news24open.com Open in urlscan Pro
2606:4700:3032::ac43:a2ed Public Scan

Go To Rescan
Add Verdict Report

URL:
https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_so...
Submission: On August 01 via api (August 1st 2024, 5:14:36 am UTC) from US — Scanned from DE

Summary HTTP 91 Redirects Behaviour Indicators

Summary

This website contacted 32 IPs in 5 countries across 20 domains to perform 91 HTTP transactions. The main IP is 2606:4700:3032::ac43:a2ed, located in United States and belongs to CLOUDFLARENET, US. The main domain is news24open.com.
TLS certificate: Issued by WE1 on June 11th 2024. Valid for: 3 months.

This is the only time news24open.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	2606:4700:303... 2606:4700:3032::ac43:a2ed	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	172.67.162.237 172.67.162.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.27.92 13.32.27.92	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:480... 2a02:26f0:480:d8f::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	54.145.241.159 54.145.241.159	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
1 2	107.178.250.234 107.178.250.234	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.203.121.133 34.203.121.133	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:266... 2600:9000:266e:e000:3:b7e:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:266... 2600:9000:266e:8600:3:b7e:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
3	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2	104.18.20.97 104.18.20.97	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.224.186.120 13.224.186.120	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:400... 2a04:4e42:400::714	54113 (FASTLY) (FASTLY)
1	2a02:26f0:480... 2a02:26f0:480:39a::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
1	142.250.186.131 142.250.186.131	15169 (GOOGLE) (GOOGLE)
1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	52.217.95.1 52.217.95.1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:264... 2600:9000:2646:5a00:18:1fcd:354:4b41	16509 (AMAZON-02) (AMAZON-02)
1	34.206.22.44 34.206.22.44	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1 2	2.19.126.147 2.19.126.147	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	2a02:26f0:480... 2a02:26f0:480:f::213:7ec8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:480... 2a02:26f0:480:f::213:7ee3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	216.239.34.36 216.239.34.36	() ()
91	32

12 2606:4700:3032::ac43:a2ed (United States)

ASN13335 (CLOUDFLARENET, US)

news24open.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 172.67.162.237 (United States)

ASN13335 (CLOUDFLARENET, US)

news24open.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-92.fra56.r.cloudfront.net

htlbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:d8f::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
0217991d.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.145.241.159 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-241-159.compute-1.amazonaws.com

www.i.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.250.234 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 234.250.178.107.bc.googleusercontent.com

js.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.203.121.133 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-121-133.compute-1.amazonaws.com

dallasmorningnews.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:266e:e000:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:266e:8600:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.20.97 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.186.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-120.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:39a::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

userstat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fee6b4e221be1cf22c8b2751864ae829.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.95.1 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

ams-pageview-public.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2646:5a00:18:1fcd:354:4b41 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.206.22.44 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-22-44.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.19.126.147 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-126-147.deploy.static.akamaitechnologies.com

trial-eum-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kd7qo2qccn7jgzvldg3q-pvl5fd-3f576875b-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7ec8 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

trial-eum-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7ee3 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

fiaqjiathaajekqce3yajaaab5tkwgnx-pvl5fd-9557f0ada-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.34.36 (None, )

ASN- ()

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	news24open.com news24open.com	1 MB
12	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 157 fee6b4e221be1cf22c8b2751864ae829.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 203	124 KB
4	akamaihd.net 2 redirects trial-eum-clientnsv4-s.akamaihd.net — Cisco Umbrella Rank: 4106 kd7qo2qccn7jgzvldg3q-pvl5fd-3f576875b-clientnsv4-s.akamaihd.net trial-eum-clienttons-s.akamaihd.net — Cisco Umbrella Rank: 4109 fiaqjiathaajekqce3yajaaab5tkwgnx-pvl5fd-9557f0ada-clienttons-s.akamaihd.net	1 KB
4	google.com ampcid.google.com — Cisco Umbrella Rank: 4317 region1.analytics.google.com — Cisco Umbrella Rank: 3773	438 B
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104	21 KB
4	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280 stats.g.doubleclick.net — Cisco Umbrella Rank: 252	179 KB
4	osano.com cmp.osano.com — Cisco Umbrella Rank: 7730	3 KB
4	matheranalytics.com 1 redirects www.i.matheranalytics.com — Cisco Umbrella Rank: 21098 js.matheranalytics.com — Cisco Umbrella Rank: 21635	44 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6716 ampcid.google.de — Cisco Umbrella Rank: 120381	430 B
2	chartbeat.com mab.chartbeat.com — Cisco Umbrella Rank: 3880 static.chartbeat.com — Cisco Umbrella Rank: 2461	16 KB
2	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 394	81 KB
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 2804	124 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	246 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 2168 c.go-mpulse.net — Cisco Umbrella Rank: 906	50 KB
1	akstat.io 0217991d.akstat.io — Cisco Umbrella Rank: 113261	225 B
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1859	201 B
1	amazonaws.com ams-pageview-public.s3.amazonaws.com — Cisco Umbrella Rank: 15383	448 B
1	userstat.net userstat.net — Cisco Umbrella Rank: 232748	651 B
1	blueconic.net dallasmorningnews.blueconic.net — Cisco Umbrella Rank: 420781 Failed	726 B
1	htlbid.com htlbid.com — Cisco Umbrella Rank: 13237	1 KB
91	20

	Domain	Requested by
35	news24open.com	news24open.com
8	pagead2.googlesyndication.com	securepubads.g.doubleclick.net news24open.com pagead2.googlesyndication.com
4	www.google-analytics.com	news24open.com www.google-analytics.com
4	cmp.osano.com	news24open.com
3	tpc.googlesyndication.com	news24open.com
3	region1.analytics.google.com	www.googletagmanager.com
3	securepubads.g.doubleclick.net	news24open.com securepubads.g.doubleclick.net
2	c.amazon-adsystem.com	news24open.com c.amazon-adsystem.com
2	cdn.confiant-integrations.net	news24open.com
2	js.matheranalytics.com	1 redirects news24open.com
2	www.googletagmanager.com	news24open.com
2	www.i.matheranalytics.com	news24open.com
1	0217991d.akstat.io	s.go-mpulse.net
1	fiaqjiathaajekqce3yajaaab5tkwgnx-pvl5fd-9557f0ada-clienttons-s.akamaihd.net
1	trial-eum-clienttons-s.akamaihd.net	1 redirects
1	kd7qo2qccn7jgzvldg3q-pvl5fd-3f576875b-clientnsv4-s.akamaihd.net
1	trial-eum-clientnsv4-s.akamaihd.net	1 redirects
1	ping.chartbeat.net	news24open.com
1	static.chartbeat.com	news24open.com
1	ams-pageview-public.s3.amazonaws.com	news24open.com
1	ampcid.google.de	www.google-analytics.com
1	fee6b4e221be1cf22c8b2751864ae829.safeframe.googlesyndication.com	news24open.com
1	userstat.net	news24open.com
1	www.google.de	news24open.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	ampcid.google.com	www.google-analytics.com
1	c.go-mpulse.net	s.go-mpulse.net
1	mab.chartbeat.com	news24open.com
1	dallasmorningnews.blueconic.net	news24open.com
1	s.go-mpulse.net	news24open.com
1	htlbid.com	news24open.com
91	31

This site contains no links.

Subject Issuer	Validity	Valid
news24open.com WE1	`2024-06-11` - `2024-09-09`	3 months	crt.sh
htlbid.com Amazon RSA 2048 M01	`2023-09-21` - `2024-10-18`	a year	crt.sh
akstat.io DigiCert TLS RSA SHA256 2020 CA1	`2024-07-31` - `2025-07-31`	a year	crt.sh
www.i.matheranalytics.com Amazon RSA 2048 M03	`2023-11-15` - `2024-12-14`	a year	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.blueconic.net Amazon RSA 2048 M02	`2024-05-08` - `2025-06-06`	a year	crt.sh
*.osano.com Amazon RSA 2048 M03	`2023-10-18` - `2024-11-15`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
confiant-integrations.net WE1	`2024-07-12` - `2024-10-10`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
*.chartbeat.com GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-17` - `2025-08-18`	a year	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google.de WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
userstat.net WE1	`2024-07-17` - `2024-10-15`	3 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2024-04-22` - `2025-04-07`	a year	crt.sh
*.chartbeat.net Thawte TLS RSA CA G1	`2023-11-20` - `2024-12-20`	a year	crt.sh
tpc.googlesyndication.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Frame ID: 1BF0A9F8644D0872B4228E9D99AAF6ED
Requests: 79 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: 061E4FC25BA2E86E91E6CFDB083517F8
Requests: 1 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: C532DADC258E2389FA676F3C933E09B8
Requests: 1 HTTP requests in this frame

Frame: https://fee6b4e221be1cf22c8b2751864ae829.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A1071D075EF9B8E25239AA2A7EC265AB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssoD0D4MBwJfKCQ8GvD95712OTHK2c02UJF2JcwwbQW5M3KZ56LZyTDmQ6OKd-pBvsqqvn3pEw5wyBNjliVbdwlPxo5TrGGMu6F_z23c1mWInqS6Gtj6Gg84rkiR6aXyc1t0U-DEagCPeyJmgPYwSyxbSr_Qm1_TgpVMDAobXneaeg4nxI9RNMiVCaafmm0drFSTYX89ndzb6oftS_0XCTK5OHME5-lWUHRQzM5TQXR3D9dYD2Rgdbz6mMvtZIsqXJL1VlxRByeL4OVMlnZf3OPkrzUd1sc8OOZKiFrqmYz40SAXj7lOHHyqqgC-T8YJmkhj_1Ot-ktPnpjQqvVzMHWzSAwzQ1PVCyfjYugFpJ5fSIinOVzA9rdazMXph0Qpjs7lFrQC3w&sig=Cg0ArKJSzC9kUIDt2Q56EAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 9BC941F4E1C09C2CB58617E4F9A11ABF
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4816C2D0FC51B1B639DF9E00BA3592CB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Kerre Woodham deja “El Noticiero” de Televisa

Detected technologies

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

91
Requests

91 %
HTTPS

53 %
IPv6

20
Domains

31
Subdomains

32
IPs

5
Countries

1938 kB
Transfer

6639 kB
Size

18
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://js.matheranalytics.com/s/ma21466/72969414/ml.js?cb=1661 HTTP 301
https://js.matheranalytics.com/static/ltm/ma21466/72969414/12/ml.br.js

Request Chain 83

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pvl5fdm6b HTTP 302
https://kd7qo2qccn7jgzvldg3q-pvl5fd-3f576875b-clientnsv4-s.akamaihd.net/eum/results.txt

Request Chain 84

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pvl5fdm6b HTTP 302
https://fiaqjiathaajekqce3yajaaab5tkwgnx-pvl5fd-9557f0ada-clienttons-s.akamaihd.net/eum/results.txt

91 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request ksFHSHnn Show response
news24open.com/ 248 KB
48 KB 295ms
124ms Document
text/html 2606:4700:3032::ac43:a2ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a2ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1276539ffd96d382638d4658a98726f7dfdf533e014eb0f24f112de3559ca17b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8ac35839dec89268-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 01 Aug 2024 05:14:26 GMT
expires: Thu, 01 Aug 2024 05:14:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CDTMe4iQEHF1XotLFRe1CwzGE%2FvT5rmyADBxLf6d0leN%2FSG%2Bs5avx5IOOx6xcmhQMNR%2F94o03xPOD%2BbDVUrXA7k6Lqdro96nLuRMXCHy1r0kXbF2qHizb50WpwASkQX5QMbpt6FhgSB21%2BdFfA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 ml.br.js Show response
news24open.com/lander/white--2-/js/ 149 KB
50 KB 104ms
79ms Script
application/javascript 2606:4700:3032::ac43:a2ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://news24open.com/lander/white--2-/js/ml.br.js
Requested by: Host: news24open.com
URL: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a2ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a22592e8eb3acfae27c26f4e51cc477c5ca8b8ff43bcf3a613ea8adcf4bf9486

Request headers

Referer: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 05:14:26 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Wed, 22 May 2024 11:34:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"664dd85a-25476"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VwCpQCfxcA3l1m8q9L4dx1LUW4y3HA8UsUtTq8CPdaPKS20iwdot5Gni6T3qE1RlgDIYHa0vscjWKbKmIkEXvdpAtzljjir%2BrDMv5b60lf%2FGCZNpp2pp0ta08%2BY0R8btxpD9kfnTCQqhVdKpCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 8ac3583b0f729268-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 11 Aug 2024 05:14:26 GMT

GET
H2 200 gtm.js Show response
news24open.com/lander/white--2-/js/ 595 KB
141 KB 149ms
125ms Script
application/javascript 2606:4700:3032::ac43:a2ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://news24open.com/lander/white--2-/js/gtm.js
Requested by: Host: news24open.com
URL: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a2ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 793ec1b6519d67820cbffc2057a0242fa63a1c35c7a38b478c5ef3c76beb9945

Request headers

Referer: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 05:14:26 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Wed, 22 May 2024 11:34:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"664dd85a-94c03"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GvRJ9%2B%2BXUbbse3wVPd3%2FCmInoH9ud%2FGEt7iEGgElfGClixyy0qpo87GM8%2Fb1xKCu6FNNlQ7iMtj4kYBzTLLNLVKCPvGpgz9ZqgEOzauvXfuAFCchA2RCXIBnxdmm74hEqK7xpK7QEZvJFi766w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 8ac3583b0f739268-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 11 Aug 2024 05:14:26 GMT

GET
H3 200 react.js Show response
news24open.com/lander/white--2-/js/ 289 KB
92 KB 104ms
85ms Script
application/javascript 172.67.162.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://news24open.com/lander/white--2-/js/react.js
Requested by: Host: news24open.com
URL: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.162.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd8e859af8655f7e96a6f5b5f71cc28152a677b8cea6108e3010aab8e485df07

Request headers

Referer: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 05:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Wed, 22 May 2024 11:34:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"664dd85a-485ad"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NLqHyweCy76R76bLWlmNvDS5RVlM3b81aPxPLa63lsURCKZr6oBGzBq9Q0tYCjI6K9fJNHJ67TcNJ7YHsTjQPplNyaeAp2UB85gKyeSm%2B%2FeH3aWsIHfCo6hnzDAudRk7GA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 8ac3583f5cf2362a-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 11 Aug 2024 05:14:27 GMT

