urlscan.io logo urlscan.io
SecurityTrails logo

herenewing.com Open in urlscan Pro
13.35.93.72  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://herenewing.com/
Effective URL: https://herenewing.com/
Submission: On November 13 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 31 IPs in 2 countries across 19 domains to perform 76 HTTP transactions. The main IP is 13.35.93.72, located in United States and belongs to AMAZON-02, US. The main domain is herenewing.com. The Cisco Umbrella rank of the primary domain is 888080.
TLS certificate: Issued by Amazon RSA 2048 M03 on May 14th 2024. Valid for: a year.
This is the only time herenewing.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 13.35.93.72 16509 (AMAZON-02)
2 172.105.196.206 63949 (AKAMAI-LI...)
1 34.54.12.158 396982 (GOOGLE-CL...)
13 34.36.197.63 396982 (GOOGLE-CL...)
4 2607:f8b0:400... 15169 (GOOGLE)
1 34.111.184.159 396982 (GOOGLE-CL...)
5 142.250.80.66 15169 (GOOGLE)
6 142.251.40.162 15169 (GOOGLE)
2 142.251.40.100 15169 (GOOGLE)
1 108.138.128.46 16509 (AMAZON-02)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 2620:100:a00b::4 19750 (AS-CRITEO)
1 172.64.152.89 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
3 2607:f8b0:400... 15169 (GOOGLE)
2 142.251.40.130 15169 (GOOGLE)
2 4 2001:4860:480... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
1 52.22.132.221 14618 (AMAZON-AES)
2 8.221.104.121 45102 (ALIBABA-C...)
1 2620:100:a00b... 19750 (AS-CRITEO)
3 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
1 35.244.159.8 396982 (GOOGLE-CL...)
2 3 142.250.176.206 15169 (GOOGLE)
9 142.250.65.174 15169 (GOOGLE)
1 142.250.81.226 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
76 31
1    13.35.93.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-72.jfk50.r.cloudfront.net
herenewing.com
2    172.105.196.206 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1838-206.members.linode.com
fonts.font.im
fonts.gstatic.font.im
1    34.54.12.158 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 158.12.54.34.bc.googleusercontent.com
sdk.beesads.com
13    34.36.197.63 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 63.197.36.34.bc.googleusercontent.com
img.enjoy4fun.com
4    2607:f8b0:4006:80f::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    34.111.184.159 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 159.184.111.34.bc.googleusercontent.com
api.gamebridge.games
5    142.250.80.66 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f2.1e100.net
pagead2.googlesyndication.com
6    142.251.40.162 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net
securepubads.g.doubleclick.net
2    142.251.40.100 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f4.1e100.net
www.google.com
1    108.138.128.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-46.jfk50.r.cloudfront.net
tags.crwdcntrl.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    2620:100:a00b::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
1    172.64.152.89 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
3    2607:f8b0:4006:80e::2001 (United States)

ASN15169 (GOOGLE, US)
56d57c183579609d6c7f2278ff69ee19.safeframe.googlesyndication.com
2    142.251.40.130 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net
googleads.g.doubleclick.net
4    2001:4860:4802:38::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2607:f8b0:4004:c06::9d (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2607:f8b0:4006:822::2002 (United States)

ASN15169 (GOOGLE, US)
td.doubleclick.net
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
1    52.22.132.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-132-221.compute-1.amazonaws.com
bcp.crwdcntrl.net
2    8.221.104.121 (United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
deapi.funsdata.com
1    2620:100:a00b::12 (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
3    2607:f8b0:4006:80e::200e (United States)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
4    2607:f8b0:4006:816::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
3    142.250.176.206 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f14.1e100.net
analytics.google.com
9    142.250.65.174 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f14.1e100.net
fundingchoicesmessages.google.com
1    142.250.81.226 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f2.1e100.net
ep1.adtrafficquality.google
2    2607:f8b0:4006:816::2001 (United States)

