c4f788d01b6d7d5b6fa5933868a4fd691e379df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:38 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 483535
server-timing: ak_p; desc="467149_1490933439_889522685_1221_7470_15_0";dur=1
content-length: 2925
last-modified: Mon, 27 Mar 2023 17:27:42 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"2137-187241c86b0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 526236251, 609192351 144855227
content-type: application/javascript;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=342088
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 videoLoader.bundle-a5f25964b2016c0e8f41.js Show response
www.newsobserver.com/wps/build/webpack/ 217 KB
71 KB 38ms
36ms Script
application/javascript 104.85.251.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/build/webpack/videoLoader.bundle-a5f25964b2016c0e8f41.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.251.10 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-251-10.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 5c01ca88c3fb2e18378931dd13853095945845058ad9714dca2fad4664146d09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:38 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 205
server-timing: ak_p; desc="467149_1490933439_889522686_305_7195_15_0";dur=1
content-length: 72320
last-modified: Wed, 12 Apr 2023 14:09:50 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"36271-18775cd1fb0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 752936524, 138625800 128250519
content-type: application/javascript;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=178005
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 footer.bundle-1f06f5f8ac3bfe589066.js Show response
www.newsobserver.com/wps/build/webpack/ 10 KB
3 KB 22ms
22ms Script
application/javascript 104.85.251.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/build/webpack/footer.bundle-1f06f5f8ac3bfe589066.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.251.10 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-251-10.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 962633a9b2b7df607d091396cbe096cef615f8bd36ea627151254a5743c4e0c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:38 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 430431
server-timing: ak_p; desc="467149_1490933439_889522638_179_7847_17_0";dur=1
content-length: 2570
last-modified: Mon, 27 Mar 2023 17:27:42 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"284c-187241c86b0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 745728606, 695807447 335035630
content-type: application/javascript;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=171462
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
BLOB 200
OK 8ee3a1e2-d3bc-4a38-b4ed-94256d6ca32e Show response
https://www.newsobserver.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/8ee3a1e2-d3bc-4a38-b4ed-94256d6ca32e
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/no-bziylos/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8defae8288a8c4bf7087a2f75db9f86f556aca4ca84b43170252d55e978ca832

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK f53da431-078f-4a06-b88c-a74b6f79b2df Show response
https://www.newsobserver.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/f53da431-078f-4a06-b88c-a74b6f79b2df
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/no-bziylos/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a73748e95d0cc8eaf4273f4a478f6f340e70a4d5aa1c36109a820717cfb655e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 9ebf1b79-22e3-4a54-b068-ee016cc4933f Show response
https://www.newsobserver.com/ 268 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/9ebf1b79-22e3-4a54-b068-ee016cc4933f
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/no-bziylos/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 32929c5fa3c0615211044cc5a7837357059d972579032cd5617e55c0df73e726

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Length: 268
Content-Type: text/javascript

GET
BLOB 200
OK d89b4e15-9cba-4ec6-8b35-3995b860ec6e Show response
https://www.newsobserver.com/ 268 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/d89b4e15-9cba-4ec6-8b35-3995b860ec6e
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/no-bziylos/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9bb2f1bbd174b9945bdbf13afc62fe0256adcf03d5a4ae7d05ac40f56a990d49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Length: 268
Content-Type: text/javascript

OPTIONS
H2 200 vardata
api.lab.amplitude.com/sdk/ Frame 0
0 226ms
188ms Preflight 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://www.newsobserver.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-user
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.newsobserver.com
access-control-max-age: 1800
date: Mon, 17 Apr 2023 13:06:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin
x-amzn-trace-id: Root=1-643d445e-6f93a9a5727c2bd44cca544b
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-hhn-etou8220043-HHN
x-timer: S1681736799.890685,VS0,VE178

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 692 B
557 B 233ms
232ms Fetch
application/json 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/no-bziylos/newsobservercore.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4a168ac386a0db6c25726115bc365ddf398d9ce224d298713124d844c9f94406

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsobserver.com/
accept-language: de-DE,de;q=0.9
Authorization: Api-Key client-G6ik2oCuLtpn6c9TpIT8ZRXe4JHPDDn9
X-Amp-Exp-User: eyJsaWJyYXJ5IjoiZXhwZXJpbWVudC1qcy1jbGllbnQvMS43LjEiLCJkZXZpY2VfaWQiOiJjYThiNTU4YS00MDdjLTQ3MDktOGFhYi05MGZjYjZlZjY0OWMiLCJ1c2VyX3Byb3BlcnRpZXMiOnsiYnVzaW5lc3NfdW5pdCI6Ik5BTyIsImNhbm9uaWNhbF91cmwiOiJodHRwczovL3d3dy5uZXdzb2JzZXJ2ZXIuY29tLyIsImNtc19pZCI6IkhvbWVwYWdlOjcwNDEiLCJjb250ZW50X3NlcnZpY2UiOiJQcm9kdWN0OiBFc2NlbmljIiwiZnVsbF91cmwiOiJodHRwczovL3d3dy5uZXdzb2JzZXJ2ZXIuY29tLyIsImhhc19mb2N1cyI6InllcyIsInBhZ2VfbGV2ZWwiOiJIb21lIiwicGFnZV9uYW1lIjoiSG9tZTpIb21lcGFnZSIsInBhZ2VfcGF0aCI6Ii8iLCJwdWJsaWNhdGlvbl9uYW1lIjoiTmV3cyBhbmQgT2JzZXJ2ZXIiLCJyZWZlcnJpbmdfaG9zdCI6Im5vX3JlZmVycmVyIiwic2VjdGlvbiI6IkhvbWVwYWdlIiwic2VydmVyIjoid3d3Lm5ld3NvYnNlcnZlci5jb20iLCJ0YXhvbm9teSI6Il9Ib21lUGFnZXx8fHwiLCJ1cmwiOiJodHRwczovL3d3dy5uZXdzb2JzZXJ2ZXIuY29tLyIsImRldmljZV9wbW9kZSI6Im5vdF9yZWFkeSIsImRldmljZV9vcmllbnRhdGlvbiI6InVuc3VwcG9ydGVkIiwiZGV2aWNlX3NjcmVlbl9zaXplIjoiMTYwMHgxMjAwIiwibG9nZ2VkX2luIjpmYWxzZSwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTIuMC41NjE1LjQ5IFNhZmFyaS81MzcuMzYifX0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 0
x-cache: MISS
content-length: 423
x-served-by: cache-hhn-etou8220043-HHN
x-timer: S1681736799.081291,VS0,VE224
x-amzn-trace-id: Root=1-643d445f-48763ad90e80d0f010d5dc04
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 v2lqwcGNtbZcnoCw0vMa0Addz7MRoJ7ADWPuZlhvzzozF1IDD97kKhDk Show response
flowerstreatment.com/ 60 KB
22 KB 69ms
24ms Script
text/javascript 2600:1901:0:7416::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://flowerstreatment.com/v2lqwcGNtbZcnoCw0vMa0Addz7MRoJ7ADWPuZlhvzzozF1IDD97kKhDk

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:7416::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

8fb593e89d5b62a01be71b389a582abb6d3f2a2ac867baf6465cc144a99f0a4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
via: 1.1 google
date: Mon, 17 Apr 2023 13:06:38 GMT
x-datacenter: gce-europe-west1
etag: "cc3b65f8826b8795e273a20b6df657ff7f1d04bbde43f8851c9d459e40cf0a0c"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-b8mh
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
x-buildnumber: 832971200
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 danelei.49d20c7fcf0706a0eead.js Show response
www.newsobserver.com/no-bziylos/ 9 KB
3 KB 39ms
38ms Script
application/javascript 104.85.251.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/no-bziylos/danelei.49d20c7fcf0706a0eead.js
Requested by: Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/8ee3a1e2-d3bc-4a38-b4ed-94256d6ca32e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.251.10 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-251-10.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 790fe5c18e56222c9f6da2eae2875d1b8d9e2283fa9a24ec4cc8294e886f05bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:38 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 782
server-timing: ak_p; desc="467149_1490933439_889522687_334_7292_15_0";dur=1
content-length: 2566
last-modified: Thu, 13 Apr 2023 21:41:33 GMT
server: MI
etag: W/"2395-5f93e96921d40"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 23200817, 187826551 173526307
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=291246
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 netdale.b950b1ecfee41b1148b0.js Show response
www.newsobserver.com/no-bziylos/ 88 KB
26 KB 58ms
57ms Script
application/javascript 104.85.251.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/no-bziylos/netdale.b950b1ecfee41b1148b0.js
Requested by: Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/f53da431-078f-4a06-b88c-a74b6f79b2df
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.251.10 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-251-10.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 96452c8ee01497a5e6503345fa017b1108180f46788f6168162a3c337420d747

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:38 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 781
server-timing: ak_p; desc="467149_1490933439_889522688_1206_7494_15_0";dur=1
content-length: 26510
last-modified: Thu, 13 Apr 2023 21:41:33 GMT
server: MI
etag: W/"15f68-5f93e96921d40"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 24936729, 186778074 175835955
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=291288
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 activation_tag.js Show response
tags.pw.adn.cloud/2NYPOH/ 143 KB
40 KB 471ms
435ms Script
text/javascript 2606:4700::6812:161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.pw.adn.cloud/2NYPOH/activation_tag.js
Requested by: Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/9ebf1b79-22e3-4a54-b068-ee016cc4933f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbe1c99c5250bcc7a5bf21f38854bb77541ba605f39ed01e3b62d430838b1139

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:39 GMT
content-encoding: gzip
via: 1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
last-modified: Thu, 13 Apr 2023 10:35:47 GMT
server: cloudflare
x-amz-cf-pop: FRA56-P3
x-amz-server-side-encryption: AES256
etag: W/"993cd88884190f5b5b9c983f8ff6fb21"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/javascript
cache-control: public, s-maxage=30, max-age=300
cf-ray: 7b94e2f16ca36961-FRA
x-amz-cf-id: rKtWLgBd96ikhu1gmeI2ltuvBVX5SRIzJs6_fUHLIXwzjBZW1TYZ7Q==

GET
H2 200 script.js Show response
i086.newsobserver.com/ 132 KB
40 KB 245ms
12ms Script
text/javascript 2600:9000:223e:3600:4:a557:4cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://i086.newsobserver.com/script.js

Requested by

Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/d89b4e15-9cba-4ec6-8b35-3995b860ec6e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:3600:4:a557:4cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

- /

Resource Hash

fa61d94d56ad7f5958549b409634aee71dda4fe06594a358ca5c826c2f2c5b60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:05:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P4
age: 57
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 40689
x-xss-protection: 1; mode=block
last-modified: Mon, 17 Apr 2023 13:05:35 GMT
server: -
etag: 9fa29e27f4e01e3f2dea88dc4435b7eb
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=600
x-robots-tag: noindex, nofollow
x-amz-cf-id: zlWx-vXFgmEFnpZ2fxoMA8IFFCfCL8nR11ZipqDVa5uqjmbegvwSxw==
expires: Mon, 17 Apr 2023 13:15:42 GMT

OPTIONS
H2 200 httpapi
api2.amplitude.com/2/ Frame 0
0 558ms
182ms Preflight 34.211.209.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.211.209.234 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-211-209-234.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.newsobserver.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-length: 0
date: Mon, 17 Apr 2023 13:06:39 GMT
strict-transport-security: max-age=15768000

POST
H2 200 httpapi Show response
api2.amplitude.com/2/ 94 B
287 B 196ms
195ms Fetch
application/json 34.211.209.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/no-bziylos/newsobservercore.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.211.209.234 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-211-209-234.us-west-2.compute.amazonaws.com

Software

Resource Hash

0023ead8fe6e4d37f8a0074c497a5e93c9a94c4dab8096920567775b364d55c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Referer: https://www.newsobserver.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Mon, 17 Apr 2023 13:06:39 GMT
strict-transport-security: max-age=15768000
trace-id: Root=1-643d445f-60e8c2d3209dad4e1874b08d
content-length: 94
access-control-allow-methods: GET, POST
content-type: application/json

GET
H2

200

connatix.player.dc.js Show response
cds.connatix.com/p/257620/ Frame D802
Redirect Chain

https://cd.connatix.com/connatix.player.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
https://cds.connatix.com/p/257620/connatix.player.dc.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a

1 MB
265 KB

66ms
43ms

Script
application/javascript

172.64.154.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/257620/connatix.player.dc.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Server: 172.64.154.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 592e800443163f8bd7186c066d8e53a29a35c06fd5b2bde3bb1b9b3cb022cffa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:39 GMT
x-amz-version-id: h5FjS3FXXEqvk6802BAMJ670Vsv.X3EF
content-encoding: br
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 14 Apr 2023 16:04:21 GMT
server: cloudflare
etag: W/"523a1916227655224a0d9b0ee9951373"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
cf-ray: 7b94e2f2feeb366c-FRA
access-control-allow-headers: range
expires: Tue, 16 Apr 2024 13:06:39 GMT

Redirect headers

date: Mon, 17 Apr 2023 13:06:39 GMT
cf-cache-status: DYNAMIC
server: cloudflare
surrogate-control: no-cache, no-store, must-revalidate, max-age=0
vary: Accept-Encoding
location: https://cds.connatix.com/p/257620/connatix.player.dc.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 7b94e2f17cdb366c-FRA
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 wxicons-blk-2.svg
www.newsobserver.com/wps/source/images/widgets/weather/wxicons-blk/ 2 KB
1 KB 41ms
41ms Image
image/svg+xml 104.85.251.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/wps/source/images/widgets/weather/wxicons-blk/wxicons-blk-2.svg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.251.10 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-251-10.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: fe8e8325cca37fc986268bab20aa134722a066dc93347d824b0f989b9a94e023

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:38 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 275902
server-timing: ak_p; desc="467149_1490933439_889522715_1647_11964_12_0";dur=1
content-length: 675
last-modified: Wed, 12 Apr 2023 14:05:13 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"6a4-18775c8e5a8"
mi-cache: HIT
vary: Accept-Encoding
x-varnish: 955710507, 259394168 142910588
content-type: image/svg+xml;charset=ISO-8859-1
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=457308
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v27/ 12 KB
13 KB 33ms
9ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.newsobserver.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:39:22 GMT
x-content-type-options: nosniff
age: 527236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12684
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:28:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:39:22 GMT