GET
H3 200 light.js Show response
news24open.com/lander/white--2-/js/ 1 MB
340 KB 168ms
168ms Script
application/javascript 172.67.162.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://news24open.com/lander/white--2-/js/light.js
Requested by: Host: news24open.com
URL: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.162.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e28dc3142795a309fb9e584a8f9c0e286ae946a50b4081d8f8ef1b4bedec8e7

Request headers

Referer: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 05:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Wed, 22 May 2024 11:34:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"664dd85a-130853"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vcOLkRfezETqnATcuHYBf%2BzaweXGddgfDOeqaa6PtYhx0cYGin9GwanMzF5x1G4DFzlyzwBc29i3uQXNW8M0i%2FUyYqTof7zRPhX12UFoqRH%2BKRK%2FuKhixpJv5Fe%2FyusCaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 8ac3583f9d35362a-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 11 Aug 2024 05:14:27 GMT

GET
H2 200 osano.js Show response
news24open.com/lander/white--2-/js/ 206 KB
63 KB 154ms
130ms Script
application/javascript 2606:4700:3032::ac43:a2ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://news24open.com/lander/white--2-/js/osano.js
Requested by: Host: news24open.com
URL: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a2ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00f96a430ce1f78bdfb7501b0ff2e5ea71a0277502e465fdf1eda69060eda97a

Request headers

Referer: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 05:14:26 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Wed, 22 May 2024 11:34:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"664dd85a-338e0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l4ODqx1wJoHOsYTj9kDJTmc%2FFunqAm5siz71hUm2XN%2F9Tx9G5IsvYdEj7eLOThMRtHUE%2BwNidLMdL6oKZe1BsXx79FmI1pBVJvpKkb4hA0nyiPwGX0HveY%2FLbR1CFRMxzIeZoHPl96mva%2FdnRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 8ac3583b0f6c9268-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 11 Aug 2024 05:14:26 GMT

GET
H2 200 htlbid.css
htlbid.com/v3/dallasnews.com/ 850 B
1 KB 252ms
57ms Stylesheet
text/css 13.32.27.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/dallasnews.com/htlbid.css
Requested by: Host: news24open.com
URL: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-92.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 579ee4f14d0c55c0429e95d5328331e314c6c494b3000a6ae716ac15392a033a

Request headers

Referer: https://news24open.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 05:13:27 GMT
via: 1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
last-modified: Wed, 06 Mar 2024 14:03:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 59
x-amz-server-side-encryption: AES256
etag: "a32f2d89d000b3472d70d33f894ff365"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=600
accept-ranges: bytes
content-length: 850
x-amz-cf-id: 12CX8YEojv2gprVj-GqSch8WIl8_yMDIfOwdYoN0njfhUsOM7xw8Qg==

GET
H2 200 htlbid.css
news24open.com/lander/white--2-/css/ 850 B
522 B 78ms
54ms Stylesheet
text/css 2606:4700:3032::ac43:a2ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://news24open.com/lander/white--2-/css/htlbid.css
Requested by: Host: news24open.com
URL: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a2ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 579ee4f14d0c55c0429e95d5328331e314c6c494b3000a6ae716ac15392a033a

Request headers

Referer: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 05:14:26 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 22 May 2024 11:34:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"664dd85a-352"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cfE21RV%2BGNBcczptTjrwsEvBs3xl1WJ6yGg5bQMxhCaUr9bgmZekk7RVVA1sTeSi5UkJAekK3ygRjs5GAHt%2Buw5NGn2x5g2V9XZlgod3WoGM2kG5P7JCkHHNZAqfI5C1KqiCuc6QjjCaKsQtZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 8ac3583b0f6b9268-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 11 Aug 2024 05:14:26 GMT

GET
H3 200 htlbid.js Show response
news24open.com/lander/white--2-/js/ 468 KB
133 KB 386ms
384ms Script
application/javascript 172.67.162.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://news24open.com/lander/white--2-/js/htlbid.js
Requested by: Host: news24open.com
URL: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.162.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18c5d0985737e311ccaafa2aa98c38958ac96f7766cd532c563f4350edae2514

Request headers

Referer: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 05:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Wed, 22 May 2024 11:34:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"664dd85a-75061"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n6l8C%2FKySet7ozGdKcsHu7xsUuAleVWwaL3toIEqMz47v%2BEBFZYYN9aaTsQBGBeLBYMRydb%2B2J6rIyCFtXRHbfcuR6B15nG1ESgeBWJtlWbs5gHnNm6ZFywAILnvBYtUHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 8ac3583f9d36362a-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 11 Aug 2024 05:14:27 GMT

GET
H2 200 onload.js Show response
news24open.com/lander/white--2-/js/ 13 KB
5 KB 72ms
69ms Script
application/javascript 2606:4700:3032::ac43:a2ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://news24open.com/lander/white--2-/js/onload.js
Requested by: Host: news24open.com
URL: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a2ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c83afd33e06c7a0b345273d10b4cdfd54fb82fd9941a57840740ed81202e3a9

Request headers

Referer: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 05:14:26 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Wed, 22 May 2024 11:34:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"664dd85a-3378"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iKzA1AtNYEPeCWbeGppZx2l08d4snADg7QBhh0qNMNVweWCwEHP29xwfsOCiwdx0Z6E2j9rI9M5zQAeBPnEq%2B6WHTRP4db83WybdWFW%2FoN1dWfc8%2FdYEtGtdnvYiHk2zl4fsxm%2FIQYyeBaq7Cw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 8ac3583b0f6e9268-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 11 Aug 2024 05:14:26 GMT

GET
H2 200 script.js Show response
news24open.com/lander/white--2-/js/ 135 KB
41 KB 129ms
127ms Script
application/javascript 2606:4700:3032::ac43:a2ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://news24open.com/lander/white--2-/js/script.js
Requested by: Host: news24open.com
URL: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a2ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0026acc8c42b8e7f2b7cd7196df0fd5c4215e663b17f455694bd4d9abb2e1369

Request headers

Referer: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 05:14:26 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Wed, 22 May 2024 11:34:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"664dd85a-21bc0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1PHoRdLRM5QTkKQrCxs4fiuXvk2%2B%2FpfaaP4D3ga%2BPfJm1m2nYEAtT2ctTTs7bF8Qnsl%2BIoj3R7by7pPhYFlxKVFJi1ivVx%2BpYaUfNKIynX7Weq9q%2B5%2ByAypcBqShB9yZO2p78rTtT3vO8CgDHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 8ac3583b0f6f9268-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 11 Aug 2024 05:14:26 GMT

GET
H2 200 courier-ent.min.js Show response
news24open.com/lander/white--2-/js/ 4 KB
2 KB 130ms
128ms Script
application/javascript 2606:4700:3032::ac43:a2ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://news24open.com/lander/white--2-/js/courier-ent.min.js
Requested by: Host: news24open.com
URL: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a2ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ad7b33e22257bb3b53ee21f07253af2a36d8f4ffc39913b672b595b03a94ea8

Request headers

Referer: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 05:14:26 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Wed, 22 May 2024 11:34:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"664dd85a-115e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MgSF0%2FxXcpBPJGnjPbbi1HQ4Moka8IxrdbNMUwxuwu2iyt3fFkuq%2Bxv7nCV%2FlOqDLseNasmzGAkGSFhlb%2FH3TxrhCNLa2K%2FEBMROkNBg3InOKugUZBOQxGz3JMzZj1dnQor2H9f50LOOC1zLGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 8ac3583b0f719268-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 11 Aug 2024 05:14:26 GMT

GET
H2 200 style.css
news24open.com/lander/white--2-/css/ 227 KB
39 KB 93ms
92ms Stylesheet
text/css 2606:4700:3032::ac43:a2ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://news24open.com/lander/white--2-/css/style.css
Requested by: Host: news24open.com
URL: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a2ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b21a5c684da2990ab5bc3376153839168a9b119a95b174a71759c926c9b1ce2

Request headers

Referer: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 05:14:26 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Wed, 22 May 2024 11:34:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"664dd85a-38bff"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QYzkezuFzNb%2BQaolH6%2FTgCk38FbH%2BiXccG7XYkjn321XWRg4U2NjnTw6UjxBdd%2FtcTvC0punUALaellSI6jK1JkZjZRnq5%2BSS426cloJWfGhPo8CZfnvP8z0jwYza49Ys5nzV57sDU64Nhoa0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 8ac3583b0f749268-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 11 Aug 2024 05:14:26 GMT

GET
H2 404 Gotham-Book_Web-kern-latin.woff2
news24open.com/lander/white--2-/pf/resources/fonts/gotham/woff2/ 0
0 69ms
67ms Font
text/html 2606:4700:3032::ac43:a2ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://news24open.com/lander/white--2-/pf/resources/fonts/gotham/woff2/Gotham-Book_Web-kern-latin.woff2?d=650
Requested by: Host: news24open.com
URL: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a2ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Origin: https://news24open.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 05:14:26 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=az9%2Bda5PfV576H%2F99rqtsX1s3pYbgntsiqykWphuG3ale%2Blc%2BoHVRkTZLzI2nh3oyPZtlfLFjiLuCa5Kw2OeJcwnoDrxo%2B0ZCQUBh5DrE6lsgbcV5mtXyRSU88SSZd7xR50iDdpo4hynXdo1IA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cf-ray: 8ac3583b0f759268-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 404 Gotham-Bold_Web-kern-latin.woff2
news24open.com/lander/white--2-/pf/resources/fonts/gotham/woff2/ 0
0 70ms
69ms Font
text/html 2606:4700:3032::ac43:a2ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://news24open.com/lander/white--2-/pf/resources/fonts/gotham/woff2/Gotham-Bold_Web-kern-latin.woff2?d=650
Requested by: Host: news24open.com
URL: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a2ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Origin: https://news24open.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 05:14:26 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nFfNvFVtG8IFjKeECvbf7Vhl4W5jin3IxqvTejMpOgOW1HXF6mtClv%2B%2F1aGfuPSi5NZnm0lvvD8q2bN9J5izW0Rpi%2FFJSsky4W6yts01uL7yUJGq9ORiGhJ5rSSw33pqRLQ8scN0AZGUarMeXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cf-ray: 8ac3583b0f769268-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 chartbeat_mab.js Show response
news24open.com/lander/white--2-/js/ 24 KB
10 KB 476ms
476ms Script
application/javascript 172.67.162.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://news24open.com/lander/white--2-/js/chartbeat_mab.js
Requested by: Host: news24open.com
URL: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.162.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b

Request headers

Referer: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 05:14:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Wed, 22 May 2024 11:34:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"664dd85a-5f13"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DouvatROFLSA61YFjMB5lWpqu4kGzneyWutLiEASl6R0NQc6iFJX6whDF38qU95tkgKUV9g09ABHQxvZfydQOBuiZhbeMu38AkM%2BDPE32nAgc3EFECS4Dan8LZLkBUlULw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 8ac3583f9d39362a-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 11 Aug 2024 05:14:27 GMT

GET
H2 200 BSGJQ-G7REA-SZ6BB-4U6F2-E74CA Show response
s.go-mpulse.net/boomerang/ 205 KB
49 KB 215ms
43ms Script
application/javascript 2a02:26f0:480:d8f::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/BSGJQ-G7REA-SZ6BB-4U6F2-E74CA
Requested by: Host: news24open.com
URL: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:d8f::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

Referer: https://news24open.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 05:14:26 GMT
content-encoding: br
customappheader: mpulse-ab-boomr__git__2226cf4__git__2226cf4__p19.alsi10-lite
last-modified: Thu, 27 Jun 2024 23:15:19 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 50393

GET
H3 200 wx_21.svg
news24open.com/lander/white--2-/images/ 2 KB
1 KB 82ms
82ms Image
image/svg+xml 172.67.162.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news24open.com/lander/white--2-/images/wx_21.svg
Requested by: Host: news24open.com
URL: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.162.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 319a4d261f8433591b683e3f488cdef2b6b7e738982606e6cbdff0bc96e1f808

Request headers

Referer: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 05:14:27 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 22 May 2024 11:34:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"664dd85a-7bb"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u%2FAL1dgmVZxmsiA2XcblFqiEz8kvpms0J%2FPiBW8qrJwaK63srobJvrOsi6dXDsAv92czB756YHFfdjXVER5Fyd722lpJAS%2B84haix9%2FhQPyIgIJEJnAdCE8jTBk1Zf5QZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 8ac3583f9d3a362a-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 11 Aug 2024 05:14:27 GMT