GET
H2 200 ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2
fonts.gstatic.com/s/notoserif/v21/ 23 KB
24 KB 30ms
10ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v21/ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25475d82cc976fb2c71b15b3e416c22bf636dd247bbb268d312e7c076ec5b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.newsobserver.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:39:41 GMT
x-content-type-options: nosniff
age: 527217
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23948
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:47:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:39:41 GMT

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v27/ 13 KB
13 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.newsobserver.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 17:21:02 GMT
x-content-type-options: nosniff
age: 243936
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12860
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:27:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Apr 2024 17:21:02 GMT

GET
H2 200 ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2
fonts.gstatic.com/s/notoserif/v21/ 27 KB
27 KB 14ms
14ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v21/ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0a9ce1553fa74dad4d8cf55b7df7d012a3acdec01cd39d682fce0e5b52e99f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.newsobserver.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:44:41 GMT
x-content-type-options: nosniff
age: 526917
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27456
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:10:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:44:41 GMT

GET
H2 200 fontawesome-webfont.woff2
www.newsobserver.com/wps/source/sass/main/fonts/font-awesome/fonts/ 55 KB
56 KB 38ms
38ms Font
font/woff2 104.85.251.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/wps/source/sass/main/fonts/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/wps/build/webpack/css/mi-styles.687f76e8eb118b9210fb.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.251.10 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-251-10.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 41dd3e48dbef1ddbc59957d4e99ef7662c1702dd8b55d0900b02150f87af354a

Request headers

Referer: https://www.newsobserver.com/wps/build/webpack/css/mi-styles.687f76e8eb118b9210fb.css
Origin: https://www.newsobserver.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:38 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 1483
server-timing: ak_p; desc="467149_1490933439_889522788_1802_8007_11_0";dur=1
content-length: 56780
last-modified: Wed, 12 Apr 2023 15:36:39 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"ddcc-187761c9b58"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 961991067, 50829170 33274165
content-type: font/woff2;charset=ISO-8859-1
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=103
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 noncompete.png
www.newsobserver.com/latest-news/k8nek2/picture274339990/alternates/LANDSCAPE_768/ 148 KB
148 KB 41ms
38ms Image
image/png 104.85.251.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/k8nek2/picture274339990/alternates/LANDSCAPE_768/noncompete.png
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.251.10 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-251-10.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: e1864720d437de16319c804c40ef9560cef8c54b4bc86c8c08fa926a7ee286e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:39 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 9748
server-timing: ak_p; desc="467149_1490933439_889522842_24_8013_11_0";dur=1
content-length: 151055
last-modified: Fri, 14 Apr 2023 23:15:10 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "186994903c58320ffddd9ddd4ac1b70f"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 72617045 66326317
content-type: image/png
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=601632
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 N%26O%20Breaking%20Crime%20News-school%20threat.png
www.newsobserver.com/latest-news/80ksf6/picture274393005/alternates/LANDSCAPE_768/ 369 KB
371 KB 22ms
19ms Image
image/png 104.85.251.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/80ksf6/picture274393005/alternates/LANDSCAPE_768/N%26O%20Breaking%20Crime%20News-school%20threat.png
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.251.10 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-251-10.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: a9ceed07a4f2a68137f9c01a8450702246a2b70a3f392c27533a44134977affb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:39 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 1536
server-timing: ak_p; desc="467149_1490933439_889522843_28_7098_11_0";dur=1
content-length: 378323
last-modified: Mon, 17 Apr 2023 11:34:17 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "ea3687e57fa92051169841f5083655c3"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 7543904, 130227112 126293733
content-type: image/png
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=601518
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 IMG-5116.jpg
www.newsobserver.com/latest-news/6gfdgr/picture274375765/alternates/LANDSCAPE_768/ 47 KB
47 KB 39ms
36ms Image
image/jpeg 104.85.251.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/6gfdgr/picture274375765/alternates/LANDSCAPE_768/IMG-5116.jpg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.251.10 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-251-10.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: e36940a2768b869ec60dad91310bb682ce30a85289f4f1bc4d6d0c34baf748c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:39 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 420
server-timing: ak_p; desc="467149_1490933439_889522844_108_6764_11_0";dur=1
content-length: 47913
last-modified: Sun, 16 Apr 2023 15:37:57 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "2832c3aa7f6e8467325904c5f6000cf4"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 121227731 129048402
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=597788
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 101122-CooperBethesdaElementary-KLM-01.jpg
www.newsobserver.com/latest-news/c164x8/picture267154661/alternates/LANDSCAPE_768/ 44 KB
45 KB 43ms
40ms Image
image/jpeg 104.85.251.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/c164x8/picture267154661/alternates/LANDSCAPE_768/101122-CooperBethesdaElementary-KLM-01.jpg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.251.10 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-251-10.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 4d97412074c14efa6b9d69702dcac443ae93e9f091361903f5755af797d6533d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:39 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 2272
server-timing: ak_p; desc="467149_1490933439_889522845_410_8006_11_0";dur=1
content-length: 45566
last-modified: Wed, 12 Oct 2022 00:41:55 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "47ae0f2c93cad8f0a9d922f09176190a"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 1053132170, 206998694 207847466
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=374730
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 k8dk8q89.MECCA.BZ.100308.RTW.JPG
www.newsobserver.com/latest-news/asaqkt/picture274319880/alternates/LANDSCAPE_768/ 28 KB
29 KB 21ms
19ms Image
image/jpeg 104.85.251.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/asaqkt/picture274319880/alternates/LANDSCAPE_768/k8dk8q89.MECCA.BZ.100308.RTW.JPG
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.251.10 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-251-10.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 20beaad16f5b9b79ed5f2901613a93c298fc05d0f0b587499c6848f62486d92c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:39 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 1272
server-timing: ak_p; desc="467149_1490933439_889522846_29_7054_11_0";dur=1
content-length: 28679
last-modified: Fri, 14 Apr 2023 15:08:09 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "03bfeaddce2192ea98cd27cdaf72a63a"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 50352339 39800149
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=360282
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 USATSI_20380308.jpg
www.newsobserver.com/latest-news/ns1k5h/picture273889830/alternates/LANDSCAPE_768/ 56 KB
57 KB 51ms
48ms Image
image/jpeg 104.85.251.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/ns1k5h/picture273889830/alternates/LANDSCAPE_768/USATSI_20380308.jpg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.251.10 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-251-10.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 9c55c6cbc78b72675da89f7bcb675bfd71623cf622ae46b62d1b4ddbc3640f05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:39 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 2754
server-timing: ak_p; desc="467149_1490933439_889522852_91_9253_11_0";dur=1
content-length: 57733
last-modified: Mon, 03 Apr 2023 00:40:54 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "093d6c6fd0b8f7a919392537d4360eb1"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 180260018 168695712
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=358393
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 UnderTheDome-Logo1080.png
www.newsobserver.com/latest-news/uebzac/picture266736556/alternates/LANDSCAPE_768/ 398 KB
399 KB 44ms
42ms Image
image/png 104.85.251.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/uebzac/picture266736556/alternates/LANDSCAPE_768/UnderTheDome-Logo1080.png
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.251.10 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-251-10.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 908077d113b03deb3a26f2f4bc601a1959cf1ee8c07b9c2cf82b52bcbb091d37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:39 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 294691
server-timing: ak_p; desc="467149_1490933439_889522854_103_6449_11_0";dur=1
content-length: 407160
last-modified: Mon, 03 Oct 2022 08:47:02 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "c9d3c48445d640e05071ce9cbd550fac"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 17469092, 256778733 114427274
content-type: image/png
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=341294
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 CANESSENATORS-SP-040423-RTW_15.jpg
www.newsobserver.com/latest-news/dtopme/picture273977950/alternates/LANDSCAPE_768/ 33 KB
34 KB 49ms
47ms Image
image/jpeg 104.85.251.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/dtopme/picture273977950/alternates/LANDSCAPE_768/CANESSENATORS-SP-040423-RTW_15.jpg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.251.10 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-251-10.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: a94af1c51b8380125d20e1038f7319616be7ffb52d4fe3732f4cdf367949442f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:39 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 482
server-timing: ak_p; desc="467149_1490933439_889522855_97_8748_11_0";dur=1
content-length: 33989
last-modified: Wed, 05 Apr 2023 03:54:26 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "d57a46bdf25cc48aa4a6a97b9b621a54"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 6684687 2133757
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=594145
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 3af19d19-905d-4f62-9d69-80b42453b87c.jpeg
www.newsobserver.com/latest-news/xj5ijp/picture273022960/alternates/LANDSCAPE_768/ 63 KB
63 KB 54ms
52ms Image
image/jpeg 104.85.251.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/xj5ijp/picture273022960/alternates/LANDSCAPE_768/3af19d19-905d-4f62-9d69-80b42453b87c.jpeg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.251.10 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-251-10.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: e8cb4665ee266842152260947e23cf0d7183e7fc9a0d305cdd0a7b47b25166b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:39 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 2362
server-timing: ak_p; desc="467149_1490933439_889522856_722_8306_11_0";dur=1
content-length: 64205
last-modified: Sat, 08 Apr 2023 11:45:01 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "f5baf77c0be9663bbf64c6122dd0016f"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 1044352107 1041277492
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=420962
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 CANESSENATORS-SP-040423-RTW_1.jpg
www.newsobserver.com/latest-news/wla9ya/picture273977915/alternates/LANDSCAPE_768/ 60 KB
60 KB 47ms
45ms Image
image/jpeg 104.85.251.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/wla9ya/picture273977915/alternates/LANDSCAPE_768/CANESSENATORS-SP-040423-RTW_1.jpg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.251.10 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-251-10.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 6e6ce075027f897a6f6cfe0ce6190ccff3a5197b189cc328a83e884e9e1383fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:39 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 29604
server-timing: ak_p; desc="467149_1490933439_889522857_195_6396_11_0";dur=1
content-length: 61349
last-modified: Wed, 05 Apr 2023 03:53:34 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "999eb6df6a9445d9391b586826294d88"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 591554085, 265242804 261045017
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=120466
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 jc11.jpg
www.newsobserver.com/latest-news/zlvn5/picture273892090/alternates/LANDSCAPE_768/ 25 KB
26 KB 87ms
85ms Image
image/jpeg 104.85.251.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/zlvn5/picture273892090/alternates/LANDSCAPE_768/jc11.jpg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.251.10 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-251-10.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: e42afa934c4337a24f413b58ed086424693c96b6bc93e0423fea89ee0ea8828e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:39 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 391
server-timing: ak_p; desc="467149_1490933439_889522858_5696_7712_12_0";dur=1
content-length: 25876
last-modified: Mon, 03 Apr 2023 14:33:25 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "56758c278c85afbd6fa55135873fc6e1"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 2727137 1069237169
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=533637
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 040823-NCSTATE.SPRING.FOOTBALL-KLM-01.jpg
www.newsobserver.com/latest-news/6pk7af/picture274118620/alternates/LANDSCAPE_768/ 47 KB
48 KB 61ms
60ms Image
image/jpeg 104.85.251.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/latest-news/6pk7af/picture274118620/alternates/LANDSCAPE_768/040823-NCSTATE.SPRING.FOOTBALL-KLM-01.jpg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.251.10 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-251-10.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 4bb5f60ceb5016a06e5b4f79d8d1444d4c473fcc6915bd59f6d8c9fef1a9f0e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:39 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 27725
server-timing: ak_p; desc="467149_1490933439_889522859_1076_6395_11_0";dur=1
content-length: 48321
last-modified: Sat, 08 Apr 2023 19:53:04 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "604f8f67516f8d75938a2d4e57dff6a3"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 455754867 453268694
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=404806
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 a09cb561-9ba7-4a74-91e2-11985929f2b1
www.mcclatchy-wires.com/incoming/ntf7mi/picture274395065/alternates/LANDSCAPE_768/ 65 KB
66 KB 1161ms
925ms Image
image/jpeg 104.85.251.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mcclatchy-wires.com/incoming/ntf7mi/picture274395065/alternates/LANDSCAPE_768/a09cb561-9ba7-4a74-91e2-11985929f2b1
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.251.10 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-251-10.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 9af8abbfa30c640450f16d2b8aaa72ead3f0fef3082cccd4ea8b9c5756c18f38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:40 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 114
server-timing: ak_p; desc="467149_1490933439_889523298_89439_7724_15_0";dur=1
content-length: 66571
last-modified: Mon, 17 Apr 2023 13:03:21 GMT
x-proxy-forwarding-type: WhiteList
server: MI
etag: "0ae1b951e60926a204bdde2e0a7659ca"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 7548818 3097792
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=604786
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 nyse_3.jpg
www.mcclatchy-wires.com/incoming/xzodnr/picture259259455/alternates/LANDSCAPE_768/ 54 KB
55 KB 277ms
41ms Image
image/jpeg 104.85.251.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mcclatchy-wires.com/incoming/xzodnr/picture259259455/alternates/LANDSCAPE_768/nyse_3.jpg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.251.10 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-251-10.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 1fbe966147fd95ebbe7fbe0112c0d94b831b6a831f9cb985e84886246f4a6388

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:39 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 104
server-timing: ak_p; desc="467149_1490933439_889523299_572_8219_11_0";dur=1
content-length: 55438
last-modified: Mon, 17 Apr 2023 10:14:48 GMT
x-proxy-forwarding-type: WhiteList
server: MI
etag: "4b00ccd2dbbdc3ea06cc0f04c41e8727"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 498543241, 49538050 62543059
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=594623
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 32000%20bed%20with%20prop%203000%20x1650.jpg
www.mcclatchy-partners.com/incoming/1xcwkp/picture274210900/alternates/LANDSCAPE_768/ 20 KB
21 KB 660ms
27ms Image
image/jpeg 104.85.251.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mcclatchy-partners.com/incoming/1xcwkp/picture274210900/alternates/LANDSCAPE_768/32000%20bed%20with%20prop%203000%20x1650.jpg
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.251.10 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-251-10.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 9b3a87571539eef97e9c7f705f532fea1f37fd363f0b093edc82e69f5a433580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:39 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 856
server-timing: ak_p; desc="467149_1490933439_889524005_213_8010_16_0";dur=1
content-length: 20519
last-modified: Tue, 11 Apr 2023 18:49:47 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "2412bd0485de715420d559447c8c170b"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 574265776, 917844584 910976458
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=108329
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 157 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK 87ad898b-e13c-49a5-920c-6d7559dbda63 Show response
https://www.newsobserver.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/87ad898b-e13c-49a5-920c-6d7559dbda63
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/no-bziylos/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9a57f2e736aa6c732a41bccaa3688dee929153db4fa8995d2c56fdc7438d7d80