GET
H2 404 EO4AJRLMAH4LVKXTQILAPFVQIM.jpg
news24open.com/lander/white--2-/ 548 B
548 B 148ms
147ms Image
text/html 2606:4700:3032::ac43:a2ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news24open.com/lander/white--2-/EO4AJRLMAH4LVKXTQILAPFVQIM.jpg
Requested by: Host: news24open.com
URL: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a2ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Referer: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 05:14:26 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CbP7CM6Suh8QUyz29XL0psnIiZMelJ7TCDpRa2MfDl1ek25T8kHTwjCDugHWQY96lIZ389O%2BX5P2fKrB0jirrKZQW76RcgX0FqgGz8E0bgPDWDcvbXKAxLysecwkyA4DjDR3SfzQTHjQkopl%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cf-ray: 8ac3583b4f959268-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 819ms
150ms Image
image/gif 54.145.241.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pv&page=Kerre%20Woodham%20deja%20%E2%80%9CEl%20Noticiero%E2%80%9D%20de%20Televisa&artid=NFGJQOT4T6GUKCBSZWFVDSQEGE&artpubt=1464062005&artupt=1562606711&auth=AGENCIA%20REFORMA&hier=espanol%7Cal-dia%7Cnoticias&ptype=article&sec=espanol&tv=js-3.0.162&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=de-DE&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=11&tvcfg=js&tid=b94bf560-4e70-4e26-b15f-67e970678d23&pid=6b1b6db5-a7b3-4b9a-860a-97ffa7c23385&dtm=1722489266656&qnm=_matherq&visible=1&tabid=4ea280ef-6043-41cb-9115-d83f2de61bd7&url=https%3A%2F%2Fnews24open.com%2FksFHSHnn%3Futm_creative%3D5%26utm_campaign%3DNZ%2B40-65%252B%2B%25E2%2580%2594%2B%25D0%259A%25D0%25BE%25D0%25BF%25D0%25B8%25D1%258F%26utm_source%3Dfb%26utm_placement%3DFacebook_Desktop_Feed%26campaign_id%3D6580076270203%26adset_id%3D6580076269603%26ad_id%3D6580076278203%26adset_name%3D40-65%252B%26fbpixel%3D1496647847579922%26s...%2520406%2520...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA&curl=https%3A%2F%2Fwww.dallasnews.com%2Fespanol%2Fal-dia%2Fnoticias%2F2016%2F05%2F24%2Fjoaquin-lopez-doriga-deja-el-noticiero-de-televisa%2F&vp=1600x1200&ds=1600x1200&tofa=1722489267&vid=1&lvidt=1722489267&duid=da11a6c3-39a8-48ed-8ef3-8a31f3bd75a6&fp=3277385531&cid=lander&mrk=white--2-&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTcyMjQ4OTI2NjAyNSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIzLjI0MTc1bWIiLCJoZWFwVCI6IjQuNzg5MDg2bWIiLCJmZXRjaFMiOiIxIiwiZG9tYWluUyI6IjIzIiwiZG9tYWluRSI6IjIzIiwiY29ublMiOiIyMyIsImNvbm5FIjoiMTczIiwic3NsUyI6IjY4IiwicmVxdVMiOiIxNzMiLCJyZXNwUyI6IjI5NyIsInJlc3BFIjoiMzYxIiwiZG9tTG9hZCI6IjMxMSJ9LCJjYW1wYWlnbnMiOlt7InBhZ2VJZCI6IjZiMWI2ZGI1LWE3YjMtNGI5YS04NjBhLTk3ZmZhN2MyMzM4NSIsIm5hbWUiOiJ1dG1fY3JlYXRpdmUiLCJ2YWx1ZSI6IjUiLCJyZWZUaW1lIjoiMTcyMjQ4OTI2NyIsImNyZWF0ZVRpbWUiOiIxNzIyNDg5MjY3In0seyJwYWdlSWQiOiI2YjFiNmRiNS1hN2IzLTRiOWEtODYwYS05N2ZmYTdjMjMzODUiLCJuYW1lIjoidXRtX2NhbXBhaWduIiwidmFsdWUiOiJOWis0MC02NSsr4oCUK9Ca0L7Qv9C40Y8iLCJyZWZUaW1lIjoiMTcyMjQ4OTI2NyIsImNyZWF0ZVRpbWUiOiIxNzIyNDg5MjY3In0seyJwYWdlSWQiOiI2YjFiNmRiNS1hN2IzLTRiOWEtODYwYS05N2ZmYTdjMjMzODUiLCJuYW1lIjoidXRtX3NvdXJjZSIsInZhbHVlIjoiZmIiLCJyZWZUaW1lIjoiMTcyMjQ4OTI2NyIsImNyZWF0ZVRpbWUiOiIxNzIyNDg5MjY3In0seyJwYWdlSWQiOiI2YjFiNmRiNS1hN2IzLTRiOWEtODYwYS05N2ZmYTdjMjMzODUiLCJuYW1lIjoidXRtX3BsYWNlbWVudCIsInZhbHVlIjoiRmFjZWJvb2tfRGVza3RvcF9GZWVkIiwicmVmVGltZSI6IjE3MjI0ODkyNjciLCJjcmVhdGVUaW1lIjoiMTcyMjQ4OTI2NyJ9XSwiY2F0ZWdvcnkiOnsiY2F0ZWdvcmllcyI6W1siTm90aWNpYXMiXV19fQ
Requested by: Host: news24open.com
URL: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.145.241.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-145-241-159.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://news24open.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif
Date: Thu, 01 Aug 2024 05:14:27 GMT
Connection: keep-alive
Content-Length: 43
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

POST 937
dallasmorningnews.blueconic.net/DG/DEFAULT/rest/rpc/ 0
0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 614 KB
144 KB 237ms
97ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MXT3G5F

Requested by

Host: news24open.com
URL: https://news24open.com/lander/white--2-/js/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e1ced19fd0d79fe458138eef227db8b098b35770390a94a0b0095a5b2106967c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://news24open.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 05:14:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 146688
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Aug 2024 05:14:27 GMT

GET
H3 200 Gotham-Bold_Web-kern-latin.woff2
news24open.com/lander/white--2-/fonts/ 10 KB
11 KB 147ms
146ms Font
font/woff2 172.67.162.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://news24open.com/lander/white--2-/fonts/Gotham-Bold_Web-kern-latin.woff2
Requested by: Host: news24open.com
URL: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.162.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19ba9846381f2de19bff982ee4a7a4ad9289b87cb2f54ff87523fb6510ad3e98

Request headers

Referer: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Origin: https://news24open.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 05:14:27 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 22 May 2024 11:34:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "664dd85a-29ec"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4N9TT3Vxs%2BMbBnvkS%2BUEXB8OTAqz81oUcY9Ts9m5oN9lj3u4udiFOoxE%2BKAZsuZyw5PRzUY6h98NQVZWZbJVvKeYBzPrx6YNuUoKqliuYwE7GBokDEFhhV6bp3P6f%2BYqMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 8ac35841bf8e362a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 10732
expires: Sun, 11 Aug 2024 05:14:27 GMT

GET
H3 200 Gotham-Book_Web-kern-latin.woff2
news24open.com/lander/white--2-/fonts/ 11 KB
11 KB 148ms
148ms Font
font/woff2 172.67.162.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://news24open.com/lander/white--2-/fonts/Gotham-Book_Web-kern-latin.woff2
Requested by: Host: news24open.com
URL: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.162.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c124b885ae4cdd4ebb106f3b87dd694494a3f3151b1bb541acc744ffe3bab3c4

Request headers

Referer: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Origin: https://news24open.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 05:14:27 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 22 May 2024 11:34:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "664dd85a-2b64"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=URvHujhz7DC2zFOd%2BGsVjTCTWV53lhYghZUOpw991l26ac%2BXbmMuWGVDDe7dqhe7CKvPekb8AnNtE2skbSQaYLSgnZs%2B1EDAirW0D4bBoclTOwfxdE7PcbNnEWLuFw%2BFMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 8ac35841bf91362a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 11108
expires: Sun, 11 Aug 2024 05:14:27 GMT

GET
H3 200 27UPNBLZTKSMQBZCDXS6RNRXZ4.jpg
news24open.com/lander/white--2-/images/ 6 KB
6 KB 159ms
132ms Image
image/jpeg 172.67.162.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news24open.com/lander/white--2-/images/27UPNBLZTKSMQBZCDXS6RNRXZ4.jpg
Requested by: Host: news24open.com
URL: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.162.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe2f10e0872d89e50abbf3588ba2048987ea8e1ee497afd7fa9eee9c70274135

Request headers

Referer: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 05:14:27 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 22 May 2024 11:34:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "664dd85a-1727"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LeytlptL4XCWqPqbJmrLoP0lTVYFXzdbsN0YlbXz%2FWRqoGPL2ZZaiID7N%2F%2Byw7587FmqJ5QFk4rIOtaeAsu0BCbHicoZPNk%2BKD4opWac01oWBcOhai5BC24TOeE19tUf1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 8ac35841bf7e362a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 5927
expires: Sun, 11 Aug 2024 05:14:27 GMT

GET
H3 200 DVB67T7MGVFGLBOHLO3GU2S3PE.png
news24open.com/lander/white--2-/images/ 6 KB
7 KB 160ms
134ms Image
image/png 172.67.162.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news24open.com/lander/white--2-/images/DVB67T7MGVFGLBOHLO3GU2S3PE.png
Requested by: Host: news24open.com
URL: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.162.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 258751aa13536e1fbb3256b102e84d1848b54481bb40bc323e547807624e1c48

Request headers

Referer: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 05:14:27 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 22 May 2024 11:34:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "664dd85a-18be"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pok5wC%2FQ2AnCP5KEU6RtLYApXKLqYj%2F7YkcBwQAUd2Xyk2lYCVtrnmkCLlvbFC%2B3I1u9MuYxHsNxcwKVwNEMWtfX2XMKsxv5NRakDiSCfOdunVVxGWajUiYFo1Wd6OmaGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 8ac35841bf81362a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 6334
expires: Sun, 11 Aug 2024 05:14:27 GMT

GET
H3 200 E4PQSC3PB5JNM6B4FL7TN37X5Q.jpg
news24open.com/lander/white--2-/images/ 5 KB
5 KB 162ms
135ms Image
image/jpeg 172.67.162.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news24open.com/lander/white--2-/images/E4PQSC3PB5JNM6B4FL7TN37X5Q.jpg
Requested by: Host: news24open.com
URL: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.162.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55515df4f1ebcfc3e854d571e7fda4cac4fea77be7038469eb142043c511cf30

Request headers

Referer: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 05:14:27 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 22 May 2024 11:34:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "664dd85a-1303"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iIehsKBnONfwe0Vswjm1iqdbU1I9XiQUS4zW17VT6aZZ7%2F2GipL1vKx0r2HJqYuilLwNqr1ouutzjjPVH7%2BhX2zA82udMx3IjB5R96R%2FLt0KHDPgu2j%2Beg%2BF55zSh2qh3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 8ac35841bf82362a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4867
expires: Sun, 11 Aug 2024 05:14:27 GMT

GET
H3 200 RFZWYAFX6JFS5FCZUSY36ONJGI.jpg
news24open.com/lander/white--2-/images/ 4 KB
5 KB 163ms
136ms Image
image/jpeg 172.67.162.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news24open.com/lander/white--2-/images/RFZWYAFX6JFS5FCZUSY36ONJGI.jpg
Requested by: Host: news24open.com
URL: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.162.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15baefcf5a97a4aa502380191c153c89b99fdff92e709d6eb4b438a9133a1eb5

Request headers

Referer: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 05:14:27 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 22 May 2024 11:34:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "664dd85a-1127"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4M4K5iub0nrJpSjYU3r3%2FabTrfDGkziqVV65pqR1afDZzQuteuL1Hj2r0FZLqofhUyxpHYPUWWxk7Zr79wU52dFELglilmb2EATqxGDvLL6B3O%2FiWPJSa8wKrKlJ8fde4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 8ac35841bf85362a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4391
expires: Sun, 11 Aug 2024 05:14:27 GMT

GET
H3 200 25IIFKM3XBECBPLYPURHP4VCCI.jpg
news24open.com/lander/white--2-/images/ 5 KB
5 KB 141ms
139ms Image
image/jpeg 172.67.162.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news24open.com/lander/white--2-/images/25IIFKM3XBECBPLYPURHP4VCCI.jpg
Requested by: Host: news24open.com
URL: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.162.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ffcc47413c7b4e562bb6d5f35073f12c3a54019feb1f691eeb32049dba3316b

Request headers

Referer: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 05:14:27 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 22 May 2024 11:34:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "664dd85a-127a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5uylYss4oxR4UKMD2pkQTxsMbzIzEX1fC%2BM2UpgIX91myqF%2Bu11LudBXQGS5o7nLxTTBshxXM7lb9Wwx%2B1CgiBB2wIoXKIAAiou3NavpeT%2F02tqNlUzswVxcTuuwuANLnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 8ac35841bf86362a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4730
expires: Sun, 11 Aug 2024 05:14:27 GMT

GET
H3 200 WE7R6CNZSNCKNITC3IM4IHXGHI.JPG
news24open.com/lander/white--2-/images/ 5 KB
6 KB 141ms
139ms Image
image/jpeg 172.67.162.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news24open.com/lander/white--2-/images/WE7R6CNZSNCKNITC3IM4IHXGHI.JPG
Requested by: Host: news24open.com
URL: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.162.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79ae83d24ae04295e506c49f7e11098cb5b632fe7ea38691943cef97518187a6

Request headers

Referer: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 05:14:27 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 22 May 2024 11:34:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "664dd85a-14ee"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5G94pvA%2FpOrCxImN4CpbZCtWcyaYe7b53xE%2Fb69i3NtIA11OFgOmzXWZ1rxX6DB7rLkW28fY1QQ%2FZzceKPd7MUauzL9BSgZAhpJRVBXzb5Zz9q2SvUUvZuwYH5SOujNKMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 8ac35841bf87362a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 5358
expires: Sun, 11 Aug 2024 05:14:27 GMT

GET
H3 200 ULOBBOXBARBCBFOFAN2R7ARTWM.jpg
news24open.com/lander/white--2-/images/ 4 KB
5 KB 142ms
140ms Image
image/jpeg 172.67.162.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news24open.com/lander/white--2-/images/ULOBBOXBARBCBFOFAN2R7ARTWM.jpg
Requested by: Host: news24open.com
URL: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.162.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31f1fecdab9f152b566470e7bf4d24ac6d6f42c71d106e89f36d4a1b08da05a4

Request headers

Referer: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 05:14:27 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 22 May 2024 11:34:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "664dd85a-10be"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gf6dkNorcSRII85gvdLgcC75i6YGhIOr8TIcIwzYE86b6A7WD0N7HFmOG%2FAHEc9deY0rfSbT4UAzQ97hXXlrpen82hBpatXMz64RHqYPwbVWOfMSpHjx2RLty4ciiVJGgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 8ac35841bf88362a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4286
expires: Sun, 11 Aug 2024 05:14:27 GMT

GET
H3 200 CPJEYOSOUNHUZARATNRITRG47A.jpg
news24open.com/lander/white--2-/images/ 6 KB
6 KB 139ms
137ms Image
image/jpeg 172.67.162.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news24open.com/lander/white--2-/images/CPJEYOSOUNHUZARATNRITRG47A.jpg
Requested by: Host: news24open.com
URL: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.162.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94d2f1b2d7e7ce90be43d1b850a4b8aaaa736bc17af23dc82a5d7622d9c6c91d

Request headers

Referer: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 05:14:27 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 22 May 2024 11:34:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "664dd85a-1790"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=38ZLkZBQZcGrTTchFcHJJ00w3ltCbMIWc4aapLGE0iltvffQE5FGYbLV8diraVBPoym1amiJvZ2aNzwRXfWxUPUiXMxMRTGKnKnd5d8oowVUihdmz521r%2FivcSzfEfIk%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 8ac35841bf89362a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 6032
expires: Sun, 11 Aug 2024 05:14:27 GMT