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK b35e7109-456c-42c4-80ae-6dd646e0afa9 Show response
https://www.newsobserver.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/b35e7109-456c-42c4-80ae-6dd646e0afa9
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/no-bziylos/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b4ebc1f151ddf543d53a392ed36684804df7991894c62f081baeb40bc9701ba

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 6df59813-25c9-47b5-bf04-f43de2cca59a Show response
https://www.newsobserver.com/ 268 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/6df59813-25c9-47b5-bf04-f43de2cca59a
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/no-bziylos/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc32eababe2a5299e8a735ab3ec121f728e38bba46bee509723836a4564d1eca

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Length: 268
Content-Type: text/javascript

GET
BLOB 200
OK 5c3f5ad1-88fd-4e77-9391-e3ad35e2ae20 Show response
https://www.newsobserver.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/5c3f5ad1-88fd-4e77-9391-e3ad35e2ae20
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/no-bziylos/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f26b4f32d9bf2225fe85b430f2e566b5bd58feb48357f056098747da1407144

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 914efa45-845d-4088-892d-ff78359157aa Show response
https://www.newsobserver.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/914efa45-845d-4088-892d-ff78359157aa
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/no-bziylos/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0bc2d854c09f7f94305bbeaa5799f99a81d88687d832f603ff518615af8c125

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/ 409 KB
165 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

669df991bc101ce8036b07e4431b837c3afcfaedd8e18356f1930bdd8235a6ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsobserver.com/
Origin: https://www.newsobserver.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 11:55:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4265
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168106
x-xss-protection: 0
last-modified: Sun, 02 Apr 2023 18:01:18 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 16 Apr 2024 11:55:34 GMT

GET
H2 200 cnx.00bd894ce27503b8f049.js Show response
www.newsobserver.com/no-bziylos/ 4 KB
2 KB 51ms
51ms Script
application/javascript 104.85.251.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/no-bziylos/cnx.00bd894ce27503b8f049.js
Requested by: Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/87ad898b-e13c-49a5-920c-6d7559dbda63
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.251.10 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-251-10.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: aa171daf12bb21cf4a1a99b654359fd1e0956d7e3394445a9b940bbc81112486

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:39 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 323
server-timing: ak_p; desc="467149_1490933439_889523220_2331_10420_11_0";dur=1
content-length: 1585
last-modified: Thu, 13 Apr 2023 15:18:18 GMT
server: MI
etag: W/"10fc-5f9393bf64280"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 7187679, 170374375 164027651
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=267899
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 suggestedContent.3b97301c6ef5f7b63022.js Show response
www.newsobserver.com/no-bziylos/ 7 KB
3 KB 62ms
61ms Script
application/javascript 104.85.251.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/no-bziylos/suggestedContent.3b97301c6ef5f7b63022.js
Requested by: Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/b35e7109-456c-42c4-80ae-6dd646e0afa9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.251.10 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-251-10.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 1d6eb9af0120fb32e723c9909b0595f2bdb6fa3676a749bd26dc76f02fd55667

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:39 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 785
server-timing: ak_p; desc="467149_1490933439_889523263_1463_7888_11_0";dur=1
content-length: 2415
last-modified: Thu, 13 Apr 2023 21:41:33 GMT
server: MI
etag: W/"1c9e-5f93e96921d40"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 989015340, 91361872 98271774
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=291358
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 performance.1bbc4336f8d077cc89ca.js Show response
www.newsobserver.com/no-bziylos/ 7 KB
3 KB 47ms
46ms Script
application/javascript 104.85.251.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/no-bziylos/performance.1bbc4336f8d077cc89ca.js
Requested by: Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/6df59813-25c9-47b5-bf04-f43de2cca59a
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.251.10 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-251-10.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: d06fa419eb1b5abed2803a1282dc4d7f9565e48e77277bcaac91209d7d392295

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:39 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 328
server-timing: ak_p; desc="467149_1490933439_889523264_593_6823_11_0";dur=1
content-length: 2583
last-modified: Thu, 13 Apr 2023 15:18:18 GMT
server: MI
etag: W/"1d9f-5f9393bf64280"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 973944433, 53061536 57281150
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=268011
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 quarantine.afca0552e181a40e169f.js Show response
www.newsobserver.com/no-bziylos/ 29 KB
11 KB 46ms
45ms Script
application/javascript 104.85.251.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/no-bziylos/quarantine.afca0552e181a40e169f.js
Requested by: Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/5c3f5ad1-88fd-4e77-9391-e3ad35e2ae20
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.251.10 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-251-10.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 2ba392aec26b19018ccd66b2310db5d87f1e71b9d93174419d3d8db6387043a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:39 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 781
server-timing: ak_p; desc="467149_1490933439_889523265_605_6419_11_0";dur=1
content-length: 10663
last-modified: Thu, 13 Apr 2023 21:41:33 GMT
server: MI
etag: W/"748d-5f93e96921d40"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 172268036 177583086
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=291308
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 parsely.d714bea4f05e3c34dd13.js Show response
www.newsobserver.com/no-bziylos/ 1 KB
1 KB 59ms
59ms Script
application/javascript 104.85.251.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/no-bziylos/parsely.d714bea4f05e3c34dd13.js
Requested by: Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/914efa45-845d-4088-892d-ff78359157aa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.251.10 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-251-10.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 87057d218a6dcaa930f27abf863b80a30c2a4b12f89f072bd2d5904fc023f887

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:39 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 1398
server-timing: ak_p; desc="467149_1490933439_889523266_1587_6425_11_0";dur=1
content-length: 617
last-modified: Thu, 13 Apr 2023 13:09:33 GMT
server: MI
etag: W/"4b9-5f9376f841d40"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 1100155 7806005
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=261226
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

OPTIONS
H2 200 userprofile
profile-api.amplitude.com/v1/ Frame 0
0 584ms
183ms Preflight 54.212.18.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://profile-api.amplitude.com/v1/userprofile?device_id=ca8b558a-407c-4709-8aab-90fcb6ef649c&get_amp_props=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.212.18.233 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-212-18-233.us-west-2.compute.amazonaws.com

Software

Jetty(9.4.40.v20210413) /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://www.newsobserver.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.newsobserver.com
access-control-max-age: 1800
date: Mon, 17 Apr 2023 13:06:39 GMT
server: Jetty(9.4.40.v20210413)
vary: Origin
x-amzn-trace-id: Root=1-643d445f-056ffa302e2c267223506502
x-content-type-options: nosniff

GET
H2 200 userprofile Show response
profile-api.amplitude.com/v1/ 195 B
432 B 192ms
192ms Fetch
application/json 54.212.18.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://profile-api.amplitude.com/v1/userprofile?device_id=ca8b558a-407c-4709-8aab-90fcb6ef649c&get_amp_props=true

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/no-bziylos/newsobservercore.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.212.18.233 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-212-18-233.us-west-2.compute.amazonaws.com

Software

Jetty(9.4.40.v20210413) /

Resource Hash

242d81e3c511acf14d550a82a39ec7c847b2385ed71c1a1be7326701f961ea79

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsobserver.com/
accept-language: de-DE,de;q=0.9
Authorization: Api-Key 5b9692cfc25dd38c13c7782c17376864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Jetty(9.4.40.v20210413)
x-amzn-trace-id: Root=1-643d445f-56f3021439d336ad272ce278
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
access-control-allow-credentials: true

GET
BLOB 200
OK 83b5fab1-d558-4cc4-9423-fabb09248923 Show response
https://www.newsobserver.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/83b5fab1-d558-4cc4-9423-fabb09248923
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/no-bziylos/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 92becbbb8a47ec768cbc5158b4e28239578327b574072e683e92191ee1a3fc1c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H2 200 htlbid.css
htlbid.com/v3/newsobserver.com/ 3 KB
672 B 458ms
410ms Stylesheet
text/css 13.32.27.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/newsobserver.com/htlbid.css
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/no-bziylos/netdale.b950b1ecfee41b1148b0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-47.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 74b1c9d0e9a310c68a2437a307ddc5f8c58ab3dd1ef63299c2982961837abe5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:40 GMT
content-encoding: br
via: 1.1 103eb504d36d97c9f30550032223d996.cloudfront.net (CloudFront)
last-modified: Fri, 14 Apr 2023 17:37:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
etag: W/"6079441ba3e393b1ed99fc06f4fd2fea"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
cache-control: max-age=600
x-amz-cf-id: iho7TS8zIjgpCx9IlOHsdtzhUAUDKsds8IZHduLQJ3UatOSoyb1HWw==

GET
H2 200 htlbid.js Show response
htlbid.com/v3/newsobserver.com/ 471 KB
126 KB 477ms
429ms Script
application/javascript 13.32.27.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/newsobserver.com/htlbid.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/no-bziylos/netdale.b950b1ecfee41b1148b0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-47.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 49a2c294ac2b124f2ecfe293bd50961f4e1b7d73bb16b8ba3179de4af4bce249

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:40 GMT
content-encoding: br
via: 1.1 103eb504d36d97c9f30550032223d996.cloudfront.net (CloudFront)
last-modified: Fri, 14 Apr 2023 17:37:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
etag: W/"fb02541be3d27df1627354201d9e87b5"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=600
x-amz-cf-id: IlpxYSLCOHhCXiLBN_YdsUyrIf_fKPX4pASJtdnQ_OeASYVygLMjuw==

GET
BLOB 200
OK bb8c5a74-77f7-4ab8-b3d4-4a61e95b7c7d Show response
https://www.newsobserver.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/bb8c5a74-77f7-4ab8-b3d4-4a61e95b7c7d
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/no-bziylos/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a69ddb7d7659bb1766e9b60a001742d8d6a4139add891495ec0876bba5b7bb5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H2 200 si
capi.connatix.com/tr/ 0
77 B 172ms
147ms Image
application/json 172.64.154.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.connatix.com/tr/si?token=45fdac0d-132d-416d-9337-6dc76d9a7ac7&cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:39 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/json
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 7b94e2f37fa9366c-FRA
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
483 B 55ms
8ms Image
image/gif 2600:9000:2127:8800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?adslot=xsrmnm_728x90_
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:8800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 10:51:51 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 97101640da3dcba7a2d4a3d67a31b114.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 2772889
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: h1R_ybuKDmSPckv1fiRxHR6YxukGAhEG1lUHMU3U1XO2EXHE5HCOcQ==

GET
H2 200 cs Show response
mcclatchy.blueconic.net/DG/DEFAULT/ 16 B
704 B 307ms
95ms Script
text/javascript 52.45.98.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://mcclatchy.blueconic.net/DG/DEFAULT/cs?&callback=bc_json275

Requested by

Host: i086.newsobserver.com
URL: https://i086.newsobserver.com/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.45.98.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-98-71.compute-1.amazonaws.com

Software

- /

Resource Hash

71e24f43aec5bdab071ca314c95fa148c47a6345b2f17192d6f7c1e9daee0ae1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Apr 2023 13:06:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-permitted-cross-domain-policies: master-only
content-type: text/javascript; charset=utf-8
p3p: policyref="", CP="DSP"
cache-control: no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag: noindex, nofollow
content-length: 36
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 get Show response
vi.ml314.com/ 264 B
388 B 74ms
32ms Script
application/javascript 35.201.104.135
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://vi.ml314.com/get?eid=88280&tk=Sd8Lhw2fKivbawYXOa0sKaCgKxoI2fc6Kjw9Z4GOBSB2s3d&fp=

Requested by

Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/83b5fab1-d558-4cc4-9423-fabb09248923

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.104.135 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

135.104.201.35.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

9dffbd45ce48bf5e8eeb90b3d8567f8270f217c174de81fe3693d6dcdbaa1588

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
content-encoding: br
via: 1.1 google
date: Mon, 17 Apr 2023 13:06:39 GMT
server: Google Frontend
vary: Accept-Encoding
content-type: application/javascript
cache-control: private,max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 sponsored.41c2d2aaffa3f735f203.js Show response
www.newsobserver.com/no-bziylos/ 1 KB
922 B 29ms
28ms Script
application/javascript 104.85.251.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/no-bziylos/sponsored.41c2d2aaffa3f735f203.js
Requested by: Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/bb8c5a74-77f7-4ab8-b3d4-4a61e95b7c7d
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.251.10 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-251-10.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: b4e8a7b0c86a2399144c01217ce0302137c7833c0bd36de885db5e8afea9b02a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:39 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 2936
server-timing: ak_p; desc="467149_1490933439_889523430_471_7682_19_0";dur=1
content-length: 486
last-modified: Thu, 13 Apr 2023 13:09:33 GMT
server: MI
etag: W/"433-5f9376f841d40"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 161163277, 8327200 871438
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=262829
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
BLOB 200
OK aaf45284-a5ba-4a89-ba52-751014db81e1 Show response
https://www.newsobserver.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/aaf45284-a5ba-4a89-ba52-751014db81e1
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/no-bziylos/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de5c183c3f1addeea3bbb49120172a14b74a379ae0399065be93b35b02094201

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK a631bfc5-9204-4117-95bf-07ba3e36fc96 Show response
https://www.newsobserver.com/ 268 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/a631bfc5-9204-4117-95bf-07ba3e36fc96
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/no-bziylos/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f17450340f165bdd1bdbf40a96d4e18c98f90f5b76651ba7f9ca1ee421f0d09

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Length: 268
Content-Type: text/javascript

GET
BLOB 200
OK da534cad-16bc-46fc-a54e-ee47c0828ffb Show response
https://www.newsobserver.com/ 380 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/da534cad-16bc-46fc-a54e-ee47c0828ffb
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/no-bziylos/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76c14b698a296a429bc47aaaeb6e4806934e09be0bf34375d7ece5ac1f532306