GET
H3 200 DLH4SHXZHNF6PC3KDXGG3QYP44.JPG
news24open.com/lander/white--2-/images/ 4 KB
4 KB 143ms
142ms Image
image/jpeg 172.67.162.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news24open.com/lander/white--2-/images/DLH4SHXZHNF6PC3KDXGG3QYP44.JPG
Requested by: Host: news24open.com
URL: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.162.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4e5452ff0ae2c43b5264144c658f1647632a3d1d47f7f62d9e6161a16a702d5

Request headers

Referer: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 05:14:27 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 22 May 2024 11:34:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "664dd85a-f5e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QGxYytVojDLv%2BVFeM7WsFY1qa7t%2FzO%2FgMFNIjKU5czkoIZvbmQyhD50WVULlEQz5Vqz9D7dNyy9bSwdex15PaWJW8Vbr1Hfyc3AgcgKe%2BaUNXPaSnKD0IajU9TnAnZiSbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 8ac35841bf8c362a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3934
expires: Sun, 11 Aug 2024 05:14:27 GMT

GET
H3 200 CHGVCSPM3FTSIPCG7TUCFO6XNQ.jpg
news24open.com/lander/white--2-/images/ 7 KB
8 KB 146ms
145ms Image
image/jpeg 172.67.162.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news24open.com/lander/white--2-/images/CHGVCSPM3FTSIPCG7TUCFO6XNQ.jpg
Requested by: Host: news24open.com
URL: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.162.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a8e120d4014756b8d45064b40fb25e46ab4c0226daf69598801e0bbd8a92e50

Request headers

Referer: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 05:14:27 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 22 May 2024 11:34:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "664dd85a-1cf1"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QzK3G7%2B9DgjTnicYUutbbQlIp0SJn78jpeX9ygwqmo80Z4qUieK%2F9GEb3CChnLqmht7afmnyLFuSjAap9MRO3gHKHZL48QcBed%2FkTIIynVz93tg%2FK%2Bb5Fsep9vE0MoBNwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 8ac35841bf8d362a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7409
expires: Sun, 11 Aug 2024 05:14:27 GMT

GET
BLOB 200
OK 7cb9287a-9318-41a1-bc09-786088ee4761
https://news24open.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://news24open.com/7cb9287a-9318-41a1-bc09-786088ee4761
Requested by: Host: news24open.com
URL: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 398be1957b04ff4b5cd8b2ab2c8c5d4cbbf6fe80494683275410f22b2563e116

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H3 404 Gotham-Bold_Web-hint-all.woff2
news24open.com/pf/resources/fonts/gotham/woff2/ 0
0 73ms
73ms Font
text/html 172.67.162.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://news24open.com/pf/resources/fonts/gotham/woff2/Gotham-Bold_Web-hint-all.woff2?d=650
Requested by: Host: news24open.com
URL: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.162.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Origin: https://news24open.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 05:14:27 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pgXfsyipvG1wGQ2hGCNZp6PoWLw%2BX2tpUUoDXOH8U%2FvHLFdukheElxTVIUfOjLlGKXeihfIEUGF2ildh7ZaCDE8Drz%2By7gBiAaMTx1hdACwPpzPjHTmyxyRv2TPShA1PZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cf-ray: 8ac35843a972362a-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 Gotham-Book_Web-hint-all.woff2
news24open.com/pf/resources/fonts/gotham/woff2/ 0
0 73ms
72ms Font
text/html 172.67.162.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://news24open.com/pf/resources/fonts/gotham/woff2/Gotham-Book_Web-hint-all.woff2?d=650
Requested by: Host: news24open.com
URL: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.162.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Origin: https://news24open.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 05:14:27 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dt3OS8fXlCk12SUE2q8NaAeFrJ5eWxTsihHygULEF7QEw5gF29i%2BbCit3CZY4FLnijcc1dDhYAet995zLsbgu0Dys%2B%2FYphhh36dCzBMK%2FsR%2FERTG71urgMtXT1MK0c%2FQhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cf-ray: 8ac35843a973362a-FRA
alt-svc: h3=":443"; ma=86400

GET
H2

200

ml.br.js Show response
js.matheranalytics.com/static/ltm/ma21466/72969414/12/
Redirect Chain

https://js.matheranalytics.com/s/ma21466/72969414/ml.js?cb=1661
https://js.matheranalytics.com/static/ltm/ma21466/72969414/12/ml.br.js

150 KB
44 KB

163ms
58ms

Script
application/x-javascript

107.178.250.234
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.matheranalytics.com/static/ltm/ma21466/72969414/12/ml.br.js
Requested by: Host: news24open.com
URL: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Protocol: H2
Server: 107.178.250.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 234.250.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: 84c7ec379b6cab3941819a9d693bcfb74e197fd541956e739ab572fa2acacf1a

Request headers

Referer: https://news24open.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 18:50:24 GMT
content-encoding: br
via: 1.1 google
last-modified: Fri, 28 Jun 2024 18:36:51 GMT
server: nginx
age: 37444
etag: "7832d92f7acc3891aded2ec4e3b8ee23"
vary: Accept-Encoding
x-cache: HIT Fri, 28 Jun 2024 18:49:14 GMT
content-type: application/x-javascript
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44365

Redirect headers

date: Thu, 01 Aug 2024 05:14:27 GMT
via: 1.1 google
server: nginx
vary: Accept-Encoding
location: https://js.matheranalytics.com/static/ltm/ma21466/72969414/12/ml.br.js
cache-control: public, max-age=269200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-served-by: 7-gc-euwest1-xgfw1033

GET
H2 200 / Show response
dallasmorningnews.blueconic.net/DG/DEFAULT/rest/rpc/ 14 B
726 B 194ms
171ms Script
text/javascript 34.203.121.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://dallasmorningnews.blueconic.net/DG/DEFAULT/rest/rpc/?requests=%5B%7B%22method%22%3A%22getProfile%22%2C%22params%22%3A%22null%22%2C%22id%22%3A%221722489267095%22%7D%2C%7B%22method%22%3A%22setProperties%22%2C%22params%22%3A%22%7B%5C%22properties%5C%22%3A%7B%5C%22language%5C%22%3A%5B%5C%22de%5C%22%5D%2C%5C%22currentscreenwidth%5C%22%3A%5B1600%5D%2C%5C%22currentscreenheight%5C%22%3A%5B1200%5D%2C%5C%22currentresolution%5C%22%3A%5B%5C%221600x1200%5C%22%5D%2C%5C%22entrypage%5C%22%3A%5B%5C%22https%3A%2F%2Fnews24open.com%2FksFHSHnn%3Futm_creative%3D5%26utm_campaign%3DNZ%2B40-65%252B%2B%25E2%2580%2594%2B%25D0%259A%25D0%25BE%25D0%25BF%25D0%25B8%25D1%258F%26utm_source%3Dfb%26utm_placement%3DFacebook_Desktop_Feed%26campaign_id%3D6580076270203%26adset_id%3D6580076269603%26ad_id%3D6580076278203%26adset_name%3D40-65%252B%26fbpixel%3D1496647847579922%26s...%2520406%2520...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA%5C%22%5D%2C%5C%22current_utm_source%5C%22%3A%5B%5C%22fb%5C%22%5D%2C%5C%22current_utm_campaign%5C%22%3A%5B%5C%22NZ%2040-65%2B%20%E2%80%94%20%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F%5C%22%5D%2C%5C%22new_visit_bc%5C%22%3A%5B%5C%22true%5C%22%5D%2C%5C%22testgroup%5C%22%3A%5B2%5D%7D%2C%5C%22sources%5C%22%3A%7B%5C%22listenerinteractiontype%5C%22%3A%5B%5C%22language%5C%22%2C%5C%22currentscreenwidth%5C%22%2C%5C%22currentscreenheight%5C%22%2C%5C%22currentresolution%5C%22%2C%5C%22entrypage%5C%22%2C%5C%22current_utm_source%5C%22%2C%5C%22current_utm_campaign%5C%22%5D%2C%5C%22newvisitlistener%5C%22%3A%5B%5C%22new_visit_bc%5C%22%5D%2C%5C%22testgroup_prelistener%5C%22%3A%5B%5C%22testgroup%5C%22%5D%7D%7D%22%2C%22id%22%3A%221722489267096%22%7D%2C%7B%22method%22%3A%22addProperties%22%2C%22params%22%3A%22%7B%5C%22properties%5C%22%3A%7B%5C%22resolution%5C%22%3A%5B%5C%221600x1200%5C%22%5D%2C%5C%22utm_source%5C%22%3A%5B%5C%22fb%5C%22%5D%2C%5C%22utm_campaign%5C%22%3A%5B%5C%22NZ%2040-65%2B%20%E2%80%94%20%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F%5C%22%5D%7D%2C%5C%22sources%5C%22%3A%7B%5C%22listenerinteractiontype%5C%22%3A%5B%5C%22resolution%5C%22%2C%5C%22utm_source%5C%22%2C%5C%22utm_campaign%5C%22%5D%7D%7D%22%2C%22id%22%3A%221722489267097%22%7D%2C%7B%22method%22%3A%22createEvent%22%2C%22params%22%3A%22%7B%5C%22type%5C%22%3A%5B%5C%22PAGEVIEW%5C%22%5D%2C%5C%22referrer%5C%22%3A%5B%5C%22%5C%22%5D%2C%5C%22profile%5C%22%3A%5B%5D%7D%22%2C%22id%22%3A%221722489267098%22%7D%5D&referer=https%3A%2F%2Fnews24open.com%2FksFHSHnn%3Futm_creative%3D5%26utm_campaign%3DNZ%2B40-65%252B%2B%25E2%2580%2594%2B%25D0%259A%25D0%25BE%25D0%25BF%25D0%25B8%25D1%258F%26utm_source%3Dfb%26utm_placement%3DFacebook_Desktop_Feed%26campaign_id%3D6580076270203%26adset_id%3D6580076269603%26ad_id%3D6580076278203%26adset_name%3D40-65%252B%26fbpixel%3D1496647847579922%26s...%2520406%2520...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA&bcsessionid=&bctempid=&overruleReferrer=&time=2024-08-01T07%3A14%3A27%2B02%3A00&callback=bc_json938

Requested by

Host: news24open.com
URL: https://news24open.com/lander/white--2-/js/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.203.121.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-203-121-133.compute-1.amazonaws.com

Software

- /

Resource Hash

121f3ca7a7cce223cf3a53866bac117c79c0466ff3235bdc32f69bed5b853dcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://news24open.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Aug 2024 05:14:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-permitted-cross-domain-policies: master-only
accept-ch: sec-ch-ua-platform-version
content-type: text/javascript; charset=utf-8
p3p: policyref="", CP="DSP"
cache-control: no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag: noindex, nofollow
content-length: 34
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 306 KB
102 KB 79ms
57ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8T538V93BE&l=dataLayer&cx=c

Requested by

Host: news24open.com
URL: https://news24open.com/lander/white--2-/js/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

af4aeb28a95dd0ab421916d2fc73cb0cc558d56b29a1e7ca60907e3b6a120bd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://news24open.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 05:14:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104498
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Aug 2024 05:14:27 GMT

GET
H2 200 /
cmp.osano.com/ Frame 061E 0
0 343ms
56ms Document
text/html 2600:9000:266e:e000:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/

Requested by

Host: news24open.com
URL: https://news24open.com/lander/white--2-/js/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:e000:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://news24open.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age: 8591
alt-svc: h3=":443"; ma=86400
content-encoding: br
content-type: text/html
date: Thu, 01 Aug 2024 02:51:18 GMT
etag: W/"48a0e738f84f45eb10ccd17ff6e09429"
last-modified: Tue, 06 Feb 2024 18:00:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding Origin
via: 1.1 964525de46241eae6ff9f5fb91498662.cloudfront.net (CloudFront)
x-amz-cf-id: jls_-tnZv_KPC-oh2BrQ3vhTgz1ED42UEHh5VAcvxQdJoErfLCgYkg==
x-amz-cf-pop: FRA56-P8
x-amz-server-side-encryption: AES256
x-amz-version-id: POJv8cLnvurN8PIkBGZX7_kfH6.eePMP
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H2 200 en.json
cmp.osano.com/Azyvw2RjdSp1u16xT/06f4b6e8-668b-4351-ace3-868c51b8553b/ Frame 0
0 704ms
417ms Preflight 2600:9000:266e:8600:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/Azyvw2RjdSp1u16xT/06f4b6e8-668b-4351-ace3-868c51b8553b/en.json

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:8600:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://news24open.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 01 Aug 2024 05:14:29 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
via: 1.1 1e0f88a39289286be3e03ff93487da80.cloudfront.net (CloudFront)
x-amz-cf-id: ii4Mpwymc4qD6DJi5oKAjvi8pTBjYUpLvwn2Oeikg8GcqoSbDqrAcg==
x-amz-cf-pop: FRA56-P8
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 404 osano-ui.js
news24open.com/lander/white--2-/js/ 0
0 94ms
87ms Script
text/html 172.67.162.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://news24open.com/lander/white--2-/js/osano-ui.js
Requested by: Host: news24open.com
URL: https://news24open.com/lander/white--2-/js/osano.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.162.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 05:14:27 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lhks%2B0O%2BwjRJJnKbcW2FKAqW542mzjyKBNJ49op2moQjb52dhp0D3Udp0gyCrP4C3mXA53kqTOXxarAZAtQPbzGVDlGN2ASLEs%2BPApIIop5%2B5HmRBQQpvoDo5vtjLVapZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cf-ray: 8ac3584439bf362a-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 en.json Show response
cmp.osano.com/Azyvw2RjdSp1u16xT/06f4b6e8-668b-4351-ace3-868c51b8553b/ 5 KB
3 KB 51ms
42ms XHR
application/json 2600:9000:266e:8600:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/Azyvw2RjdSp1u16xT/06f4b6e8-668b-4351-ace3-868c51b8553b/en.json

Requested by

Host: news24open.com
URL: https://news24open.com/lander/white--2-/js/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:8600:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

36c516bb45ccf7a61a1b11870fac095832f2ba2df0a7282ccdd0bd460b533de7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://news24open.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

x-amz-version-id: msZlNfYT2tBTIzJ7jQhNrdBV9KKQ0qiu
content-encoding: gzip
via: 1.1 1e0f88a39289286be3e03ff93487da80.cloudfront.net (CloudFront)
date: Wed, 31 Jul 2024 07:41:39 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P8
age: 77570
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 17 Apr 2024 18:44:09 GMT
server: AmazonS3
etag: W/"a6ddc8955a39f179a1815acc8f85921a"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=86400, no-transform, public
x-amz-cf-id: 4X6pmJ_EJm79aJkpO6L-JPrDx-KNHP4_JWz7t0rJjnMNhvSilm0xMQ==