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Length: 380
Content-Type: [object object]

GET
BLOB 200
OK c2622de1-8143-401d-a244-e22b6e6285fe Show response
https://www.newsobserver.com/ 268 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/c2622de1-8143-401d-a244-e22b6e6285fe
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/no-bziylos/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2949531ef55e92d583ce305b63584daeff14868ad3ba5dc2d0d9bc4904c914de

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Length: 268
Content-Type: text/javascript

GET
BLOB 200
OK 053dccc6-97d4-4981-b067-7341e574486c Show response
https://www.newsobserver.com/ Frame F6CF 449 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/053dccc6-97d4-4981-b067-7341e574486c
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b39aac6e708b01212d5d90f030c9418ad131c46ea6f845e46c1652de5ad3fe86

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Length: 449
Content-Type: text/javascript

GET
BLOB 200
OK 2633d3da-2713-4fb1-8111-f5d1d21502fe Show response
https://www.newsobserver.com/ Frame EEAE 466 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/2633d3da-2713-4fb1-8111-f5d1d21502fe
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d10f564111b281963c5fb5366bf9a944c91d141643ea0e711f7a9803d49f1b2a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Length: 466
Content-Type: text/javascript

GET
BLOB 200
OK eb6feac0-8804-4612-bbf9-dfccdef4e4e9 Show response
https://www.newsobserver.com/ Frame C806 555 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/eb6feac0-8804-4612-bbf9-dfccdef4e4e9
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 08c8c947a68522e11e22d26cfa17354fa98089668530f6215849ced631a6aac3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Length: 555
Content-Type: text/javascript

GET
BLOB 200
OK 6b72303b-02cb-4ffc-8c12-94b7f32d15af Show response
https://www.newsobserver.com/ Frame 219B 590 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/6b72303b-02cb-4ffc-8c12-94b7f32d15af
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fbf5a809affc2436edaeec5bf7b723d8feaf4f9e7cbd8ba5f7f0f1e237b17f27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Length: 590
Content-Type: text/javascript

OPTIONS
H2 200 httpapi
api2.amplitude.com/2/ Frame 0
0 183ms
183ms Preflight 34.211.209.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.211.209.234 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-211-209-234.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.newsobserver.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-length: 0
date: Mon, 17 Apr 2023 13:06:39 GMT
strict-transport-security: max-age=15768000

POST
H2 200 httpapi Show response
api2.amplitude.com/2/ 94 B
287 B 213ms
211ms Fetch
application/json 34.211.209.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Requested by

Host: www.newsobserver.com
URL: https://www.newsobserver.com/no-bziylos/newsobservercore.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.211.209.234 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-211-209-234.us-west-2.compute.amazonaws.com

Software

Resource Hash

cfd4f524d36b4f74a0442e7801800fdb7637258095f9cf4b9bd2529fca45e4f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Referer: https://www.newsobserver.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Mon, 17 Apr 2023 13:06:39 GMT
strict-transport-security: max-age=15768000
trace-id: Root=1-643d445f-03f3f17c1e4221990eba3431
content-length: 94
access-control-allow-methods: GET, POST
content-type: application/json

GET
BLOB 200
OK f017a8b6-c6bc-4685-a4d5-3a431406f39b Show response
https://www.newsobserver.com/ 336 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/f017a8b6-c6bc-4685-a4d5-3a431406f39b
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/no-bziylos/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04bef61df524e9ac313166ae273648bf6f613f25a3e57c63ab3e16fff0ea8dca

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Length: 336
Content-Type: [object object]

GET
H2 200 player.css
cds.connatix.com/p/257620/ 64 KB
11 KB 27ms
26ms Stylesheet
text/css 172.64.154.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/257620/player.css
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9edc05982381ab2889031e810fb25a7c87f5587307d4779bb9890cd36fe5189b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:39 GMT
x-amz-version-id: Lf8Y3xxnGIye6qyXc0upo0XChzTimXJr
content-encoding: br
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 14 Apr 2023 16:04:21 GMT
server: cloudflare
etag: W/"7145088910d36c8d1fa9433a90dbe70a"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: text/css
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
cf-ray: 7b94e2f46917366c-FRA
access-control-allow-headers: range
expires: Tue, 16 Apr 2024 13:06:39 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/mcclatchyinteractive-network/ 479 KB
54 KB 51ms
12ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/mcclatchyinteractive-network/loader.js
Requested by: Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/aaf45284-a5ba-4a89-ba52-751014db81e1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1e01b46db25fb99dbf5890f92eb5c46329daf0d81fac40fa422e64a5149cc41a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: pqNXreeXJ9XYDWgFkt0OlkbxazbLucP9
content-encoding: gzip
via: 1.1 varnish
date: Mon, 17 Apr 2023 13:06:39 GMT
x-amz-request-id: MAWV8SWTXGBCPWN0
age: 22797
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 55238
x-amz-id-2: bu6ocQKxSzVCrSmcSxZmoR1/fqdS5vAV6SOg/BVff+UVf+ohhz/jRsiZZ3vMHkf2Ar/yxEWksag=
x-served-by: cache-fra-eddf8230103-FRA
last-modified: Mon, 17 Apr 2023 06:46:19 GMT
server: AmazonS3
x-timer: S1681736799.459284,VS0,VE1
etag: "9d3a5a0564e0a28d2f287b03ba0e1ce6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 37
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 newsroom.js Show response
c2.taboola.com/nr/mcclatchyinteractive-thenewsandobserver/ 64 KB
18 KB 239ms
210ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c2.taboola.com/nr/mcclatchyinteractive-thenewsandobserver/newsroom.js
Requested by: Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/a631bfc5-9204-4117-95bf-07ba3e36fc96
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a1de21c9dad1e1459ec8a4538bf4ae5af953899ecd89301e880d14addadfc566

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 varnish
date: Mon, 17 Apr 2023 13:06:39 GMT
x-amz-request-id: 1Y5TCMHXEC5EHE9H
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 17816
x-amz-id-2: 6CaeDfZLL90YTm70EA2dqpDEvODqhSCYPZxmoWlfnqUd+omRciQJDaDzFwFg2A8IxmIf8o7E0Uw=
x-served-by: cache-hhn-etou8220024-HHN
last-modified: Mon, 23 Jan 2023 19:45:13 GMT
server: AmazonS3
x-timer: S1681736799.453251,VS0,VE200
etag: "12521b7fa4b4f8ee0df71f82c01c34b5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 pdp.gif
www.newsobserver.com/no-bziylos/ 42 B
450 B 178ms
178ms Image
image/gif 104.85.251.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/no-bziylos/pdp.gif?k=eyJpZCI6Im1pX3RpX25hb19jYThiNTU4YS00MDdjLTQ3MDktOGFhYi05MGZjYjZlZjY0OWNfMTY4MTczNjc5ODg3NV8xNjgxNzM2Nzk4ODQ2IiwiZG9tSW50ZXJhY3RpdmUiOjIyMDQsInJlcXVlc3RTdGFydCI6MTA4MH0=
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.251.10 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-251-10.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:39 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 422067
server-timing: ak_p; desc="467149_1490933439_889523620_14710_8059_16_0";dur=1
content-length: 42
last-modified: Wed, 12 Apr 2023 12:10:27 GMT
server: MI
etag: "2a-5f9227e5112c0"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 779779488, 3293565 1966090
content-type: image/gif
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=198027
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 p.js Show response
cdn.parsely.com/keys/newsobserver.com/ 66 KB
23 KB 63ms
25ms Script
application/javascript 65.9.97.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/newsobserver.com/p.js
Requested by: Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/c2622de1-8143-401d-a244-e22b6e6285fe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.97.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-97-61.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: 2ff8dc4161b9a017745c29cdc9594fdff3e16b981f87664a6c3868bf4424ef3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: public
date: Mon, 17 Apr 2023 10:49:16 GMT
content-encoding: gzip
via: 1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
last-modified: Wed, 16 Feb 2022 18:59:58 GMT
server: nginx
x-amz-cf-pop: PRG50-C1
age: 32011
etag: W/"620d49ae-1070c"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: -VLEfd0SIc4EqL87HAqr_PUTPrvtPOQYQINhTC58SPeyYAK1N8ZvVQ==
expires: Tue, 18 Apr 2023 04:13:08 GMT

GET
BLOB 200
OK e61163f0-e932-458e-8ca6-21521e789071 Show response
https://www.newsobserver.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/e61163f0-e932-458e-8ca6-21521e789071
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/no-bziylos/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 72b2317cd22724f82eaa32f4212d46963530bda433e8ffa7b13859127a4414c7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H2 200 i.js Show response
tag.wknd.ai/3581/ 19 KB
6 KB 66ms
11ms Script
text/plain 34.120.253.250
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.wknd.ai/3581/i.js
Requested by: Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/053dccc6-97d4-4981-b067-7341e574486c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 250.253.120.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: 55b33a06e228728e062cd0d597eb8a52609d17e7230a60bbfecdb594480a4328

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:02:13 GMT
content-encoding: gzip
via: 1.1 google
age: 266
x-envoy-upstream-service-time: 0
x-region: us-central1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5570
server: istio-envoy
etag: 6efa6914028ef8
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=60
timing-allow-origin: *
link: <https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://data.cdnbasket.net>; rel=dns-prefetch, <https://page.cdnbasket.net>; rel=dns-prefetch, <https://view.cdnbasket.net>; rel=dns-prefetch, <https://ids.cdnwidget.com>; rel=dns-prefetch, <https://u.cdnwidget.com>; rel=dns-prefetch, <https://pix.cdnwidget.com>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect, <https://pd.cdnwidget.com>; rel=preconnect

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame EEAE 4 KB
2 KB 44ms
19ms Script
application/javascript 13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/2633d3da-2713-4fb1-8111-f5d1d21502fe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 07:32:55 GMT
content-encoding: gzip
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 09:22:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 62649
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: Vp3YswOSk28CBAkQ1bewO1PqJ0OjoXDVbhhYs0bCRRB2OsjIjt9n8A==

GET
H2

200

ml.br.js Show response
js.matheranalytics.com/static/ltm/ma12095/all/10/ Frame C806
Redirect Chain

https://js.matheranalytics.com/s/ma12095/74930332/all/ml.js?cb=1622
https://js.matheranalytics.com/static/ltm/ma12095/all/10/ml.br.js

147 KB
43 KB

9ms
9ms

Script
application/x-javascript

107.178.250.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.matheranalytics.com/static/ltm/ma12095/all/10/ml.br.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Server: 107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.250.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: 292ca9e09a900cde3c17a06720d49db893fc24582958ff8ebad02b22b1a5cbcb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 03:34:58 GMT
content-encoding: br
via: 1.1 google
last-modified: Tue, 01 Nov 2022 21:50:54 GMT
server: nginx
age: 34301
etag: "df0f26567e618c28df8235fe9b93c4ef"
vary: Accept-Encoding
x-cache: HIT Sun, 18 Dec 2022 06:15:12 GMT
content-type: application/x-javascript
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43649

Redirect headers

date: Mon, 17 Apr 2023 13:06:39 GMT
via: 1.1 google
server: nginx
vary: Accept-Encoding
location: https://js.matheranalytics.com/static/ltm/ma12095/all/10/ml.br.js
cache-control: public, max-age=269200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by: 2-gc-europe-west6-8j340994

GET
H/1.1 200
OK fullcontact.js Show response
tags.fullcontact.com/anon/ Frame 219B 35 KB
12 KB 80ms
8ms Script
application/javascript 99.86.4.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.fullcontact.com/anon/fullcontact.js
Requested by: Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/6b72303b-02cb-4ffc-8c12-94b7f32d15af
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-31.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 987d5da0ab9202a9c0f62852a6939b618a0c3eb38db24e4d1afb947bbcd98bc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 04:52:57 GMT
Content-Encoding: br
Via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
Last-Modified: Wed, 02 Nov 2022 20:34:05 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA6-C1
Age: 29622
x-amz-server-side-encryption: AES256
ETag: W/"ed70c713adb9b703a7bd3db8cae895d5"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: sDx7sCWSoUSJXd8wiS22_bVaqVXVVn40BBL4zE-HfFAqk8FixNR8uA==

GET
H2 200 pdp.gif
www.newsobserver.com/no-bziylos/ 42 B
445 B 426ms
426ms Image
image/gif 104.85.251.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/no-bziylos/pdp.gif?z=eyJpZCI6Im1pX3RpX25hb19jYThiNTU4YS00MDdjLTQ3MDktOGFhYi05MGZjYjZlZjY0OWNfMTY4MTczNjc5OTM3NF8xNjgxNzM2Nzk4ODQ2Iiwiem9uZSI6MTR9
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.251.10 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-251-10.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:39 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 422069
server-timing: ak_p; desc="467149_1490933439_889523645_39165_8166_13_0";dur=1
content-length: 42
last-modified: Wed, 12 Apr 2023 12:10:27 GMT
server: MI
etag: "2a-5f9227e5112c0"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 73664423 934860856
content-type: image/gif
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=604800
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 559 KB
156 KB 74ms
19ms Script
application/x-javascript 2.19.229.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: www.newsobserver.com
URL: blob:https://www.newsobserver.com/e61163f0-e932-458e-8ca6-21521e789071
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.229.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-229-35.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b97bd40ed81da00659daeff4bc998c4e1c28e4d54b63c4f22caa982dafbc0458

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 13:06:39 GMT
Content-Encoding: gzip
x-amz-request-id: C2A13T3RF9WXGXV0
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: INnJp4mKlWW3OackWg3MQ5ndct+aFdCQsQWfx6xuTzdzHM9jidrUpgtWWUhx9wNdtgm70Mnn1gw=
Last-Modified: Thu, 13 Apr 2023 16:39:39 GMT
Server: AmazonS3
ETag: "6ad67918ea443c2cc0d1967f130562d8"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

POST
H2 200 collect
logging.pw.adn.cloud/ 0
0 200ms
150ms Fetch
application/json 2606:4700::6812:161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://logging.pw.adn.cloud/collect
Requested by: Host: tags.pw.adn.cloud
URL: https://tags.pw.adn.cloud/2NYPOH/activation_tag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.newsobserver.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 pls Show response
capi.connatix.com/core/ Frame D802 9 KB
4 KB 185ms
184ms XHR
application/x-protobuf 172.64.154.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/pls?v=257620&cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49079d1073f8e4b2601cc764094234110a048b6fb0428ea51af0e1cc887278fc

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Mon, 17 Apr 2023 13:06:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 7b94e2f4a97a366c-FRA
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 b
sb.scorecardresearch.com/ Frame EEAE 0
226 B 11ms
11ms Image
text/plain 13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6035363&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1681736799473&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fwww.newsobserver.com%2F&c8=Raleigh%20NC%20News%2C%20Sports%20%26%20Politics%20%7C%20Raleigh%20News%20%26%20Observer&c9=https%3A%2F%2Fwww.newsobserver.com%2F
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:39 GMT
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: xKCwTv1d2PP1MvJnAuRHXS1VXH1dlKbqYT7JYkKjo5Jp5wn-syqm4g==
x-cache: Miss from cloudfront

GET
H2 200 impl.20230416-24-RELEASE.js Show response
cdn.taboola.com/libtrc/ 755 KB
157 KB 13ms
13ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230416-24-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/mcclatchyinteractive-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 2cb6d2a2ff72a6d2b5de903c7458f14b79b6a293797ae1807efa472cd18605a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id: KYxVcDSh4XyLczD84O442E1gTdfphgpp
content-encoding: br
via: 1.1 varnish
date: Mon, 17 Apr 2023 13:06:39 GMT
x-amz-request-id: C16XJ4GRFHKJSNBH
age: 23339
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 160660
x-amz-id-2: IiBu01+AmN/sxDLhTnoUdtyAV1TuO8l5dQNu3TfJYFrmswfpSSHY40NpAwcdn1p5imqdzY6LFrjmJ/nY5j2gyg==
x-served-by: cache-fra-eddf8230103-FRA
last-modified: Sun, 16 Apr 2023 14:20:42 GMT
server: AmazonS3-br
x-timer: S1681736800.500406,VS0,VE0
etag: "cf887d52a82403ce05abc223fbb26c41"
vary: Accept-Encoding
content-type: application/javascript
abp: 86
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 77590

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 11ms
11ms Script
application/javascript 13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/mcclatchyinteractive-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 07:32:55 GMT
content-encoding: gzip
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 09:22:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 62649
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: zywBKNUu_ah5V3kOEh2z15cbFAsglJ38pmg8LHL0lgIFzfT8db9DwA==

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
257 B 155ms
31ms Image
image/gif 54.155.18.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1681736799515&plid=79221775&idsite=newsobserver.com&url=https%3A%2F%2Fwww.newsobserver.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22subscriber%22%3Afalse%7D&sid=1&surl=https%3A%2F%2Fwww.newsobserver.com%2F&sref=&sts=1681736799512&slts=0&title=Raleigh+NC+News%2C+Sports+%26+Politics+%7C+Raleigh+News+%26+Observer&date=Mon+Apr+17+2023+13%3A06%3A39+GMT%2B0000+(GMT)&action=pageview&pvid=42095459&u=pid%3Da012fce920077ef2a1fcb178c4dee0af
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.155.18.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 13:06:39 GMT
Cache-Control: no-cache
Last-Modified: Monday, 17-Apr-2023 13:06:39 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 runtime_ed54d7cacf42ca7551642baa572e3495.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 2 KB
1 KB 56ms
10ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/runtime_ed54d7cacf42ca7551642baa572e3495.br.js
Requested by: Host: tag.wknd.ai
URL: https://tag.wknd.ai/3581/i.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 70ca695827ee799ccb27df51756e9391870e9abd2ce148c269070152e300e248

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 11:25:12 GMT
content-encoding: br
age: 6087
x-guploader-uploadid: ADPycdswrRZPDSXYDuLcLq74xL_5oGDGEYDfP93tLasCMxbIE_HfnZt3d7ODPslfL3YLZW9oSwEjTFBGmAB3BFg2h-1e
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 672
last-modified: Wed, 12 Apr 2023 17:59:47 GMT
server: UploadServer
etag: "6b390255ab99a0cfade03457a44da3e1"
x-goog-generation: 1681322387171695
x-goog-hash: crc32c=uPCEAw==, md5=azkCVauZoM+t4DRXpE2j4Q==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=3600
x-goog-stored-content-length: 672
accept-ranges: bytes
content-type: text/javascript

GET
H2 204 b
sb.scorecardresearch.com/ 0
226 B 13ms
13ms Image
text/plain 13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1681736799523&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Fwww.newsobserver.com%2F&c8=Raleigh%20NC%20News%2C%20Sports%20%26%20Politics%20%7C%20Raleigh%20News%20%26%20Observer&c9=
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:39 GMT
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: p1T7m6ixDu0SoKwNkUIwRsUsGqIMdSTN6CzD6zIA6ZzEqCDqUSPcdw==
x-cache: Miss from cloudfront

POST
H2 200 pixel_1b9bd4c Show response
www.newsobserver.com/akam/13/ 0
832 B 32ms
31ms XHR
text/html 104.85.251.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsobserver.com/akam/13/pixel_1b9bd4c
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/akam/13/1b9bd4c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.251.10 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-251-10.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsobserver.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 17 Apr 2023 13:06:39 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=0, no-cache
access-control-allow-credentials: false
server-timing: ak_p; desc="467149_1490933439_889523811_712_4297_17_0";dur=1
access-control-allow-headers: *
content-length: 0
expires: Mon, 17 Apr 2023 13:06:39 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 52ms
14ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230416-24-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:39 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 358052
expires: 60

GET
H2 200 json Show response
trc.taboola.com/mcclatchyinteractive-thenewsandobserver/trc/3/ 3 KB
2 KB 90ms
72ms XHR
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/mcclatchyinteractive-thenewsandobserver/trc/3/json?tim=13%3A06%3A39.572&lti=deflated&data=%7B%22id%22%3A786%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1681713975464%2C%22vi%22%3A1681736799566%2C%22cv%22%3A%2220230416-24-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.newsobserver.com%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.newsobserver.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A7691%2C%22nsid%22%3A%22mcclatchyinteractive-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A0%2C%22uim%22%3A%22thumbnails-a%3Apub%3Dmcclatchyinteractive-network%3Aabp%3D0%22%2C%22uip%22%3A%22Homepage%20Thumbnail%201%22%2C%22orig_uip%22%3A%22Homepage%20Thumbnail%201%22%2C%22cd%22%3A1051.0625%2C%22mw%22%3A760%7D%5D%2C%22ex%22%3A%5B%22%2Fentertainment%2Ftv-movies%2Fwarm-tv-blog%2Farticle264559961.html%22%2C%22%2Fentertainment%2Ftv-movies%2Fwarm-tv-blog%2Farticle264662949.html%22%2C%22%2Fentertainment%2Ftv-movies%2Fwarm-tv-blog%2Farticle264636764.html%22%2C%22%2Fnews%2Fstate%2Fnorth-carolina%2Farticle274327460.html%22%2C%22%2Fraleigh-city-guides%2Fthings-to-do%2Farticle274027040.html%22%2C%22%2Fnews%2Fstate%2Fnorth-carolina%2Farticle274391760.html%22%2C%22%2Fliving%2Ffood-drink%2Farticle273918600.html%22%2C%22%2Fnews%2Flocal%2Fcrime%2Farticle274393035.html%22%2C%22%2Fnews%2Fbusiness%2Farticle274169375.html%22%2C%22%2Fopinion%2Farticle274323765.html%22%2C%22%2Fnews%2Fpolitics-government%2Farticle274331395.html%22%2C%22%2Fsports%2Fspt-columns-blogs%2Fluke-decock%2Farticle274333800.html%22%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CHomepage%20Thumbnail%201%3Dthumbnails-a%3Apub%3Dmcclatchyinteractive-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230416-24-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fc31b808ee36a231212d97a273a49689772a6d62fb6d6d2140a6eeaf402b1cb9

Request headers

Referer: https://www.newsobserver.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 57
date: Mon, 17 Apr 2023 13:06:39 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-hhn-etou8220024-HHN
server: nginx
x-timer: S1681736800.599860,VS0,VE57
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.newsobserver.com
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
BLOB 200
OK dd90e085-3bb2-4252-89b5-64ed2381383a Show response
https://www.newsobserver.com/ 368 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newsobserver.com/dd90e085-3bb2-4252-89b5-64ed2381383a
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/no-bziylos/newsobservercore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c8d296fe5e8b17ac20d83e027dc8eb8a594cd0c2336bf38bce7573c2929dbab4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Length: 368
Content-Type: [object object]

POST
H2 204 bulk-metrics Show response
trc-events.taboola.com/mcclatchyinteractive-thenewsandobserver/log/3/ 0
251 B 80ms
13ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/mcclatchyinteractive-thenewsandobserver/log/3/bulk-metrics?lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230416-24-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsobserver.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.newsobserver.com
pragma: no-cache
date: Mon, 17 Apr 2023 13:06:39 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 pdp.gif
www.newsobserver.com/no-bziylos/ 42 B
450 B 175ms
175ms Image
image/gif 104.85.251.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newsobserver.com/no-bziylos/pdp.gif?i=eyJpZCI6Im1pX3RpX25hb19jYThiNTU4YS00MDdjLTQ3MDktOGFhYi05MGZjYjZlZjY0OWNfMTY4MTczNjc5OTM3NF8xNjgxNzM2Nzk4ODQ2IiwiY291bnQiOjEsIm5hbWUiOiJ0aHAgaW1wcmVzc2lvbiJ9
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.251.10 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-251-10.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:39 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 422067
server-timing: ak_p; desc="467149_1490933439_889523965_14913_8480_12_0";dur=1
content-length: 42
last-modified: Wed, 12 Apr 2023 12:10:27 GMT
server: MI
etag: "2a-5f9227e5112c0"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 779779488, 2143728 1966090
content-type: image/gif
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=197992
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET i
www.i.matheranalytics.com/ Frame C806 0
0

GET
H/1.1 200
OK fc-li.js Show response
tags.fullcontact.com/anon/ Frame 219B 17 KB
7 KB 10ms
10ms Script
application/javascript 99.86.4.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.fullcontact.com/anon/fc-li.js
Requested by: Host: tags.fullcontact.com
URL: https://tags.fullcontact.com/anon/fullcontact.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-31.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d1798f00809f57a10e52dd47948ceabfb7a5d6166ee026f06c885ec67076d4ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 02:28:27 GMT
Content-Encoding: br
Via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
Last-Modified: Wed, 02 Nov 2022 20:34:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA6-C1
Age: 38293
x-amz-server-side-encryption: AES256
ETag: W/"d8ccf84ad80ea623b93d63e307d96a7e"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: DRYpzfQM7lVVMckkSYOPAQ0LXx0wu9yNMmTVpYsC1Z9tEiKFg_x2Dg==

GET
H2 200 main-v2_b9d147143bb8c51208a77141889ee503.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 383 KB
75 KB 10ms
10ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_b9d147143bb8c51208a77141889ee503.br.js
Requested by: Host: tag.wknd.ai
URL: https://tag.wknd.ai/3581/i.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 74737067d32db8d46fc69f7f33a99fc3d04deacb1503c2d79ebdf46143b5ab12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 16:59:01 GMT
content-encoding: br
age: 72458
x-guploader-uploadid: ADPycdvs-y51bg8h2q8ei5h1cHQHKgsmjGXK8FOtzsi_5AKYhXpLr67UKX61iHnyVTMCG9YiV4-WRalnbrPCT3O26IZU
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76818
last-modified: Wed, 12 Apr 2023 17:59:30 GMT
server: UploadServer
etag: "f533e51a4f2623438e90e89cc4ae7fcb"
x-goog-generation: 1681322370487293
x-goog-hash: crc32c=Hy5R3Q==, md5=9TPlGk8mI0OOkOicxK5/yw==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=3600
x-goog-stored-content-length: 76818
accept-ranges: bytes
content-type: text/javascript

GET
H2 200 cjs_min_24671f84c10903890805106089f4e82c.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 47 KB
15 KB 22ms
22ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_24671f84c10903890805106089f4e82c.js
Requested by: Host: tag.wknd.ai
URL: https://tag.wknd.ai/3581/i.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 52f0d802424f3a68e6aea8863702f78ef41f33243e764446700f7045b47be552

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 14:22:54 GMT
content-encoding: gzip
age: 81825
x-guploader-uploadid: ADPycdsDSHh16tFdZwUJ8HzJRHxVymbkawFDykZha-8-Bqi6mVLeJteLoX4dmSXF0dKWtbKXT2Yz_b6mbkfPr6aqbHzZ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15251
last-modified: Wed, 15 Mar 2023 15:49:10 GMT
server: UploadServer
etag: "822e57d25679cd0aa96f6bf13ce0bddb"
x-goog-generation: 1678895350318335
x-goog-hash: crc32c=Hbew+g==, md5=gi5X0lZ5zQqpb2vxPOC92w==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=3600,no-transform
x-goog-stored-content-length: 15251
accept-ranges: bytes
content-type: text/javascript; charset=utf-8

POST
H2 200 v2ntunWE1xsFMIShB8l81iX7uInZbvueaftx2Zq2Ay7QlaIPjRg5QzQUAIbYDWzG-6BrSOUS- Show response
scissorsstatement.com/ 206 B
722 B 101ms
57ms Fetch
application/json 2600:1901:0:d733::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://scissorsstatement.com/v2ntunWE1xsFMIShB8l81iX7uInZbvueaftx2Zq2Ay7QlaIPjRg5QzQUAIbYDWzG-6BrSOUS-

Requested by

Host: flowerstreatment.com
URL: https://flowerstreatment.com/v2lqwcGNtbZcnoCw0vMa0Addz7MRoJ7ADWPuZlhvzzozF1IDD97kKhDk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:d733::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

9f393166a853c79004ebef12e520a49b4221612389d6aeed23956183b9417ec9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.newsobserver.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Mon, 17 Apr 2023 13:06:39 GMT
via: 1.1 google
x-buildnumber: 832971200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
x-hostname: fen-hoothoot-europe-west1-b8mh
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Mon, 17 Apr 2023 13:06:38 GMT