GET
H3 404 Gotham-Book_Web-hint-all.woff
news24open.com/pf/resources/fonts/gotham/woff/ 0
0 138ms
118ms Font
text/html 172.67.162.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://news24open.com/pf/resources/fonts/gotham/woff/Gotham-Book_Web-hint-all.woff?d=650
Requested by: Host: news24open.com
URL: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.162.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Origin: https://news24open.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 05:14:27 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s1dU7RQ8WN6h39P%2F5kj7rXPEUuxZWxH8U263hLbz9K7O4c5RRDPtgyjcvbG5MifCRUgxCVDNrpJVmNd4obbJdm3TnfuPMLXX1jC2wTQPFZhHc9sgFFUDJSaoqRehV3xgCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cf-ray: 8ac35844ca27362a-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 Gotham-Bold_Web-hint-all.woff
news24open.com/pf/resources/fonts/gotham/woff/ 0
0 137ms
118ms Font
text/html 172.67.162.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://news24open.com/pf/resources/fonts/gotham/woff/Gotham-Bold_Web-hint-all.woff?d=650
Requested by: Host: news24open.com
URL: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.162.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Origin: https://news24open.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 05:14:27 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d0xP0tWPbGXwM9H7V%2BUDQQnq2QEdtAe93avDLuG4l8G%2FfPRFrgbmo%2BhKBC0A98B2ru8mQDbZRPVGB04wSSv%2BN%2FF7rjLu3sFFITHoXPiyvSAqpAXruneH7CVt9YgWqXNzSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cf-ray: 8ac35844ca29362a-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
31 KB 309ms
131ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: news24open.com
URL: https://news24open.com/lander/white--2-/js/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

edbaba3e33e6e2a28f79590310a693f1a16c4be391f2017a8214809b0a62883f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news24open.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 05:14:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31671
x-xss-protection: 0
server: cafe
etag: 212 / 19936 / 31085685 / config-hash: 558971391453262836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 01 Aug 2024 05:14:28 GMT

GET
H3 200 config.js Show response
cdn.confiant-integrations.net/Rf9SlZEFEoIG5IO3Tb7aSUnvsnc/gpt_and_prebid/ 100 KB
23 KB 601ms
443ms Script
text/javascript 104.18.20.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/Rf9SlZEFEoIG5IO3Tb7aSUnvsnc/gpt_and_prebid/config.js
Requested by: Host: news24open.com
URL: https://news24open.com/lander/white--2-/js/osano.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.20.97 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 716b62d9c1b96d69b382a3c26d583e6c0947ccbc40d18e9f8aa89eb35d99e19a

Request headers

Referer: https://news24open.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 05:14:28 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
x-amz-request-id: Q2PVTBZPD7H1N2QB
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 22660
x-amz-id-2: 3bxkEEAWA79IPodIV5zNuIXoLeGKZUcCrTrsv1CeaMKWyovqSpAT4PSzgX8Q5fNxGu/wMfDolNZski+QXTWwDra7o0mzgrQl
last-modified: Thu, 01 Aug 2024 05:07:41 GMT
server: cloudflare
etag: "b743fa91268ae86c77f3ea1e6aea5e1b"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
cf-ray: 8ac358470ec558f0-TXL

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 312 KB
78 KB 347ms
71ms Script
application/javascript 13.224.186.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: news24open.com
URL: https://news24open.com/lander/white--2-/js/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-120.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 57de7fe2b12a7adf68bde842a680e51423f5fb940c4fbade7dfb721e22907ec8

Request headers

Referer: https://news24open.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 05:13:22 GMT
content-encoding: gzip
via: 1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront), 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
last-modified: Wed, 24 Jul 2024 20:38:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA2-C1
age: 67
x-amz-server-side-encryption: AES256
etag: W/"f3827e9e649a0910d70a775d66bf75b1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: 4Ce4-iOg1E3fn8ycbsPW0h70sXMaZiUXdjdMX6PUNbzGz8QrEF7L2A==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 312ms
47ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: news24open.com
URL: https://news24open.com/lander/white--2-/js/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://news24open.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 01 Aug 2024 03:15:05 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 7163
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 01 Aug 2024 05:15:05 GMT

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 252 B
542 B 516ms
248ms XHR
application/json 2a04:4e42:400::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=dallasnews.com&domain=dallasnews.com&path=%2Fespanol%2Fal-dia%2Fnoticias%2F2016%2F05%2F24%2Fjoaquin-lopez-doriga-deja-el-noticiero-de-televisa%2F
Requested by: Host: news24open.com
URL: https://news24open.com/lander/white--2-/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ab4a483597a5df59e50b6786f26251a8061fe544dbc61eb4113ca2c036833222

Request headers

Referer: https://news24open.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires: Tue, 30 Jul 2024 05:14:28 GMT
date: Thu, 01 Aug 2024 05:14:28 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
age: 0
x-cache: MISS
cross-origin-resource-policy: cross-origin
content-length: 188
x-served-by: cache-mxp6964-MXP
x-timer: S1722489268.477557,VS0,VE106
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 config.json Show response
c.go-mpulse.net/api/ 2 KB
876 B 374ms
77ms XHR
application/json 2a02:26f0:480:39a::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=BSGJQ-G7REA-SZ6BB-4U6F2-E74CA&d=news24open.com&t=5741631&v=1.720.0&sl=0&si=2cdc73c3-6465-4041-853c-807f7c2a569d-shix82&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=548701
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/BSGJQ-G7REA-SZ6BB-4U6F2-E74CA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:39a::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 56bdfad49e2bef588f7c924362f9e44365f552ff3f0bc087400cebabdd7c39d5

Request headers

Referer: https://news24open.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 05:14:28 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
timing-allow-origin: *
alt-svc: h3=":443"; ma=93600
content-length: 692

GET
H2 200 /
cmp.osano.com/ Frame C532 0
0 36ms
36ms Document
text/html 2600:9000:266e:e000:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/

Requested by

Host: news24open.com
URL: https://news24open.com/lander/white--2-/js/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:e000:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://news24open.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age: 8591
alt-svc: h3=":443"; ma=86400
content-encoding: br
content-type: text/html
date: Thu, 01 Aug 2024 02:51:18 GMT
etag: W/"48a0e738f84f45eb10ccd17ff6e09429"
last-modified: Tue, 06 Feb 2024 18:00:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 964525de46241eae6ff9f5fb91498662.cloudfront.net (CloudFront)
x-amz-cf-id: jls_-tnZv_KPC-oh2BrQ3vhTgz1ED42UEHh5VAcvxQdJoErfLCgYkg==
x-amz-cf-pop: FRA56-P8
x-amz-server-side-encryption: AES256
x-amz-version-id: POJv8cLnvurN8PIkBGZX7_kfH6.eePMP
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290101/ 473 KB
148 KB 109ms
104ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290101/pubads_impl.js?cb=31085685

Requested by

Host: news24open.com
URL: https://news24open.com/lander/white--2-/js/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

770e2d6622225b1025023bc4e8d82fb783ecdbaf0a91dbd17231fb8af101a5e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news24open.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 10:00:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69218
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 151361
x-xss-protection: 0
server: cafe
etag: 14018776141689359811
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 31 Jul 2025 10:00:50 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 68 B
72 B 254ms
76ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=news24open.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

110f94c866658f888a5e4f80e477f42dccabc9445560ebec9e49b58d4199b5e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news24open.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 05:14:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48
x-xss-protection: 0
expires: Thu, 01 Aug 2024 05:14:28 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
438 B 347ms
137ms XHR
application/json 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news24open.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 01 Aug 2024 05:14:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://news24open.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 299ms
54ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-8T538V93BE&gtm=45je47v0v881430288z8811953197za200zb811953197&_p=1722489267103&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250753&cid=458597714.1722489269&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dp=%2FksFHSHnn&sid=1722489268&sct=1&seg=0&dl=https%3A%2F%2Fnews24open.com%2FksFHSHnn%3Futm_creative%3D5%26utm_campaign%3DNZ%2B40-65%252B%2B%25E2%2580%2594%2B%25D0%259A%25D0%25BE%25D0%25BF%25D0%25B8%25D1%258F%26utm_source%3Dfb%26utm_placement%3DFacebook_Desktop_Feed%26campaign_id%3D6580076270203%26adset_id%3D6580076269603%26ad_id%3D6580076278203%26adset_name%3D40-65%252B%26fbpixel%3D1496647847579922%26s...%2520406%2520...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA&dt=Kerre%20Woodham%20deja%20%E2%80%9CEl%20Noticiero%E2%80%9D%20de%20Televisa&en=page_view&_fv=1&_nsi=1&_ss=1&ep.contentRestrictions=&ep.author=AGENCIA%20REFORMA%20&ep.article_tags=noticias&ep.headline=Kerre%20Woodham%20deja%20%E2%80%9CEl%20Noticiero%E2%80%9D%20de%20Televisa&ep.hostname=news24open.com&ep.article_publish_time=2016-05-24T03%3A53%3A25.000Z&ep.publish_date=2016-05-23&ep.publish_time=10%3A53%3A25%20PM&ep.article_id=NFGJQOT4T6GUKCBSZWFVDSQEGE&ep.arc_create_date=2019-07-08T17%3A25%3A10.028Z&ep.arc_published=2016-05-24T03%3A53%3A25.000Z&ep.content_group=%20-%20Noticias&ep.page_type=article&ep.parent_section=&ep.primary_section=Noticias&ep.gtm_tag_name=GA4%20-%20Page%20View&upn.dnLoggedIn=0&upn.Subscriber=0&up.InDMAByMetroCode=false&up.InDMAByCity=0&up.outputType=light&up.testGroup=2&up.bc_session_id=not%20found&tfd=2834
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8T538V93BE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://news24open.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Aug 2024 05:14:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://news24open.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
253 B 402ms
119ms Ping
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8T538V93BE&cid=458597714.1722489269&gtm=45je47v0v881430288z8811953197za200zb811953197&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0&tag_exp=95250753
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8T538V93BE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://news24open.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Aug 2024 05:14:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://news24open.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 220ms
57ms Image
image/gif 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8T538V93BE&cid=458597714.1722489269&gtm=45je47v0v881430288z8811953197za200zb811953197&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0&tag_exp=95250753&tag_exp=95250753&z=2097817142

Requested by

Host: news24open.com
URL: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news24open.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Aug 2024 05:14:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 149ms
43ms XHR
application/javascript 13.224.186.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-120.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://news24open.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding: gzip
via: 1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
date: Wed, 31 Jul 2024 06:25:42 GMT
x-amz-cf-pop: FRA2-C1
age: 82128
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: Q9Y-RytO9bZjO5oEfA4MmenxPtlnUqrY7HZ_BqDPWCvM79b98rkBLA==

GET
H3 200 script.js Show response
userstat.net/get/ 129 B
651 B 281ms
157ms Script
text/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userstat.net/get/script.js?referrer=https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Requested by: Host: news24open.com
URL: https://news24open.com/lander/white--2-/js/osano.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.1
Resource Hash: 15ce5c1c9ba32dcc6ad17bb12d61ead8aafba652147c3c51d0e200a16a992d67

Request headers

Referer: https://news24open.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 05:14:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.2.1
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://news24open.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kHCAtfmsv%2FmXsJNv1GgSnlz1l8rAxGc21FtPusAMJ6MAX%2F2G4pUnOmyZ%2BnseQfePJOV1eXeMTiHs%2FAX6JhVT7mSQ7VB9FKV%2Fyc%2F83uWG%2B3FGLK9dr9xwsECfnq4myXw%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8ac3584c3ef49bb0-FRA
access-control-allow-headers: X-Requested-With,content-type
alt-svc: h3=":443"; ma=86400

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 69 KB
25 KB 388ms
252ms Fetch
text/plain 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=1548216901492635&correlator=3649695563336585&eid=31085557%2C31085739%2C31085685%2C31084180%2C95331444%2C31084215%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202407290101&ptt=17&impl=fifs&ltd_cs=1&us_privacy=1---&iu_parts=11222444%2Cdmn%2Cal-dia%2Cnoticias%2Carticle%2CDMNOOP%2CdmnFrontHeaderLeft&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5%2C%2F0%2F1%2F2%2F3%2F4%2F6&prev_iu_szs=1x1%2C120x60&ifi=1&sfv=1-0-40&ists=2&eri=1&sc=1&abxe=1&dt=1722489269229&lmt=1722489269&adxs=0%2C-12245933&adys=0%2C-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fnews24open.com%2FksFHSHnn%3Futm_creative%3D5%26utm_campaign%3DNZ%2B40-65%252B%2B%25E2%2580%2594%2B%25D0%259A%25D0%25BE%25D0%25BF%25D0%25B8%25D1%258F%26utm_source%3Dfb%26utm_placement%3DFacebook_Desktop_Feed%26campaign_id%3D6580076270203%26adset_id%3D6580076269603%26ad_id%3D6580076278203%26adset_name%3D40-65%252B%26fbpixel%3D1496647847579922%26s...%2520406%2520...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA&vis=1&psz=1600x0%7C0x0&msz=1600x0%7C0x0&fws=0%2C128&ohw=0%2C0&topics=5&tps=5&htps=5&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1722489266336&idt=2683&prev_scp=position%3DDMNOOP%7Cposition%3DTopLeft&cust_params=htlbidid%3D31900%26pageType%3Darticle%26site%3DDallas%2520Morning%2520News%26articleId%3DNFGJQOT4T6GUKCBSZWFVDSQEGE%26sectionId%3D%252Fespanol%252Fal-dia%252Fnoticias%26tags%3Dnoticias%26sectionSlice%3Dal-dia%252Fnoticias%26targetingSlice%3Dal-dia%252Fnoticias%252Farticle%26dnLoggedIn%3Dfalse%26isPremiumSubscriber%3Dfalse%26adTrackingConsent%3Dfalse%26outputType%3Dlight%26is_testing%3Dno%26breakpoint%3Ddesktop&adks=3594561138%2C3446898845&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290101/pubads_impl.js?cb=31085685

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

ef433d53a94b11c704b04cedf920d79a9b0ee204b347393ae8a42301601a6d9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news24open.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 05:14:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25758
x-xss-protection: 0
google-lineitem-id: -2,6451239058
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,138464229434
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news24open.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
fee6b4e221be1cf22c8b2751864ae829.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A107 0
0 952ms
551ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fee6b4e221be1cf22c8b2751864ae829.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: news24open.com
URL: https://news24open.com/lander/white--2-/js/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news24open.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 01 Aug 2024 05:14:29 GMT
expires: Thu, 01 Aug 2024 05:14:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
367 B 705ms
368ms XHR
application/json 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news24open.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 01 Aug 2024 05:14:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://news24open.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H/1.1 200
OK 1x1-pixel.png
ams-pageview-public.s3.amazonaws.com/ 68 B
448 B 617ms
218ms Image
image/png 52.217.95.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ams-pageview-public.s3.amazonaws.com/1x1-pixel.png?id=649984ef93a4
Requested by: Host: news24open.com
URL: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.217.95.1 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer: https://news24open.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 05:14:30 GMT
Last-Modified: Mon, 26 Oct 2020 16:52:19 GMT
Server: AmazonS3
x-amz-request-id: 2K3RA6A3H512YS7E
ETag: "91e42db1c66c0b276abf6234dc50b2eb"
Content-Type: image/png
Cache-Control: no-store
Accept-Ranges: bytes
Content-Length: 68
x-amz-id-2: FPQOmLxMnLdL9HgJAQB90zNqhq5IMogdXIrklQcDORh2dR/5Hoa7ty7f+EGAhO+RAQDXxbfv7R4=

GET
BLOB 200
OK 53e4c84d-c57c-42c1-874b-be5730288dd1
https://news24open.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://news24open.com/53e4c84d-c57c-42c1-874b-be5730288dd1
Requested by: Host: news24open.com
URL: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 398be1957b04ff4b5cd8b2ab2c8c5d4cbbf6fe80494683275410f22b2563e116

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H3 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202407090940/ 284 KB
101 KB 60ms
59ms Script
application/javascript 104.18.20.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202407090940/wrap.js
Requested by: Host: news24open.com
URL: https://news24open.com/lander/white--2-/js/osano.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.20.97 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d3ec73884fd2e63fb637af556b4725f116702bab37326dbf7ce0e876d7b1587

Request headers

Referer: https://news24open.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 05:14:29 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: VXWCC8F293C8YEKN
age: 1945003
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 103346
x-amz-id-2: 0NmtBASJmgTE7Nyl4f2io+Qot59SvuYqFWoXFKlcqdtjzRV7GTQed1Stkm1mEwdqtwfvxtvWzw8=
last-modified: Tue, 09 Jul 2024 14:20:21 GMT
server: cloudflare
etag: "76074361c87e7c8d3af88302818b71f9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ac3584dcb4058f0-TXL

GET
BLOB 200
OK 70929aef-d387-4dd9-9900-95d2297e662e
https://news24open.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://news24open.com/70929aef-d387-4dd9-9900-95d2297e662e
Requested by: Host: news24open.com
URL: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 398be1957b04ff4b5cd8b2ab2c8c5d4cbbf6fe80494683275410f22b2563e116

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 38 KB
15 KB 219ms
90ms Script
application/x-javascript 2600:9000:2646:5a00:18:1fcd:354:4b41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: news24open.com
URL: https://news24open.com/lander/white--2-/js/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:5a00:18:1fcd:354:4b41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 3a1f53a72a4ff3c23812f7a06cc3ef3ea1f188046f2c75d9c0b19e1cb2b652a9

Request headers

Referer: https://news24open.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 16:20:37 GMT
content-encoding: gzip
via: 1.1 5cf26f8164e0cad37f6634ff6aeac4ce.cloudfront.net (CloudFront)
last-modified: Wed, 05 Jun 2024 00:13:00 GMT
server: nginx
x-amz-cf-pop: FRA60-P5
age: 46432
etag: W/"665fad8c-9895"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: XELhcFaqZkAvbUv8KkEhcvvYmFBxeWW3jQuHeQxn4GjoYZiBLpDBvg==
expires: Thu, 01 Aug 2024 16:20:37 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
207 B 153ms
46ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1171692305&t=pageview&_s=1&dl=https%3A%2F%2Fnews24open.com%2FksFHSHnn%3Futm_creative%3D5%26utm_campaign%3DNZ%2B40-65%252B%2B%25E2%2580%2594%2B%25D0%259A%25D0%25BE%25D0%25BF%25D0%25B8%25D1%258F%26utm_source%3Dfb%26utm_placement%3DFacebook_Desktop_Feed%26campaign_id%3D6580076270203%26adset_id%3D6580076269603%26ad_id%3D6580076278203%26adset_name%3D40-65%252B%26fbpixel%3D1496647847579922%26s...%2520406%2520...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA&ul=de-de&de=UTF-8&dt=Kerre%20Woodham%20deja%20%E2%80%9CEl%20Noticiero%E2%80%9D%20de%20Televisa&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABAAQCACAAI~&jid=430776483&gjid=1705681543&cid=458597714.1722489269&tid=UA-66844027-2&_gid=938224237.1722489270&_r=1&_slc=1&gtm=45He45k0n81MXT3G5Fv811953197za200&cd8=Kerre%20Woodham%20deja%20%E2%80%9CEl%20Noticiero%E2%80%9D%20de%20Televisa&cd9=NFGJQOT4T6GUKCBSZWFVDSQEGE&cd10=Kerre%20Woodham%20deja%20%E2%80%9CEl%20Noticiero%E2%80%9D%20de%20Televisa&cd11=AGENCIA%20REFORMA%20&cd26=0&cd29=not%20found&cd30=0&cd31=noticias&cd33=Not%20Found&cd34=&cd35=https%3A%2F%2Fwww.dallasnews.com%2Fespanol%2Fal-dia%2Fnoticias%2F2016%2F05%2F24%2Fjoaquin-lopez-doriga-deja-el-noticiero-de-televisa%2F&cd37=0&cd38=light&cd45=0&cd46=0&cd51=0&cd53=2016-05-24T03%3A53%3A25.000Z&cd56=2016-05-23&cd57=10%3A53%3A25%20PM&cd66=NFGJQOT4T6GUKCBSZWFVDSQEGE&cd67=article&cd69=2019-07-08T17%3A25%3A10.028Z&cd70=2016-05-24T03%3A53%3A25.000Z&gcd=13l3l3l3l1&dma=0&z=858358077

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://news24open.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Aug 2024 05:14:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://news24open.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
132 B 133ms
47ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1171692305&t=event&ni=1&_s=1&dl=https%3A%2F%2Fnews24open.com%2FksFHSHnn%3Futm_creative%3D5%26utm_campaign%3DNZ%2B40-65%252B%2B%25E2%2580%2594%2B%25D0%259A%25D0%25BE%25D0%25BF%25D0%25B8%25D1%258F%26utm_source%3Dfb%26utm_placement%3DFacebook_Desktop_Feed%26campaign_id%3D6580076270203%26adset_id%3D6580076269603%26ad_id%3D6580076278203%26adset_name%3D40-65%252B%26fbpixel%3D1496647847579922%26s...%2520406%2520...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA&ul=de-de&de=UTF-8&dt=Kerre%20Woodham%20deja%20%E2%80%9CEl%20Noticiero%E2%80%9D%20de%20Televisa&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=feed-default&ea=visible%7Carticle%7Cright-rail%7C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Top%20Espa%C3%B1ol%20Stories%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20&_u=aADAAEABAAQCACAAI~&jid=&gjid=&cid=458597714.1722489269&tid=UA-66844027-2&_gid=938224237.1722489270&gtm=45He45k0n81MXT3G5Fv811953197za200&cd8=Kerre%20Woodham%20deja%20%E2%80%9CEl%20Noticiero%E2%80%9D%20de%20Televisa&cd9=NFGJQOT4T6GUKCBSZWFVDSQEGE&cd10=Kerre%20Woodham%20deja%20%E2%80%9CEl%20Noticiero%E2%80%9D%20de%20Televisa&cd11=AGENCIA%20REFORMA%20&cd26=0&cd29=not%20found&cd30=0&cd31=noticias&cd33=Not%20Found&cd34=&cd35=https%3A%2F%2Fwww.dallasnews.com%2Fespanol%2Fal-dia%2Fnoticias%2F2016%2F05%2F24%2Fjoaquin-lopez-doriga-deja-el-noticiero-de-televisa%2F&cd37=0&cd38=light&cd45=0&cd46=0&cd51=0&cd53=2016-05-24T03%3A53%3A25.000Z&cd56=2016-05-23&cd57=10%3A53%3A25%20PM&cd66=NFGJQOT4T6GUKCBSZWFVDSQEGE&cd67=article&cd69=2019-07-08T17%3A25%3A10.028Z&cd70=2016-05-24T03%3A53%3A25.000Z&gcd=13l3l3l2l1&dma=0&npa=1&z=1382841517

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://news24open.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jul 2024 15:04:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 51018
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 130ms
45ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1171692305&t=event&ni=1&_s=1&dl=https%3A%2F%2Fnews24open.com%2FksFHSHnn%3Futm_creative%3D5%26utm_campaign%3DNZ%2B40-65%252B%2B%25E2%2580%2594%2B%25D0%259A%25D0%25BE%25D0%25BF%25D0%25B8%25D1%258F%26utm_source%3Dfb%26utm_placement%3DFacebook_Desktop_Feed%26campaign_id%3D6580076270203%26adset_id%3D6580076269603%26ad_id%3D6580076278203%26adset_name%3D40-65%252B%26fbpixel%3D1496647847579922%26s...%2520406%2520...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA&ul=de-de&de=UTF-8&dt=Kerre%20Woodham%20deja%20%E2%80%9CEl%20Noticiero%E2%80%9D%20de%20Televisa&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=feed-default&ea=visible%7Carticle%7Cright-rail%7C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20More%20Stories%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20&_u=aADAAEABAAQCACAAI~&jid=&gjid=&cid=458597714.1722489269&tid=UA-66844027-2&_gid=938224237.1722489270&gtm=45He45k0n81MXT3G5Fv811953197za200&cd8=Kerre%20Woodham%20deja%20%E2%80%9CEl%20Noticiero%E2%80%9D%20de%20Televisa&cd9=NFGJQOT4T6GUKCBSZWFVDSQEGE&cd10=Kerre%20Woodham%20deja%20%E2%80%9CEl%20Noticiero%E2%80%9D%20de%20Televisa&cd11=AGENCIA%20REFORMA%20&cd26=0&cd29=not%20found&cd30=0&cd31=noticias&cd33=Not%20Found&cd34=&cd35=https%3A%2F%2Fwww.dallasnews.com%2Fespanol%2Fal-dia%2Fnoticias%2F2016%2F05%2F24%2Fjoaquin-lopez-doriga-deja-el-noticiero-de-televisa%2F&cd37=0&cd38=light&cd45=0&cd46=0&cd51=0&cd53=2016-05-24T03%3A53%3A25.000Z&cd56=2016-05-23&cd57=10%3A53%3A25%20PM&cd66=NFGJQOT4T6GUKCBSZWFVDSQEGE&cd67=article&cd69=2019-07-08T17%3A25%3A10.028Z&cd70=2016-05-24T03%3A53%3A25.000Z&gcd=13l3l3l2l1&dma=0&npa=1&z=1326555677

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://news24open.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jul 2024 15:04:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 51018
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 640ms
120ms Image
image/gif 34.206.22.44
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=dallasnews.com&p=%2Fespanol%2Fal-dia%2Fnoticias%2F2016%2F05%2F24%2Fjoaquin-lopez-doriga-deja-el-noticiero-de-televisa%2F&u=vOvpWDvX5MRD8gmUF&d=dallasnews.com&g=38837&g0=espanol&g1=AGENCIA%20REFORMA%20&n=1&f=00001&c=0&x=0&m=0&y=3288&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fnews24open.com%2FksFHSHnn%3Futm_creative%3D5%26utm_campaign%3DNZ%2B40-65%252B%2B%25E2%2580%2594%2B%25D0%259A%25D0%25BE%25D0%25BF%25D0%25B8%25D1%258F%26utm_source%3Dfb%26utm_placement%3DFacebook_Desktop_Feed%26adset_id%3D6580076269603%26ad_id%3D6580076278203%26adset_name%3D40-65%252B%26fbpixel%3D1496647847579922&b=4396&_c=NZ%2040-65%2B%20%E2%80%94%20%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&_x=fb&t=NqMAeC4DZDfDIqvOVzVWWgCLU4NY&V=147&i=Kerre%20Woodham%20deja%20%E2%80%9CEl%20Noticiero%E2%80%9D%20de%20Televisa&tz=-120&_acct=anon&sn=1&sv=DokiRrDIXEpdYu_m2CisfA0BHq44V&sr=external&sd=1&im=067bfcdf&_
Requested by: Host: news24open.com
URL: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.22.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-22-44.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://news24open.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires: 0
pragma: no-cache
date: Thu, 01 Aug 2024 05:14:31 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
content-type: image/gif

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 9BC9 0
0 280ms
107ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssoD0D4MBwJfKCQ8GvD95712OTHK2c02UJF2JcwwbQW5M3KZ56LZyTDmQ6OKd-pBvsqqvn3pEw5wyBNjliVbdwlPxo5TrGGMu6F_z23c1mWInqS6Gtj6Gg84rkiR6aXyc1t0U-DEagCPeyJmgPYwSyxbSr_Qm1_TgpVMDAobXneaeg4nxI9RNMiVCaafmm0drFSTYX89ndzb6oftS_0XCTK5OHME5-lWUHRQzM5TQXR3D9dYD2Rgdbz6mMvtZIsqXJL1VlxRByeL4OVMlnZf3OPkrzUd1sc8OOZKiFrqmYz40SAXj7lOHHyqqgC-T8YJmkhj_1Ot-ktPnpjQqvVzMHWzSAwzQ1PVCyfjYugFpJ5fSIinOVzA9rdazMXph0Qpjs7lFrQC3w&sig=Cg0ArKJSzC9kUIDt2Q56EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news24open.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 05:14:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240729/r20110914/ Frame 9BC9 23 KB
9 KB 379ms
226ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240729/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