GET
H2 200 t Show response
jadserve.postrelease.com/ 1 KB
1 KB 152ms
37ms Script
text/javascript 3.248.88.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.newsobserver.com%2F&ntv_mvi
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.88.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-88-116.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: 7558e7e9054266a96f0562478d08af1656963b7076ef89e561f45cc0f8a9d148

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Apr 2023 13:06:39 GMT
content-encoding: gzip
server: nginx/1.12.2
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 742
expires: Mon, 1 Jan 1990 12:00:00 GMT

POST
H2 200 274 Show response
i086.newsobserver.com/DG/DEFAULT/rest/rpc/ 22 KB
5 KB 283ms
282ms XHR
application/json 2600:9000:223e:3600:4:a557:4cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://i086.newsobserver.com/DG/DEFAULT/rest/rpc/274?referer=https%3A%2F%2Fwww.newsobserver.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2023-04-17T13%3A06%3A39%2B00%3A00&ts=1681736799684

Requested by

Host: i086.newsobserver.com
URL: https://i086.newsobserver.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:3600:4:a557:4cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

- /

Resource Hash

a32b602f3bac01ae978dbea1f4569b56a8905a3caea90667cb5661361dcde57a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newsobserver.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 17 Apr 2023 13:06:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 3759
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: BMSvgZrFxgjTBcwmiumzRTplst7jBgxezbUpw0jszKcZ-Gubzrmr8w==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET insights.bin
ins.connatix.com/3c29f740-90f7-442f-ae9f-4d80b1dbf581/5/ Frame D802 0
0

POST /
pl.connatix.com/ Frame D802 0
0

GET insights.bin
ins.connatix.com/1f008a71-0bb9-427a-9987-21a8c297d93e/3/ Frame D802 0
0

GET blockedDomains_6.bin
lit.connatix.com/08d7c5ed-194d-4552-8a9b-750201d79e22/ Frame D802 0
0

GET
H2 200 wps-custom-js.js Show response
assets.connatix.com/Elements/b7b148f8-e199-4447-8167-58d897dd5768/ 1 KB
871 B 48ms
27ms Script
application/x-javascript 172.64.154.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.connatix.com/Elements/b7b148f8-e199-4447-8167-58d897dd5768/wps-custom-js.js
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fba77aa733c49e480958aa2de564f8fac93c88f092d3c8f288a2e1d33aa59014

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 27 Feb 2023 17:54:25 GMT
server: cloudflare
etag: W/"21fb96e555a9803c998521ed721d0b5f"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
vary: Origin, Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 7b94e2f66c3e366c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 16 Apr 2024 13:06:39 GMT

GET
H2 200 wps-custom-css.css
assets.connatix.com/Elements/b7b148f8-e199-4447-8167-58d897dd5768/ 210 B
314 B 45ms
24ms Stylesheet
text/css 172.64.154.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.connatix.com/Elements/b7b148f8-e199-4447-8167-58d897dd5768/wps-custom-css.css
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7ad52f6852de9481a13b90a5fe61d694f8403bf3154547b8f0b07a44686973d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 13 Feb 2023 17:02:09 GMT
server: cloudflare
etag: W/"02e4633b767f1fbff5c21b6ce2b99233"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
vary: Origin, Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 7b94e2f66c3d366c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 16 Apr 2024 13:06:39 GMT

POST sr
capi.connatix.com/tr/ Frame D802 0
0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
26 KB 173ms
96ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=1ffe5d7e-eb53-11e9-b4d2-06948452ae1a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdb78a1c48c930a8e0271a46a97975a6af2fa2d5ea9202f8ed763dd5a78f566d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25681
x-xss-protection: 0
server: cafe
etag: 475 / 19464 / 31073792 / config-hash: 8389153620050288265
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 17 Apr 2023 13:06:39 GMT

GET 3_media.bin
vid.connatix.com/pid-ad49f143-0bec-4fe9-bac9-3cc8665caf2e/26c66984-3bf5-4a09-a7f9-94e226218623/ Frame D802 0
0

GET ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame D802 0
0

GET elements.ui.b5b880a7c49b61bad744.js
cds.connatix.com/p/257620/ Frame D802 0
0

GET 5_media.bin
vid.connatix.com/pid-ad49f143-0bec-4fe9-bac9-3cc8665caf2e/b546e3ed-c1cc-40e1-bda4-a4b3af830410/ Frame D802 0
0

GET 10_media.bin
vid.connatix.com/pid-ad49f143-0bec-4fe9-bac9-3cc8665caf2e/dc72a934-29f5-4f72-9352-4a506584b790/ Frame D802 0
0

GET 5_media.bin
vid.connatix.com/pid-ad49f143-0bec-4fe9-bac9-3cc8665caf2e/386600f4-c71c-43bb-a5c6-3dd02e492ac5/ Frame D802 0
0

GET 5_media.bin
vid.connatix.com/pid-ad49f143-0bec-4fe9-bac9-3cc8665caf2e/3c29f740-90f7-442f-ae9f-4d80b1dbf581/ Frame D802 0
0

GET 8_media.bin
vid.connatix.com/pid-ad49f143-0bec-4fe9-bac9-3cc8665caf2e/31425c30-bc0d-4237-b2e4-53bca00f75e2/ Frame D802 0
0

GET 8_media.bin
vid.connatix.com/pid-ad49f143-0bec-4fe9-bac9-3cc8665caf2e/83be719a-9905-4990-ad13-963904905339/ Frame D802 0
0

GET 5_media.bin
vid.connatix.com/pid-ad49f143-0bec-4fe9-bac9-3cc8665caf2e/b52f2e9e-07e3-402c-9b00-aacb13a40990/ Frame D802 0
0

GET 3_media.bin
vid.connatix.com/pid-ad49f143-0bec-4fe9-bac9-3cc8665caf2e/1f008a71-0bb9-427a-9987-21a8c297d93e/ Frame D802 0
0

GET 5_media.bin
vid.connatix.com/pid-ad49f143-0bec-4fe9-bac9-3cc8665caf2e/cc3248b5-262f-4fbf-bf45-51004d067bfb/ Frame D802 0
0

GET
H2 200 json Show response
hp.taboola.com/mcclatchyinteractive-thenewsandobserver/trc/3/ 6 KB
3 KB 322ms
316ms XHR
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://hp.taboola.com/mcclatchyinteractive-thenewsandobserver/trc/3/json?tim=13%3A06%3A39.797&lti=deflated&data=%7B%22id%22%3A932%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3A%22v2_ee9de3c90eea80620a1862d56108cb77_47dbe4dd-9303-427d-a5b8-3b473466d5fc-tuctb36c9df_1681736799_1681736799_CIi3jgYQoNlWGM6qzPr4MCABKAEwODib4wlAiIoQSKvH2QNQ____________AVgAYABop8yVw4ODr5VFcAA%22%2C%22ui%22%3A%2247dbe4dd-9303-427d-a5b8-3b473466d5fc-tuctb36c9df%22%2C%22uifp%22%3A%2247dbe4dd-9303-427d-a5b8-3b473466d5fc-tuctb36c9df%22%2C%22lbt%22%3A1681713975464%2C%22vi%22%3A1681736799566%2C%22cv%22%3A%2220230416-24-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.newsobserver.com%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.newsobserver.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22e%22%3A%22https%3A%2F%2Fwww.newsobserver.com%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A7760%2C%22nsid%22%3A%22mcclatchyinteractive-network%22%2C%22ad%22%3A%7B%22hp4uGetRegions%22%3Atrue%7D%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A0%2C%22uim%22%3A%22organic-hp-swap-mode%3Apub%3Dmcclatchyinteractive-network%3Aabp%3D0%22%2C%22uip%22%3A%22HP%20Latest%22%2C%22orig_uip%22%3A%22HP%20Latest%22%2C%22cd%22%3A0%2C%22mw%22%3A0%2C%22amw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A0%2C%22uim%22%3A%22organic-hp-swap-mode%3Apub%3Dmcclatchyinteractive-network%3Aabp%3D0%22%2C%22uip%22%3A%22HP%20Local%22%2C%22orig_uip%22%3A%22HP%20Local%22%2C%22cd%22%3A0%2C%22mw%22%3A0%2C%22amw%22%3A0%7D%5D%2C%22ex%22%3A%5B%22%2Fentertainment%2Ftv-movies%2Fwarm-tv-blog%2Farticle264559961.html%22%2C%22%2Fentertainment%2Ftv-movies%2Fwarm-tv-blog%2Farticle264662949.html%22%2C%22%2Fentertainment%2Ftv-movies%2Fwarm-tv-blog%2Farticle264636764.html%22%2C%22%2Fnews%2Fstate%2Fnorth-carolina%2Farticle274327460.html%22%2C%22%2Fraleigh-city-guides%2Fthings-to-do%2Farticle274027040.html%22%2C%22%2Fnews%2Fstate%2Fnorth-carolina%2Farticle274391760.html%22%2C%22%2Fliving%2Ffood-drink%2Farticle273918600.html%22%2C%22%2Fnews%2Flocal%2Fcrime%2Farticle274393035.html%22%2C%22%2Fnews%2Fbusiness%2Farticle274169375.html%22%2C%22%2Fopinion%2Farticle274323765.html%22%2C%22%2Fnews%2Fpolitics-government%2Farticle274331395.html%22%2C%22%2Fsports%2Fspt-columns-blogs%2Fluke-decock%2Farticle274333800.html%22%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CHP%20Latest%3Dorganic-hp-swap-mode%3Apub%3Dmcclatchyinteractive-network%3Aabp%3D0%2C%2CHP%20Local%3Dorganic-hp-swap-mode%3Apub%3Dmcclatchyinteractive-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_2%22%2C%22trcDomain%22%3A%22hp.taboola.com%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230416-24-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c15897598763a6e9bfba326ea2b191fb9155fe700338f7c60110ed252a70ef6e

Request headers

Referer: https://www.newsobserver.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 304
date: Mon, 17 Apr 2023 13:06:40 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-hhn-etou8220024-HHN
server: nginx
x-timer: S1681736800.804712,VS0,VE304
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.newsobserver.com
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H2 204 abtests
trc.taboola.com/mcclatchyinteractive-thenewsandobserver/log/3/ 0
87 B 20ms
19ms Ping
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/mcclatchyinteractive-thenewsandobserver/log/3/abtests?lti=deflated&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-dupChecker%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1681736799798%7D&tim=13%3A06%3A39.798&id=5378&llvl=2&ri=b5f46fd0427fd4376e053a0f0adcf319&sd=v2_ee9de3c90eea80620a1862d56108cb77_47dbe4dd-9303-427d-a5b8-3b473466d5fc-tuctb36c9df_1681736799_1681736799_CIi3jgYQoNlWGM6qzPr4MCABKAEwODib4wlAiIoQSKvH2QNQ____________AVgAYABop8yVw4ODr5VFcAA&ui=47dbe4dd-9303-427d-a5b8-3b473466d5fc-tuctb36c9df&pi=/&pt=home&vi=1681736799566&
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230416-24-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Mon, 17 Apr 2023 13:06:39 GMT
via: 1.1 varnish
x-served-by: cache-hhn-etou8220024-HHN
server: nginx
x-timer: S1681736800.803926,VS0,VE9
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.newsobserver.com
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H2 204 abtests
trc.taboola.com/mcclatchyinteractive-thenewsandobserver/log/3/ 0
56 B 20ms
19ms Ping
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/mcclatchyinteractive-thenewsandobserver/log/3/abtests?lti=deflated&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-ct%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1681736799800%7D&tim=13%3A06%3A39.800&id=1934&llvl=2&ri=b5f46fd0427fd4376e053a0f0adcf319&sd=v2_ee9de3c90eea80620a1862d56108cb77_47dbe4dd-9303-427d-a5b8-3b473466d5fc-tuctb36c9df_1681736799_1681736799_CIi3jgYQoNlWGM6qzPr4MCABKAEwODib4wlAiIoQSKvH2QNQ____________AVgAYABop8yVw4ODr5VFcAA&ui=47dbe4dd-9303-427d-a5b8-3b473466d5fc-tuctb36c9df&pi=/&pt=home&vi=1681736799566&
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230416-24-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Mon, 17 Apr 2023 13:06:39 GMT
via: 1.1 varnish
x-served-by: cache-hhn-etou8220024-HHN
server: nginx
x-timer: S1681736800.804678,VS0,VE9
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.newsobserver.com
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H2 204 abtests
trc.taboola.com/mcclatchyinteractive-thenewsandobserver/log/3/ 0
60 B 20ms
20ms Ping
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/mcclatchyinteractive-thenewsandobserver/log/3/abtests?lti=deflated&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-excludeUrl%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1681736799801%7D&tim=13%3A06%3A39.801&id=789&llvl=2&ri=b5f46fd0427fd4376e053a0f0adcf319&sd=v2_ee9de3c90eea80620a1862d56108cb77_47dbe4dd-9303-427d-a5b8-3b473466d5fc-tuctb36c9df_1681736799_1681736799_CIi3jgYQoNlWGM6qzPr4MCABKAEwODib4wlAiIoQSKvH2QNQ____________AVgAYABop8yVw4ODr5VFcAA&ui=47dbe4dd-9303-427d-a5b8-3b473466d5fc-tuctb36c9df&pi=/&pt=home&vi=1681736799566&
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230416-24-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-vcl-time-ms: 10
pragma: no-cache
date: Mon, 17 Apr 2023 13:06:39 GMT
via: 1.1 varnish
x-served-by: cache-hhn-etou8220024-HHN
server: nginx
x-timer: S1681736800.804699,VS0,VE10
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.newsobserver.com
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 debug
trc-events.taboola.com/mcclatchyinteractive-thenewsandobserver/log/2/ 0
89 B 18ms
18ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/mcclatchyinteractive-thenewsandobserver/log/2/debug?tim=13%3A06%3A39.784&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbnails-a&llvl=2&id=7459&cv=20230416-24-RELEASE&lt=deflated&pct=1
Requested by: Host: www.newsobserver.com
URL: https://www.newsobserver.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.newsobserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:39 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12829