3afc6e6ea738015fcbae182b646af4f9422061fb8ba9a12c81cf2c21cbeecfb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news24open.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 14:25:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53324
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9154
x-xss-protection: 0
server: cafe
etag: 8073649742855810715
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Aug 2024 14:25:46 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240729/r20110914/client/ Frame 9BC9 3 KB
1 KB 379ms
226ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240729/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news24open.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 14:25:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53324
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Aug 2024 14:25:46 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 9BC9 203 KB
63 KB 228ms
75ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

84b2a8c2c5bde5b690dc44c9d525edc8113d18cd7bf516ad8fa93c782c02a443

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news24open.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 05:01:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 800
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64460
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-9
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 01 Aug 2024 06:01:10 GMT

GET
H2 200 2696895146247139557
tpc.googlesyndication.com/simgad/ Frame 9BC9 6 KB
6 KB 254ms
66ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2696895146247139557

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05d44ad99ee40499da6270b5a8ca341920e9d96970be59ddc9cfca2438461a6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news24open.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Tue, 30 Jul 2024 15:58:29 GMT
x-content-type-options: nosniff
age: 134161
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5639
x-xss-protection: 0
last-modified: Fri, 09 Feb 2024 16:23:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Jul 2025 15:58:29 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 77ms
57ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-8T538V93BE&gtm=45je47v0v881430288z8811953197za200zb811953197&_p=1722489267103&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250753&cid=458597714.1722489269&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&dp=%2FksFHSHnn&sid=1722489268&sct=1&seg=0&dl=https%3A%2F%2Fnews24open.com%2FksFHSHnn%3Futm_creative%3D5%26utm_campaign%3DNZ%2B40-65%252B%2B%25E2%2580%2594%2B%25D0%259A%25D0%25BE%25D0%25BF%25D0%25B8%25D1%258F%26utm_source%3Dfb%26utm_placement%3DFacebook_Desktop_Feed%26campaign_id%3D6580076270203%26adset_id%3D6580076269603%26ad_id%3D6580076278203%26adset_name%3D40-65%252B%26fbpixel%3D1496647847579922%26s...%2520406%2520...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA&dt=Kerre%20Woodham%20deja%20%E2%80%9CEl%20Noticiero%E2%80%9D%20de%20Televisa&_s=2&tfd=4678
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8T538V93BE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://news24open.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 01 Aug 2024 05:14:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://news24open.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 9BC9 0
0 78ms
76ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvc_icrG_ArknmaqPf03Bos2LYzi1vb1pqokXZo0YfIG1V-E8G3wrFolKHMJ7Ey6hUqjIDzC16pVSILIYrsJLOcZIbBYudB2gQxmdifmnY6N86OaAE76FWtVOZMrVzea0N_BPXBaQ01AhZ2B_biRnSbbx7GIp9ZW_zR1k6odORzTejMPvwFUNDGfG9n4iTlHCo2JXzNLgC4Mj0sFk702twJFuWeX_j7OQKi5qYlgh201tHHS9mEDsJx_anqB0xcp86b07yvabR9E270s-413c2soHvAWR5mrDMi8NpC0W3Yj_mniBJ_7994FEQFSrmHHDu70TmzUwzz9tmwekKQKG-ydNw18dgBcQcekPpKfJupbMxQfM2d_IoP7w63WagdJQPrysqQXEJXnQ&sig=Cg0ArKJSzMrw50tYzI3UEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news24open.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 05:14:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9BC9 0
0 78ms
77ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news24open.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Aug 2024 05:14:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 130ms
130ms Image
image/gif 54.145.241.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNjQ1MTIzOTA1OCIsImVidXkiOiIzMzAwNzgxMTg4IiwiZWFkdiI6IjUyMjM2MzQyODgiLCJlY2lkIjoiMTM4NDY0MjI5NDM0IiwiZWVudiI6ImoiLCJlcGlkIjoiMjE4NDIzMjI5NDMiLCJlc2lkIjoiMTAyMjI1NjQifQ&tv=js-3.0.162&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=de-DE&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=11&tvcfg=js&tid=479a78e6-85c8-4ac1-bc7b-c6452f6c6d97&pid=6b1b6db5-a7b3-4b9a-860a-97ffa7c23385&dtm=1722489271183&qnm=_matherq&visible=1&tabid=4ea280ef-6043-41cb-9115-d83f2de61bd7&url=https%3A%2F%2Fnews24open.com%2FksFHSHnn%3Futm_creative%3D5%26utm_campaign%3DNZ%2B40-65%252B%2B%25E2%2580%2594%2B%25D0%259A%25D0%25BE%25D0%25BF%25D0%25B8%25D1%258F%26utm_source%3Dfb%26utm_placement%3DFacebook_Desktop_Feed%26campaign_id%3D6580076270203%26adset_id%3D6580076269603%26ad_id%3D6580076278203%26adset_name%3D40-65%252B%26fbpixel%3D1496647847579922%26s...%2520406%2520...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA&curl=https%3A%2F%2Fwww.dallasnews.com%2Fespanol%2Fal-dia%2Fnoticias%2F2016%2F05%2F24%2Fjoaquin-lopez-doriga-deja-el-noticiero-de-televisa%2F&vp=1600x1200&ds=1600x3288&tofa=1722489267&vid=1&lvidt=1722489267&duid=da11a6c3-39a8-48ed-8ef3-8a31f3bd75a6&fp=3277385531&cid=ma21466&mrk=72969414
Requested by: Host: news24open.com
URL: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.145.241.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-145-241-159.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://news24open.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif
Date: Thu, 01 Aug 2024 05:14:31 GMT
Connection: keep-alive
Content-Length: 43
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
13 KB 286ms
282ms XHR
application/json 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202407290101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407290101/pubads_impl.js?cb=31085685

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

43b7b35e95bdf1dd9fb22185f7921816c46ed078d8edc34dd7bfa85d9bd6da48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news24open.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 05:14:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12882
x-xss-protection: 0

GET
H3 404 favicon.ico
news24open.com/ 548 B
535 B 86ms
82ms Other
text/html 172.67.162.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://news24open.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.162.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Referer: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 05:14:31 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3dZG7bgx5CnOMipZVxHmw6lm5nkXlrFeD%2BqCjDuZRrmym9y0%2FWdWkRYirVwQzpYjlIZWB6yA%2BZLTbA1m06w2Q3mzanFYQ%2BV2%2FcyoYoouAFgo1QwAPFIYRzXx8F%2FhiDMEHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cf-ray: 8ac3585afde0362a-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1

200
OK

results.txt Show response
kd7qo2qccn7jgzvldg3q-pvl5fd-3f576875b-clientnsv4-s.akamaihd.net/eum/
Redirect Chain

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pvl5fdm6b
https://kd7qo2qccn7jgzvldg3q-pvl5fd-3f576875b-clientnsv4-s.akamaihd.net/eum/results.txt

8 B
312 B

266ms
41ms

XHR
text/plain

2.19.126.147
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://kd7qo2qccn7jgzvldg3q-pvl5fd-3f576875b-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Server: 2.19.126.147 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-147.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Referer: https://news24open.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 05:14:32 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://kd7qo2qccn7jgzvldg3q-pvl5fd-3f576875b-clientnsv4-s.akamaihd.net/eum/results.txt
Access-Control-Allow-Origin: *
Date: Thu, 01 Aug 2024 05:14:31 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

results.txt Show response
fiaqjiathaajekqce3yajaaab5tkwgnx-pvl5fd-9557f0ada-clienttons-s.akamaihd.net/eum/
Redirect Chain

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pvl5fdm6b
https://fiaqjiathaajekqce3yajaaab5tkwgnx-pvl5fd-9557f0ada-clienttons-s.akamaihd.net/eum/results.txt

8 B
312 B

264ms
43ms

XHR
text/plain

2a02:26f0:480:f::213:7ee3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://fiaqjiathaajekqce3yajaaab5tkwgnx-pvl5fd-9557f0ada-clienttons-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Server: 2a02:26f0:480:f::213:7ee3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Referer: https://news24open.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 01 Aug 2024 05:14:32 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://fiaqjiathaajekqce3yajaaab5tkwgnx-pvl5fd-9557f0ada-clienttons-s.akamaihd.net/eum/results.txt
Access-Control-Allow-Origin: *
Date: Thu, 01 Aug 2024 05:14:31 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: news24open.com
URL: https://news24open.com/lander/white--2-/js/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news24open.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 05:14:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 01 Aug 2024 05:14:31 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4816 0
0 344ms
39ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: news24open.com
URL: https://news24open.com/lander/white--2-/js/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news24open.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 130271
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 30 Jul 2024 17:03:21 GMT
expires: Wed, 30 Jul 2025 17:03:21 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 /
0217991d.akstat.io/ 0
225 B 143ms
136ms Ping
image/gif 2a02:26f0:480:d8f::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://0217991d.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/BSGJQ-G7REA-SZ6BB-4U6F2-E74CA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:d8f::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://news24open.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 01 Aug 2024 05:14:32 GMT
content-type: image/gif
access-control-allow-origin: https://news24open.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=93600
x-xss-protection: 0
expires: Thu, 01 Aug 2024 05:14:32 GMT

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

POST
H3 204 collect
region1.analytics.google.com/g/ 0
0 57ms
57ms Fetch
text/plain 216.239.34.36

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-8T538V93BE&gtm=45je47v0v881430288za200zb811953197&_p=1722489267103&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250753&cid=458597714.1722489269&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEI&_s=3&dp=%2FksFHSHnn&sid=1722489268&sct=1&seg=0&dl=https%3A%2F%2Fnews24open.com%2FksFHSHnn%3Futm_creative%3D5%26utm_campaign%3DNZ%2B40-65%252B%2B%25E2%2580%2594%2B%25D0%259A%25D0%25BE%25D0%25BF%25D0%25B8%25D1%258F%26utm_source%3Dfb%26utm_placement%3DFacebook_Desktop_Feed%26campaign_id%3D6580076270203%26adset_id%3D6580076269603%26ad_id%3D6580076278203%26adset_name%3D40-65%252B%26fbpixel%3D1496647847579922%26s...%2520406%2520...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA&dt=Kerre%20Woodham%20deja%20%E2%80%9CEl%20Noticiero%E2%80%9D%20de%20Televisa&en=ad_impression&ep.contentRestrictions=&ep.author=AGENCIA%20REFORMA%20&ep.article_tags=noticias&ep.headline=Kerre%20Woodham%20deja%20%E2%80%9CEl%20Noticiero%E2%80%9D%20de%20Televisa&ep.hostname=news24open.com&ep.article_publish_time=2016-05-24T03%3A53%3A25.000Z&ep.publish_date=2016-05-23&ep.publish_time=10%3A53%3A25%20PM&ep.article_id=NFGJQOT4T6GUKCBSZWFVDSQEGE&ep.arc_create_date=2019-07-08T17%3A25%3A10.028Z&ep.arc_published=2016-05-24T03%3A53%3A25.000Z&ep.content_group=%20-%20Noticias&ep.page_type=article&ep.parent_section=&ep.primary_section=Noticias&ep.query_id=CLzso8iE04cDFfWJgwcd0scKRg&_et=766&tfd=9678
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8T538V93BE&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.34.36 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://news24open.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Aug 2024 05:14:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://news24open.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dallasmorningnews.blueconic.net
URL: https://dallasmorningnews.blueconic.net/DG/DEFAULT/rest/rpc/937?referer=https%3A%2F%2Fnews24open.com%2FksFHSHnn%3Futm_creative%3D5%26utm_campaign%3DNZ%2B40-65%252B%2B%25E2%2580%2594%2B%25D0%259A%25D0%25BE%25D0%25BF%25D0%25B8%25D1%258F%26utm_source%3Dfb%26utm_placement%3DFacebook_Desktop_Feed%26campaign_id%3D6580076270203%26adset_id%3D6580076269603%26ad_id%3D6580076278203%26adset_name%3D40-65%252B%26fbpixel%3D1496647847579922%26s...%2520406%2520...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA&bcsessionid=&bctempid=&overruleReferrer=&time=2024-08-01T07%3A14%3A27%2B02%3A00&ts=1722489267095

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202407290101&jk=1548216901492635&bg=!7-yl7KPNAAZTFZZkcxU7ADQBe5WfOFCY_2mTRx090WyfAG3MNViRar7xGm96Zji-_BHsw4BoKb3NBJNHjV0xWC4xiPUUAgAAAMFSAAAABWgBB34ANrge1gIRBxG1s0kYm6nLyo-QakjU14AlzkrZ8UVJSVY6S3l75_wqYc23Twm0Egya3w75q6CDDZkC8Svf6Cy4HgOl3bLbVZdNQjM5VqWnSZalTgQ17jbeP_DGEKsQYMwbJ1EMi04G7BJGyWsxCImtwi3m2X56sEVvbjQY9H33fjJMaPuB5O4uyN_iBVdp1YkhlFJbqegkPy0iQklJtBf-FnmdpS4J000N3BzZSOYKf5BdqiWwT1MntFxxhWMjkGlc-zHe5g9Fqf4L5IddM8155i0hLGJpQcUVKD2Hl60PJPKY-iU6acFJTPvz13gOrLlofwaSpUpd78OvwolFEQ3_nlWuW5ohjHwQPSmFFz74fGUdOYKU41rdXzTLkte3mawf45fs7CAvxtIJI8a_MqHM8pD5bCx4N3mMwpxvJxMUFcleoFvz4LnA5TE3pb7srhfaXafwkpXiqJoKvEdRe64r_yKwWRBz2PO7_dLwbSQz6od4eQG8sgDbq96JLJkfN1-7oLFWlA8s-RfeLJjJukRCFW_spv5dmA-cVKw269UzBlg1KnHO3t84VF6ZGKJm-mTigACtampQ_QeUPPqAu3OsI3vawEiGBEKXj3oKvFIsCFTkm9jJx0V9ma74r5GyAtNqp619fm8_PwmuaF4H9Ye19u9JJLJCsh1uUsjPg83lguVHJMODOHpVQzMapoQFLSal24Q8bedqAds-Mc_NgNKqUYT3bchHm5dMbytkaIhgxNKWLxpqw8LtYsPcQ7C033CuKbTgWUl01hfRZa-CXX2n9njcgB_o1v4yI3KEHRMUsiJzKS9ml6yFmmgMddAEYwlIUF9wLkdPPUSudWAUZEGHV6v0YLy2e-ZAK86NAZV7yJVxYXxvER4TmO3uket2xAxC1oKcedfwq6Sa4pqCo-Agzc7o8W-BfDht7vjKp-FJWVlrbxnzcA5gzdiugzIKdfCiylkUWgTqptr8afb3TaN6d8ckNFhc4ws3d7844pTS0-RFu6dN6JE2qOyWC3rFXxR0p7tn1wB7x7POt9v9vUA_pDjQM6FEZMWSylK07cDVa5gq2EDUq5wh-hRuJw