POST /
pl.connatix.com/ Frame D802 0
0

POST
H2 204 bulk-metrics Show response
trc-events.taboola.com/mcclatchyinteractive-thenewsandobserver/log/3/ 0
250 B 14ms
13ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/mcclatchyinteractive-thenewsandobserver/log/3/bulk-metrics?lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230416-24-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.newsobserver.com
pragma: no-cache
date: Mon, 17 Apr 2023 13:06:39 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H2 200 v2gotCkBdnk5WmBwCUZAfq9sWByshebVQdZeznapAKbV8OgvlVccluTLwbG19aZqZv9SOfKW5 Show response
scissorsstatement.com/ 3 B
73 B 21ms
19ms Fetch
application/json 2600:1901:0:d733::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://scissorsstatement.com/v2gotCkBdnk5WmBwCUZAfq9sWByshebVQdZeznapAKbV8OgvlVccluTLwbG19aZqZv9SOfKW5

Requested by

Host: flowerstreatment.com
URL: https://flowerstreatment.com/v2lqwcGNtbZcnoCw0vMa0Addz7MRoJ7ADWPuZlhvzzozF1IDD97kKhDk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:d733::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Mon, 17 Apr 2023 13:06:39 GMT
via: 1.1 google
x-buildnumber: 832971200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.newsobserver.com
x-hostname: fen-hoothoot-europe-west1-b8mh
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie

GET
H/1.1 200
OK / Show response
data.cdnbasket.net/ 14 B
338 B 579ms
120ms XHR
application/json 34.98.88.136
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.cdnbasket.net/
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_24671f84c10903890805106089f4e82c.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.88.136 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 136.88.98.34.bc.googleusercontent.com
Software: /
Resource Hash: 26e394c8bd847b5e9c4649a41eb1936db4fce85fbf462beed2a9a3f131bd761a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Apr 2023 13:06:40 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1 200
OK / Show response
page.cdnbasket.net/ 14 B
338 B 458ms
122ms XHR
application/json 34.117.121.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://page.cdnbasket.net/
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_24671f84c10903890805106089f4e82c.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.121.15 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 15.121.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 0869744a5242249d78d150c4fa9496c32192f67745486c9681180d6a18fd0550

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Apr 2023 13:06:40 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1 200
OK / Show response
view.cdnbasket.net/ 14 B
338 B 321ms
179ms XHR
application/json 35.201.121.164
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://view.cdnbasket.net/
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_24671f84c10903890805106089f4e82c.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.121.164 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 164.121.201.35.bc.googleusercontent.com
Software: /
Resource Hash: a4b3ba70fe4d9dd147e3febf347153c54c0a756e1664c82b6d43046aa53d8d6a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Apr 2023 13:06:40 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 31ms
31ms Image
image/gif 3.248.88.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=1800647&ntv_pl=1092952
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.88.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-88-116.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Apr 2023 13:06:39 GMT
server: nginx/1.12.2
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 gdprConsent
jadserve.postrelease.com/ 43 B
427 B 30ms
30ms Image
image/gif 3.248.88.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/gdprConsent?ntv_pl=1092952&ntv_gdpr_consent=&ntv_it
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.88.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-88-116.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Apr 2023 13:06:39 GMT
server: nginx/1.12.2
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 204 debug
trc-events.taboola.com/mcclatchyinteractive-thenewsandobserver/log/2/ 0
89 B 14ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/mcclatchyinteractive-thenewsandobserver/log/2/debug?tim=13%3A06%3A40.123&type=error&msg=Error%20in%20TRC.handleLoadResponse%20%3A%20%3A%20Cannot%20read%20properties%20of%20null%20(reading%20%27getElementsByTagName%27)&llvl=2&id=2652&cv=20230416-24-RELEASE&lt=deflated&pct=1
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:40 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13192

GET
H2 200 c Show response
ids.cdnwidget.com/ 31 B
204 B 251ms
121ms XHR
application/json 34.107.191.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ids.cdnwidget.com/c?cookieID=&deviceID=&iv=&v=&GCH1=&SCH1=&GCS1=254118178&GCS2=YjdlNDY3OTQtNzc1Ny00MDhkLWE3Y2UtZTZlYjhjY2U2YTVmLmxvY2Fs&pe=false&wsid=3581&varID=&varData=undefined&log=%7B%22config%22%3A%7B%22gmEN%22%3Atrue%2C%22pixEN%22%3Atrue%7D%2C%22apikey%22%3A%222%5EHIykD%22%2C%22cjsversion%22%3A%221.5.9%22%2C%22wsid%22%3A3581%2C%22loadID%22%3A%22U5eE6HZk1EFMaUZ%22%2C%22timing%22%3A%7B%22sessionStorageLoad%22%3A39%2C%22IDStageStart%22%3A39%2C%22netComplete%22%3A174%2C%22obsReqview%22%3A363%2C%22obsReqpage%22%3A499%2C%22obsReqdata%22%3A620%2C%22IDStagePrefire%22%3A621%7D%2C%22matches%22%3A%7B%22cookie%22%3Afalse%2C%22LS%22%3Afalse%7D%2C%22info%22%3A%7B%22isSpoofed%22%3Afalse%2C%22PM%22%3Afalse%2C%22DNT%22%3Afalse%2C%22deviceTimezone%22%3A0%2C%22extensionID%22%3Anull%2C%22externalID%22%3Anull%2C%22agent%22%3A%7B%22device%22%3Anull%7D%2C%22firstLoad%22%3Atrue%7D%7D
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_24671f84c10903890805106089f4e82c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.191.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.191.107.34.bc.googleusercontent.com
Software: /
Resource Hash: 6627c5ab36fa407f18fc9b6987e359eccef005ae6d35b370d2142b7daa770324

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-origin: https://www.newsobserver.com
date: Mon, 17 Apr 2023 13:06:40 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

GET
H2 204 cjs-logger
e.cdnwidget.com/ 0
100 B 165ms
123ms Image
image/png 34.102.193.48
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.cdnwidget.com/cjs-logger?source=ID%20generation%20error&severity=Warning&error=Country%2520not%2520allowed&cookieID=&deviceID=&BXWID=3581&warpspeed=2%5EHIykD&loadID=U5eE6HZk1EFMaUZ&version=1.5.9
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.193.48 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 48.193.102.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 13:06:40 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/png

POST
H2 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 124ms
44ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.i.matheranalytics.com
URL: https://www.i.matheranalytics.com/i?e=pv&page=ml&hier=_HomePage&ptype=homepage&pubname=The%20News%20%26amp%3B%20Observer&sec=Homepage&tv=js-3.0.160&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=10&tvcfg=all&tid=f8d8dd42-2ace-4608-90ff-442f3a87a8ab&pid=18cfc2bb-754b-48a4-876a-1e2237dbc620&dtm=1681736799626&qnm=_matherq&visible=1&tabid=eabb3936-0e1c-4fba-a6c3-26ccca8661af&refr=https%3A%2F%2Fwww.newsobserver.com%2F&url=https%3A%2F%2Fwww.newsobserver.com%2F&vrefr=https%3A%2F%2Fwww.newsobserver.com%2F&vp=0x0&ds=0x0&tofa=1681736800&vid=1&lvidt=1681736800&duid=a30c288f-114e-487f-a182-b9486e742358&fp=3029393183&cid=ma12095&mrk=74930332&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTY4MTczNjc5Njc5MSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIyNm1iIiwiaGVhcFQiOiIzMy4xbWIiLCJmc3RQYWludCI6IjIxNjkiLCJmZXRjaFMiOiI5NTMiLCJkb21haW5TIjoiOTU0IiwiZG9tYWluRSI6Ijk5MyIsImNvbm5TIjoiOTkzIiwiY29ubkUiOiIxMDgwIiwic3NsUyI6IjEwMDUiLCJyZXF1UyI6IjEwODAiLCJyZXNwUyI6IjE3NTAiLCJyZXNwRSI6IjE3NjEiLCJkb21Mb2FkIjoiMTc1MyIsImRvbUludGVyIjoiMjIwNCIsImRvbUxvYWRTIjoiMjIzMyIsImRvbUxvYWRFIjoiMjM1MSJ9fQ

Domain: ins.connatix.com
URL: https://ins.connatix.com/3c29f740-90f7-442f-ae9f-4d80b1dbf581/5/insights.bin

Domain: pl.connatix.com
URL: https://pl.connatix.com/

Domain: ins.connatix.com
URL: https://ins.connatix.com/1f008a71-0bb9-427a-9987-21a8c297d93e/3/insights.bin

Domain: lit.connatix.com
URL: https://lit.connatix.com/08d7c5ed-194d-4552-8a9b-750201d79e22/blockedDomains_6.bin

Domain: capi.connatix.com
URL: https://capi.connatix.com/tr/sr?v=257620&tier=1

Domain: vid.connatix.com
URL: https://vid.connatix.com/pid-ad49f143-0bec-4fe9-bac9-3cc8665caf2e/26c66984-3bf5-4a09-a7f9-94e226218623/3_media.bin

Domain: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Domain: cds.connatix.com
URL: https://cds.connatix.com/p/257620/elements.ui.b5b880a7c49b61bad744.js

Domain: vid.connatix.com
URL: https://vid.connatix.com/pid-ad49f143-0bec-4fe9-bac9-3cc8665caf2e/b546e3ed-c1cc-40e1-bda4-a4b3af830410/5_media.bin

Domain: vid.connatix.com
URL: https://vid.connatix.com/pid-ad49f143-0bec-4fe9-bac9-3cc8665caf2e/dc72a934-29f5-4f72-9352-4a506584b790/10_media.bin

Domain: vid.connatix.com
URL: https://vid.connatix.com/pid-ad49f143-0bec-4fe9-bac9-3cc8665caf2e/386600f4-c71c-43bb-a5c6-3dd02e492ac5/5_media.bin

Domain: vid.connatix.com
URL: https://vid.connatix.com/pid-ad49f143-0bec-4fe9-bac9-3cc8665caf2e/3c29f740-90f7-442f-ae9f-4d80b1dbf581/5_media.bin

Domain: vid.connatix.com
URL: https://vid.connatix.com/pid-ad49f143-0bec-4fe9-bac9-3cc8665caf2e/31425c30-bc0d-4237-b2e4-53bca00f75e2/8_media.bin

Domain: vid.connatix.com
URL: https://vid.connatix.com/pid-ad49f143-0bec-4fe9-bac9-3cc8665caf2e/83be719a-9905-4990-ad13-963904905339/8_media.bin

Domain: vid.connatix.com
URL: https://vid.connatix.com/pid-ad49f143-0bec-4fe9-bac9-3cc8665caf2e/b52f2e9e-07e3-402c-9b00-aacb13a40990/5_media.bin

Domain: vid.connatix.com
URL: https://vid.connatix.com/pid-ad49f143-0bec-4fe9-bac9-3cc8665caf2e/1f008a71-0bb9-427a-9987-21a8c297d93e/3_media.bin

Domain: vid.connatix.com
URL: https://vid.connatix.com/pid-ad49f143-0bec-4fe9-bac9-3cc8665caf2e/cc3248b5-262f-4fbf-bf45-51004d067bfb/5_media.bin

Domain: pl.connatix.com
URL: https://pl.connatix.com/

Verdicts & Comments Add Verdict or Comment

136 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i086.newsobserver.com/DG/DEFAULT	1970-01-20 11:08:57	Name: BCTempID Value: 38c5aa21-c557-408c-8a0c-0c7653b4984d
.newsobserver.com/	1970-01-20 11:09:03	Name: ak_bmsc Value: 5A3A092C360B94DC7DE8FCC88BFF2722~000000000000000000000000000000~YAAQv9bdWAaThWeHAQAANRVTjxMKZuPbB9PD5yZMHYBK4zjwDllvBcF4eGsoFoufE8Qu/hLoIb/A/O+jPpWiJCCpEAebsbIa9TgWASoB7subvH0gi863gzuZOzZCTWZ8lTX7BzWscYvhYcXr83bbCiUN3NRHTGDYq9qbMz/TLo6eiv3NYWflFI9d9SsPnSibt7bwWONJoLmdL2ifKiN1fTjNGuctPkt6Aqf75sCKPs/M7TQYdPvJk7Tjk87UztCPVfq4nbqO2fGsqgRAjJlBNac2QiCNcO3E0lIr49bBcdka5gPZ5DeFhsJmDrGMqZtIkCK+v+fm7tvy8P4+aK0F5VH3ZpnyElCUvf01nC6U4yLG4Z/KWHQaVNLHQx+PaftD9whpKjxTIXdb0/jWpXLiDzrIFqsu4Xe0n8lsR23yabCMpJyqrh0H17nnMpjUWibWSZtQodl3WvppGOWo2qL1aYXz5I1CWsM5Dh5Sr6k7XQCkXMK2kuC5LWM7gQ==
mcclatchy.blueconic.net/	1970-01-20 11:19:01	Name: AWSALBCORS Value: NQewKxD69I6Pr8HxblnzORR8eUOnSAD1BVWYSULiYv1ALEJaEAJKBQd9fKIIzy0LPEjb9rCSpqrxb+nNdmimPGeb+TBfDzOF1/pNGFjlUEyjmDChDdOWABBMsxsA
.postrelease.com/	1970-01-20 19:54:32	Name: opt_out Value: 1
i086.newsobserver.com/	1970-01-20 11:19:01	Name: AWSALB Value: ar+lF8DykQ8xSEyBC3V34yVCW/yDIeRI3T04/NpN58xZIMOtD02XG5jcSrPN2MwcJ+5iKtj7X5qYcAwH594rSeNSNzPfHzXOppjscBSqAAe7GHGS+lTIpFUcxEKK
i086.newsobserver.com/	1970-01-20 11:19:01	Name: AWSALBCORS Value: ar+lF8DykQ8xSEyBC3V34yVCW/yDIeRI3T04/NpN58xZIMOtD02XG5jcSrPN2MwcJ+5iKtj7X5qYcAwH594rSeNSNzPfHzXOppjscBSqAAe7GHGS+lTIpFUcxEKK