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
news24open.com/	1970-01-20 23:12:47	Name: _subid Value: nvlutp12vool
news24open.com/	1970-01-21 08:04:09	Name: 5d608 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjk1MTU3XCI6MTcyMjQ4OTI2Nn0sXCJjYW1wYWlnbnNcIjp7XCIxMTg4NlwiOjE3MjI0ODkyNjZ9LFwidGltZVwiOjE3MjI0ODkyNjZ9In0.r2B4yiZ-hWwV4yEhNYCBgb0pnqxKxjPmE_1Bi_7PkU4
news24open.com/	1969-12-31 23:59:59	Name: 08374fe6lp11886 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoiODI1MSJ9.drZ0rW3EN5nBWGNuP361lE6ARaAf04scAQMiQrzn7V4
news24open.com/	1969-12-31 23:59:59	Name: 08374fe6lp11886ip Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoiXCIyYTAxOjRhMDoxMzM4OjkyOjoxMlwiIn0.ry54SM50qyxhm3aiADmYnKtInXMTYMmHeUnHTCVzyCA
.news24open.com/	1970-01-20 22:28:11	Name: _ml_ses Value: *
news24open.com/	1970-01-21 07:13:45	Name: last_visit_bc Value: 1722489267076
.news24open.com/	1970-01-21 07:13:45	Name: bc_tstgrp Value: 2
news24open.com/	1970-01-20 22:28:49	Name: PHPREFS Value: full
dallasmorningnews.blueconic.net/	1970-01-20 22:38:14	Name: AWSALBCORS Value: 5ZqdAkJSTA5t/M1hWKvl36Ks97y1+qQ7D0W/fHunFIRJ5V/t5abPMpxI8CFIWeTZToFMJ/xCr5NvpfO2OTIKhvbrjdGPNwCRedLdjYwCsNdRwFgfiaQ2USskRQzA
news24open.com/	1970-01-20 22:38:14	Name: sharedid Value: 8bda1c0c-1013-4da8-9383-c2caa3e15c36
news24open.com/	1970-01-20 22:38:14	Name: sharedid_cst Value: VyxHLMwsHQ%3D%3D
.news24open.com/	1970-01-20 22:28:12	Name: AMP_TOKEN Value: %24NOT_FOUND
.news24open.com/	1970-01-21 08:04:09	Name: _ga Value: GA1.2.458597714.1722489269
.news24open.com/	1970-01-20 22:29:35	Name: _gid Value: GA1.2.938224237.1722489270
.news24open.com/	1970-01-20 22:28:09	Name: _gat_UA-66844027-2 Value: 1
.news24open.com/	1970-01-21 07:56:57	Name: _chartbeat2 Value: .1722489270358.1722489270358.1.DokiRrDIXEpdYu_m2CisfA0BHq44V.1
.news24open.com/	1970-01-21 08:04:09	Name: _ga_8T538V93BE Value: GS1.1.1722489268.1.0.1722489270.58.0.0
.news24open.com/	1970-01-21 08:04:09	Name: _ml_id Value: da11a6c3-39a8-48ed-8ef3-8a31f3bd75a6.1722489267.1.1722489271.1722489267

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://news24open.com/lander/white--2-/pf/resources/fonts/gotham/woff2/Gotham-Book_Web-kern-latin.woff2?d=650 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://news24open.com/lander/white--2-/pf/resources/fonts/gotham/woff2/Gotham-Bold_Web-kern-latin.woff2?d=650 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://news24open.com/lander/white--2-/EO4AJRLMAH4LVKXTQILAPFVQIM.jpg Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://news24open.com/ksFHSHnn?utm_creative=5&utm_campaign=NZ+40-65%2B+%E2%80%94+%D0%9A%D0%BE%D0%BF%D0%B8%D1%8F&utm_source=fb&utm_placement=Facebook_Desktop_Feed&campaign_id=6580076270203&adset_id=6580076269603&ad_id=6580076278203&adset_name=40-65%2B&fbpixel=1496647847579922&s...%20406%20...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA(Line 1652) Message: Access to XMLHttpRequest at 'https://dallasmorningnews.blueconic.net/DG/DEFAULT/rest/rpc/937?referer=https%3A%2F%2Fnews24open.com%2FksFHSHnn%3Futm_creative%3D5%26utm_campaign%3DNZ%2B40-65%252B%2B%25E2%2580%2594%2B%25D0%259A%25D0%25BE%25D0%25BF%25D0%25B8%25D1%258F%26utm_source%3Dfb%26utm_placement%3DFacebook_Desktop_Feed%26campaign_id%3D6580076270203%26adset_id%3D6580076269603%26ad_id%3D6580076278203%26adset_name%3D40-65%252B%26fbpixel%3D1496647847579922%26s...%2520406%2520...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA&bcsessionid=&bctempid=&overruleReferrer=&time=2024-08-01T07%3A14%3A27%2B02%3A00&ts=1722489267095' from origin 'https://news24open.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://dallasmorningnews.blueconic.net/DG/DEFAULT/rest/rpc/937?referer=https%3A%2F%2Fnews24open.com%2FksFHSHnn%3Futm_creative%3D5%26utm_campaign%3DNZ%2B40-65%252B%2B%25E2%2580%2594%2B%25D0%259A%25D0%25BE%25D0%25BF%25D0%25B8%25D1%258F%26utm_source%3Dfb%26utm_placement%3DFacebook_Desktop_Feed%26campaign_id%3D6580076270203%26adset_id%3D6580076269603%26ad_id%3D6580076278203%26adset_name%3D40-65%252B%26fbpixel%3D1496647847579922%26s...%2520406%2520...ifg_aem_XQ2eq9mXkEjIdCWWACzzQA&bcsessionid=&bctempid=&overruleReferrer=&time=2024-08-01T07%3A14%3A27%2B02%3A00&ts=1722489267095 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://news24open.com/pf/resources/fonts/gotham/woff2/Gotham-Book_Web-hint-all.woff2?d=650 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://news24open.com/pf/resources/fonts/gotham/woff2/Gotham-Bold_Web-hint-all.woff2?d=650 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://news24open.com/pf/resources/fonts/gotham/woff/Gotham-Bold_Web-hint-all.woff?d=650 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://news24open.com/pf/resources/fonts/gotham/woff/Gotham-Book_Web-hint-all.woff?d=650 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://news24open.com/lander/white--2-/js/osano-ui.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://news24open.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0217991d.akstat.io
ampcid.google.com
ampcid.google.de
ams-pageview-public.s3.amazonaws.com
c.amazon-adsystem.com
c.go-mpulse.net
cdn.confiant-integrations.net
cmp.osano.com
dallasmorningnews.blueconic.net
fee6b4e221be1cf22c8b2751864ae829.safeframe.googlesyndication.com
fiaqjiathaajekqce3yajaaab5tkwgnx-pvl5fd-9557f0ada-clienttons-s.akamaihd.net
htlbid.com
js.matheranalytics.com
kd7qo2qccn7jgzvldg3q-pvl5fd-3f576875b-clientnsv4-s.akamaihd.net
mab.chartbeat.com
news24open.com
pagead2.googlesyndication.com
ping.chartbeat.net
region1.analytics.google.com
s.go-mpulse.net
securepubads.g.doubleclick.net
static.chartbeat.com
stats.g.doubleclick.net
tpc.googlesyndication.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
userstat.net
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.i.matheranalytics.com
dallasmorningnews.blueconic.net
pagead2.googlesyndication.com
104.18.20.97
107.178.250.234
13.224.186.120
13.32.27.92
142.250.186.131
142.250.186.66
172.67.162.237
188.114.97.3
2.19.126.147
2001:4860:4802:32::36
216.239.34.36
216.58.206.34
2600:9000:2646:5a00:18:1fcd:354:4b41
2600:9000:266e:8600:3:b7e:8940:93a1
2600:9000:266e:e000:3:b7e:8940:93a1
2606:4700:3032::ac43:a2ed
2a00:1450:4001:801::2008
2a00:1450:4001:806::200e
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::200e
2a00:1450:4001:828::2001
2a00:1450:4001:82f::200e
2a00:1450:400c:c06::9a
2a02:26f0:480:39a::11a6
2a02:26f0:480:d8f::11a6
2a02:26f0:480:f::213:7ec8
2a02:26f0:480:f::213:7ee3
2a04:4e42:400::714
34.203.121.133
34.206.22.44
52.217.95.1
54.145.241.159
0026acc8c42b8e7f2b7cd7196df0fd5c4215e663b17f455694bd4d9abb2e1369
00f96a430ce1f78bdfb7501b0ff2e5ea71a0277502e465fdf1eda69060eda97a
05d44ad99ee40499da6270b5a8ca341920e9d96970be59ddc9cfca2438461a6d
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
110f94c866658f888a5e4f80e477f42dccabc9445560ebec9e49b58d4199b5e5
121f3ca7a7cce223cf3a53866bac117c79c0466ff3235bdc32f69bed5b853dcd
1276539ffd96d382638d4658a98726f7dfdf533e014eb0f24f112de3559ca17b
15baefcf5a97a4aa502380191c153c89b99fdff92e709d6eb4b438a9133a1eb5
15ce5c1c9ba32dcc6ad17bb12d61ead8aafba652147c3c51d0e200a16a992d67
18c5d0985737e311ccaafa2aa98c38958ac96f7766cd532c563f4350edae2514
19ba9846381f2de19bff982ee4a7a4ad9289b87cb2f54ff87523fb6510ad3e98
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d3ec73884fd2e63fb637af556b4725f116702bab37326dbf7ce0e876d7b1587
258751aa13536e1fbb3256b102e84d1848b54481bb40bc323e547807624e1c48
28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b
319a4d261f8433591b683e3f488cdef2b6b7e738982606e6cbdff0bc96e1f808
31f1fecdab9f152b566470e7bf4d24ac6d6f42c71d106e89f36d4a1b08da05a4
36c516bb45ccf7a61a1b11870fac095832f2ba2df0a7282ccdd0bd460b533de7
398be1957b04ff4b5cd8b2ab2c8c5d4cbbf6fe80494683275410f22b2563e116
3a1f53a72a4ff3c23812f7a06cc3ef3ea1f188046f2c75d9c0b19e1cb2b652a9
3ad7b33e22257bb3b53ee21f07253af2a36d8f4ffc39913b672b595b03a94ea8
3afc6e6ea738015fcbae182b646af4f9422061fb8ba9a12c81cf2c21cbeecfb3
3c83afd33e06c7a0b345273d10b4cdfd54fb82fd9941a57840740ed81202e3a9
3e28dc3142795a309fb9e584a8f9c0e286ae946a50b4081d8f8ef1b4bedec8e7
3ffcc47413c7b4e562bb6d5f35073f12c3a54019feb1f691eeb32049dba3316b
43b7b35e95bdf1dd9fb22185f7921816c46ed078d8edc34dd7bfa85d9bd6da48
55515df4f1ebcfc3e854d571e7fda4cac4fea77be7038469eb142043c511cf30
56bdfad49e2bef588f7c924362f9e44365f552ff3f0bc087400cebabdd7c39d5
579ee4f14d0c55c0429e95d5328331e314c6c494b3000a6ae716ac15392a033a
57de7fe2b12a7adf68bde842a680e51423f5fb940c4fbade7dfb721e22907ec8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
6a8e120d4014756b8d45064b40fb25e46ab4c0226daf69598801e0bbd8a92e50
6b21a5c684da2990ab5bc3376153839168a9b119a95b174a71759c926c9b1ce2
716b62d9c1b96d69b382a3c26d583e6c0947ccbc40d18e9f8aa89eb35d99e19a
770e2d6622225b1025023bc4e8d82fb783ecdbaf0a91dbd17231fb8af101a5e9
793ec1b6519d67820cbffc2057a0242fa63a1c35c7a38b478c5ef3c76beb9945
79ae83d24ae04295e506c49f7e11098cb5b632fe7ea38691943cef97518187a6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84b2a8c2c5bde5b690dc44c9d525edc8113d18cd7bf516ad8fa93c782c02a443
84c7ec379b6cab3941819a9d693bcfb74e197fd541956e739ab572fa2acacf1a
94d2f1b2d7e7ce90be43d1b850a4b8aaaa736bc17af23dc82a5d7622d9c6c91d
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
a22592e8eb3acfae27c26f4e51cc477c5ca8b8ff43bcf3a613ea8adcf4bf9486
ab4a483597a5df59e50b6786f26251a8061fe544dbc61eb4113ca2c036833222
af4aeb28a95dd0ab421916d2fc73cb0cc558d56b29a1e7ca60907e3b6a120bd8
bd8e859af8655f7e96a6f5b5f71cc28152a677b8cea6108e3010aab8e485df07
c124b885ae4cdd4ebb106f3b87dd694494a3f3151b1bb541acc744ffe3bab3c4
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1ced19fd0d79fe458138eef227db8b098b35770390a94a0b0095a5b2106967c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edbaba3e33e6e2a28f79590310a693f1a16c4be391f2017a8214809b0a62883f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef433d53a94b11c704b04cedf920d79a9b0ee204b347393ae8a42301601a6d9e
f4e5452ff0ae2c43b5264144c658f1647632a3d1d47f7f62d9e6161a16a702d5
fe2f10e0872d89e50abbf3588ba2048987ea8e1ee497afd7fa9eee9c70274135

news24open.com Open in urlscan Pro 2606:4700:3032::ac43:a2ed Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

91 Requests

91 %HTTPS

53 %IPv6

20 Domains

31 Subdomains

32 IPs

5 Countries

1938 kBTransfer

6639 kBSize

18 Cookies

0 Outgoing links

Redirected requests

91 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

news24open.com Open in urlscan Pro
2606:4700:3032::ac43:a2ed Public Scan

Screenshot
Live screenshot

Full Image

91
Requests

91 %
HTTPS

53 %
IPv6

20
Domains

31
Subdomains

32
IPs

5
Countries

1938 kB
Transfer

6639 kB
Size

18
Cookies

91 HTTP transactions
0 data transactions