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://www.newsobserver.com/no-bziylos/quarantine.afca0552e181a40e169f.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security	warning	URL: https://www.newsobserver.com/no-bziylos/quarantine.afca0552e181a40e169f.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security	warning	URL: https://www.newsobserver.com/no-bziylos/quarantine.afca0552e181a40e169f.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security	warning	URL: https://www.newsobserver.com/no-bziylos/quarantine.afca0552e181a40e169f.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.lab.amplitude.com
api2.amplitude.com
assets.bounceexchange.com
assets.connatix.com
c2.taboola.com
capi.connatix.com
cd.connatix.com
cdn.parsely.com
cdn.taboola.com
cds.connatix.com
data.cdnbasket.net
e.cdnwidget.com
flowerstreatment.com
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
hp.taboola.com
htlbid.com
i086.newsobserver.com
ids.cdnwidget.com
imasdk.googleapis.com
ins.connatix.com
jadserve.postrelease.com
js.matheranalytics.com
lit.connatix.com
logging.pw.adn.cloud
mcclatchy-next-apps-prod.s3.amazonaws.com
mcclatchy.blueconic.net
media.mcclatchy.com
newsobserver.com
p1.parsely.com
page.cdnbasket.net
pagead2.googlesyndication.com
pl.connatix.com
profile-api.amplitude.com
s.ntv.io
sb.scorecardresearch.com
scissorsstatement.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
tag.wknd.ai
tags.fullcontact.com
tags.pw.adn.cloud
trc-events.taboola.com
trc.taboola.com
vi.ml314.com
vid.connatix.com
view.cdnbasket.net
www.google.com
www.gstatic.com
www.heraldsun.com
www.i.matheranalytics.com
www.mcclatchy-partners.com
www.mcclatchy-wires.com
www.newsobserver.com
capi.connatix.com
cds.connatix.com
imasdk.googleapis.com
ins.connatix.com
lit.connatix.com
pl.connatix.com
vid.connatix.com
www.i.matheranalytics.com
104.85.251.10
107.178.250.234
13.32.121.37
13.32.27.47
141.226.228.48
151.101.1.44
151.101.129.44
151.101.194.132
166.108.36.245
172.64.154.204
2.19.229.35
2600:1901:0:7416::1
2600:1901:0:d733::1
2600:9000:2127:8800:8:48e:53c0:93a1
2600:9000:223e:3600:4:a557:4cc0:93a1
2606:4700::6812:161
2a00:1450:4001:806::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:812::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2003
2a02:2638:3::c
3.248.88.116
3.5.28.101
34.102.193.48
34.107.191.194
34.117.121.15
34.120.253.250
34.211.209.234
34.98.72.95
34.98.88.136
35.201.104.135
35.201.121.164
52.45.98.71
54.155.18.159
54.212.18.233
65.9.97.61
99.86.4.31
0023ead8fe6e4d37f8a0074c497a5e93c9a94c4dab8096920567775b364d55c0
0137d038d24a70183ea1467d7f3210a388e342535d4aef6ce0977a1a4a5a359b
02e1948e54c1b23b0d5e5a5ed4cdac9a923a50af0d6f0cc459201ec903ca76c1
03c5168b9326913b1e13b493a67a64a7fd5d153a25ec7a68ea5de5f13dae5722
04bef61df524e9ac313166ae273648bf6f613f25a3e57c63ab3e16fff0ea8dca
0869744a5242249d78d150c4fa9496c32192f67745486c9681180d6a18fd0550
08c8c947a68522e11e22d26cfa17354fa98089668530f6215849ced631a6aac3
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1d6eb9af0120fb32e723c9909b0595f2bdb6fa3676a749bd26dc76f02fd55667
1dc55e0f9a43bf2a2252433d23a6c7c7cf08fd9782877f6bef134032944781a8
1e01b46db25fb99dbf5890f92eb5c46329daf0d81fac40fa422e64a5149cc41a
1fbe966147fd95ebbe7fbe0112c0d94b831b6a831f9cb985e84886246f4a6388
20beaad16f5b9b79ed5f2901613a93c298fc05d0f0b587499c6848f62486d92c
242d81e3c511acf14d550a82a39ec7c847b2385ed71c1a1be7326701f961ea79
25475d82cc976fb2c71b15b3e416c22bf636dd247bbb268d312e7c076ec5b6e4
26e394c8bd847b5e9c4649a41eb1936db4fce85fbf462beed2a9a3f131bd761a
2713c7f23a5c9ecc5665c7d755c559d9be4104bf57fb273c1019511ddedd3588
292ca9e09a900cde3c17a06720d49db893fc24582958ff8ebad02b22b1a5cbcb
2949531ef55e92d583ce305b63584daeff14868ad3ba5dc2d0d9bc4904c914de
2ba392aec26b19018ccd66b2310db5d87f1e71b9d93174419d3d8db6387043a4
2cb6d2a2ff72a6d2b5de903c7458f14b79b6a293797ae1807efa472cd18605a7
2ff8dc4161b9a017745c29cdc9594fdff3e16b981f87664a6c3868bf4424ef3f
3081cd5942a29f59f16b662f9487cdb95dc4473722804097a0d697bd72fb1693
32929c5fa3c0615211044cc5a7837357059d972579032cd5617e55c0df73e726
3a69ddb7d7659bb1766e9b60a001742d8d6a4139add891495ec0876bba5b7bb5
41dd3e48dbef1ddbc59957d4e99ef7662c1702dd8b55d0900b02150f87af354a
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
49079d1073f8e4b2601cc764094234110a048b6fb0428ea51af0e1cc887278fc
49a2c294ac2b124f2ecfe293bd50961f4e1b7d73bb16b8ba3179de4af4bce249
4a168ac386a0db6c25726115bc365ddf398d9ce224d298713124d844c9f94406
4bb5f60ceb5016a06e5b4f79d8d1444d4c473fcc6915bd59f6d8c9fef1a9f0e7
4bc5c40c719fdc3bcf4b05cf341d262c15237c33140439bb1585f3228f8bfb8a
4d97412074c14efa6b9d69702dcac443ae93e9f091361903f5755af797d6533d
4e69c68f5c5b6c87b4b0437ddce158f64c43653e489a7f0731492243ea115ad7
52f0d802424f3a68e6aea8863702f78ef41f33243e764446700f7045b47be552
55b33a06e228728e062cd0d597eb8a52609d17e7230a60bbfecdb594480a4328
583365753b0cc7d65fa510a1d9bbe90bb50647ad28a11e45891f1e6d793dbcc0
592e800443163f8bd7186c066d8e53a29a35c06fd5b2bde3bb1b9b3cb022cffa
5c01ca88c3fb2e18378931dd13853095945845058ad9714dca2fad4664146d09
5f26b4f32d9bf2225fe85b430f2e566b5bd58feb48357f056098747da1407144
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7
6627c5ab36fa407f18fc9b6987e359eccef005ae6d35b370d2142b7daa770324
669df991bc101ce8036b07e4431b837c3afcfaedd8e18356f1930bdd8235a6ab
6b4ebc1f151ddf543d53a392ed36684804df7991894c62f081baeb40bc9701ba
6e6ce075027f897a6f6cfe0ce6190ccff3a5197b189cc328a83e884e9e1383fe
70ca695827ee799ccb27df51756e9391870e9abd2ce148c269070152e300e248
71e24f43aec5bdab071ca314c95fa148c47a6345b2f17192d6f7c1e9daee0ae1
72b2317cd22724f82eaa32f4212d46963530bda433e8ffa7b13859127a4414c7
74737067d32db8d46fc69f7f33a99fc3d04deacb1503c2d79ebdf46143b5ab12
74b1c9d0e9a310c68a2437a307ddc5f8c58ab3dd1ef63299c2982961837abe5d
7558e7e9054266a96f0562478d08af1656963b7076ef89e561f45cc0f8a9d148
764df958623e81ae49b597536c4f788d01b6d7d5b6fa5933868a4fd691e379df
76c14b698a296a429bc47aaaeb6e4806934e09be0bf34375d7ece5ac1f532306
790fe5c18e56222c9f6da2eae2875d1b8d9e2283fa9a24ec4cc8294e886f05bd
798b67bb2ea3243fac61fc7df7e5585a5adc40887e278bdf62598ca5d7629903
7a73748e95d0cc8eaf4273f4a478f6f340e70a4d5aa1c36109a820717cfb655e
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
87057d218a6dcaa930f27abf863b80a30c2a4b12f89f072bd2d5904fc023f887
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
8ad027b5063a7e692442a0ac1728160f7e6f8a2723e844235ed73527a9efbf2b
8b4bf46a7ee17fa868ac3a6ed47a74783271577c926748bcdbe6327921fca200
8defae8288a8c4bf7087a2f75db9f86f556aca4ca84b43170252d55e978ca832
8e6cf02b45fd93e64d2a3f7fb14f6f5f9e7856390ee7472de109dbd07dd78e7a
8f17450340f165bdd1bdbf40a96d4e18c98f90f5b76651ba7f9ca1ee421f0d09
8fb593e89d5b62a01be71b389a582abb6d3f2a2ac867baf6465cc144a99f0a4f
908077d113b03deb3a26f2f4bc601a1959cf1ee8c07b9c2cf82b52bcbb091d37
92becbbb8a47ec768cbc5158b4e28239578327b574072e683e92191ee1a3fc1c
962633a9b2b7df607d091396cbe096cef615f8bd36ea627151254a5743c4e0c7
96452c8ee01497a5e6503345fa017b1108180f46788f6168162a3c337420d747
987d5da0ab9202a9c0f62852a6939b618a0c3eb38db24e4d1afb947bbcd98bc7
98c487b9751731fd98bb870a62626fe184d8327cbafdf00349ad4f6fc34fead1
9a57f2e736aa6c732a41bccaa3688dee929153db4fa8995d2c56fdc7438d7d80
9af8abbfa30c640450f16d2b8aaa72ead3f0fef3082cccd4ea8b9c5756c18f38
9b3a87571539eef97e9c7f705f532fea1f37fd363f0b093edc82e69f5a433580
9bb2f1bbd174b9945bdbf13afc62fe0256adcf03d5a4ae7d05ac40f56a990d49
9c55c6cbc78b72675da89f7bcb675bfd71623cf622ae46b62d1b4ddbc3640f05
9dffbd45ce48bf5e8eeb90b3d8567f8270f217c174de81fe3693d6dcdbaa1588
9edc05982381ab2889031e810fb25a7c87f5587307d4779bb9890cd36fe5189b
9f393166a853c79004ebef12e520a49b4221612389d6aeed23956183b9417ec9
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0a9ce1553fa74dad4d8cf55b7df7d012a3acdec01cd39d682fce0e5b52e99f2
a1de21c9dad1e1459ec8a4538bf4ae5af953899ecd89301e880d14addadfc566
a32b602f3bac01ae978dbea1f4569b56a8905a3caea90667cb5661361dcde57a
a4b3ba70fe4d9dd147e3febf347153c54c0a756e1664c82b6d43046aa53d8d6a
a94af1c51b8380125d20e1038f7319616be7ffb52d4fe3732f4cdf367949442f
a9ceed07a4f2a68137f9c01a8450702246a2b70a3f392c27533a44134977affb
aa171daf12bb21cf4a1a99b654359fd1e0956d7e3394445a9b940bbc81112486
b0bc2d854c09f7f94305bbeaa5799f99a81d88687d832f603ff518615af8c125
b39aac6e708b01212d5d90f030c9418ad131c46ea6f845e46c1652de5ad3fe86
b3fade7f40077dbf91f4dafb3cb005a98b14eb081e557321e7a567cb794b35c6
b4e8a7b0c86a2399144c01217ce0302137c7833c0bd36de885db5e8afea9b02a
b97bd40ed81da00659daeff4bc998c4e1c28e4d54b63c4f22caa982dafbc0458
c15897598763a6e9bfba326ea2b191fb9155fe700338f7c60110ed252a70ef6e
c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac
c8d296fe5e8b17ac20d83e027dc8eb8a594cd0c2336bf38bce7573c2929dbab4
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cbe1c99c5250bcc7a5bf21f38854bb77541ba605f39ed01e3b62d430838b1139
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfd4f524d36b4f74a0442e7801800fdb7637258095f9cf4b9bd2529fca45e4f4
d06fa419eb1b5abed2803a1282dc4d7f9565e48e77277bcaac91209d7d392295
d10f564111b281963c5fb5366bf9a944c91d141643ea0e711f7a9803d49f1b2a
d1798f00809f57a10e52dd47948ceabfb7a5d6166ee026f06c885ec67076d4ee
d7ad52f6852de9481a13b90a5fe61d694f8403bf3154547b8f0b07a44686973d
dc32eababe2a5299e8a735ab3ec121f728e38bba46bee509723836a4564d1eca
de5c183c3f1addeea3bbb49120172a14b74a379ae0399065be93b35b02094201
e1864720d437de16319c804c40ef9560cef8c54b4bc86c8c08fa926a7ee286e9
e19721651ab51d473870ef17c5bff5896be07c47d555503bf09447ef314c53eb
e36940a2768b869ec60dad91310bb682ce30a85289f4f1bc4d6d0c34baf748c9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42afa934c4337a24f413b58ed086424693c96b6bc93e0423fea89ee0ea8828e
e8cb4665ee266842152260947e23cf0d7183e7fc9a0d305cdd0a7b47b25166b0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa61d94d56ad7f5958549b409634aee71dda4fe06594a358ca5c826c2f2c5b60
fba77aa733c49e480958aa2de564f8fac93c88f092d3c8f288a2e1d33aa59014
fbf5a809affc2436edaeec5bf7b723d8feaf4f9e7cbd8ba5f7f0f1e237b17f27
fc31b808ee36a231212d97a273a49689772a6d62fb6d6d2140a6eeaf402b1cb9
fdb78a1c48c930a8e0271a46a97975a6af2fa2d5ea9202f8ed763dd5a78f566d
fe8e8325cca37fc986268bab20aa134722a066dc93347d824b0f989b9a94e023

www.newsobserver.com Open in urlscan Pro 104.85.251.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

157 Requests

73 %HTTPS

29 %IPv6

32 Domains

55 Subdomains

38 IPs

5 Countries

3263 kBTransfer

7938 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

157 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.newsobserver.com Open in urlscan Pro
104.85.251.10 Public Scan

Screenshot
Live screenshot

Full Image

157
Requests

73 %
HTTPS

29 %
IPv6

32
Domains

55
Subdomains

38
IPs

5
Countries

3263 kB
Transfer

7938 kB
Size

6
Cookies

157 HTTP transactions
2 data transactions