ASN15169 (GOOGLE, US)
ep2.adtrafficquality.google
Apex Domain
Subdomains		 Transfer
21 google.com
www.google.com — Cisco Umbrella Rank: 4
analytics.google.com — Cisco Umbrella Rank: 170
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 684
74 KB
13 enjoy4fun.com
img.enjoy4fun.com — Cisco Umbrella Rank: 156854
100 KB
10 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 244
googleads.g.doubleclick.net — Cisco Umbrella Rank: 52
stats.g.doubleclick.net — Cisco Umbrella Rank: 171
td.doubleclick.net — Cisco Umbrella Rank: 231
280 KB
8 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 127
56d57c183579609d6c7f2278ff69ee19.safeframe.googlesyndication.com
280 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 65
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 64
326 KB
3 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 530
ep2.adtrafficquality.google — Cisco Umbrella Rank: 539
19 KB
3 openx.net
oajs.openx.net — Cisco Umbrella Rank: 3296
google-bidout-d.openx.net — Cisco Umbrella Rank: 3168
488 B
2 funsdata.com
deapi.funsdata.com — Cisco Umbrella Rank: 23250
683 B
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1258
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1277
13 KB
2 font.im
fonts.font.im — Cisco Umbrella Rank: 197911
fonts.gstatic.font.im
10 KB
1 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 480
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2769
8 KB
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1518
7 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 889
13 KB
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 3333
1 KB
1 gamebridge.games
api.gamebridge.games — Cisco Umbrella Rank: 122251
898 B
1 beesads.com
sdk.beesads.com — Cisco Umbrella Rank: 122069
31 KB
1 herenewing.com
herenewing.com — Cisco Umbrella Rank: 888080
56 KB
76 19
Domain Requested by
13 img.enjoy4fun.com herenewing.com
12 fundingchoicesmessages.google.com pagead2.googlesyndication.com
7 analytics.google.com 4 redirects www.googletagmanager.com
6 securepubads.g.doubleclick.net sdk.beesads.com
securepubads.g.doubleclick.net
5 pagead2.googlesyndication.com sdk.beesads.com
pagead2.googlesyndication.com
4 www.google-analytics.com herenewing.com
4 www.googletagmanager.com herenewing.com
www.googletagmanager.com
3 56d57c183579609d6c7f2278ff69ee19.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 ep2.adtrafficquality.google securepubads.g.doubleclick.net
ep2.adtrafficquality.google
2 deapi.funsdata.com sdk.beesads.com
2 oajs.openx.net 1 redirects herenewing.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.google.com www.googletagmanager.com
ep2.adtrafficquality.google
1 ep1.adtrafficquality.google securepubads.g.doubleclick.net
1 google-bidout-d.openx.net oa.openxcdn.net
1 gum.criteo.com static.criteo.net
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 td.doubleclick.net www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 api.gamebridge.games sdk.beesads.com
1 fonts.gstatic.font.im fonts.font.im
1 sdk.beesads.com herenewing.com
1 fonts.font.im herenewing.com
1 herenewing.com
76 29

This site contains no links.

Subject Issuer Validity Valid
herenewing.com
Amazon RSA 2048 M03		 2024-05-14 -
2025-06-12		 a year crt.sh
fonts.font.im
TrustAsia RSA DV TLS CA G2		 2024-04-07 -
2025-04-07		 a year crt.sh
*.beesads.com
WR3		 2024-09-25 -
2024-12-24		 3 months crt.sh
enjoy4fun.com
WR3		 2024-09-25 -
2024-12-24		 3 months crt.sh
fonts.gstatic.font.im
TrustAsia RSA DV TLS CA G2		 2024-04-07 -
2025-04-07		 a year crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
gamebridge.games
WR3		 2024-10-24 -
2025-01-22		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M02		 2024-09-07 -
2025-10-07		 a year crt.sh
invstatic101.creativecdn.com
WR3		 2024-10-15 -
2025-01-13		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-24 -
2024-12-21		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2024-09-05 -
2025-09-30		 a year crt.sh
oa.openxcdn.net
WR3		 2024-11-13 -
2025-02-11		 3 months crt.sh
*.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.funsdata.com
Encryption Everywhere DV TLS CA - G1		 2024-08-06 -
2025-08-05		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-24 -
2024-12-25		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2024-08-14 -
2025-08-18		 a year crt.sh
adtrafficquality.google
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh

This page contains 13 frames:

Primary Page: https://herenewing.com/
Frame ID: BA050C9DA4DAC8A48C772213B8D90CE1
Requests: 64 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fherenewing.com
Frame ID: DE106E7E13E912DA4DF6B77621C9E941
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: AF665196ADFFB7DA533E20FF2CC91A3B
Requests: 1 HTTP requests in this frame

Frame: https://56d57c183579609d6c7f2278ff69ee19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 02E9900435664D2E99B99E553BAEBA28
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241107/r20190131/zrt_lookup_fy2021.html
Frame ID: D2CCDC18BCCF733FFD1DDDEF95063F84
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6544196357785415&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1731531900&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A192%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x945_l%7C404x945_r&channel=3487216655&format=0x0&url=https%3A%2F%2Fherenewing.com%2F&pra=5&wgl=1&aihb=0&aiof=4&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1731531900269&bpp=11&bdt=1454&idt=538&shv=r20241107&mjsv=m202411120101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=2021938118662&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31088771%2C42531705%2C95344187%2C31088922%2C95335245%2C31088250%2C95345966&oid=2&pvsid=2331664439214529&tmod=1529584861&uas=0&nvt=1&fsapi=1&fc=1920&brdim=240%2C240%2C240%2C240%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=581
Frame ID: 3273F1F0EE13BDD9544B100B5A4BFB0A
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-HGM5N36QZC&gacid=1469442740.1731531901&gtm=45je4b70v9133154062z89133144017za200zb9133144017&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101823848~101925629~102067555~102077855&z=1202966069
Frame ID: 0430B31AA73C58118DAB48A967856FFA
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=herenewing.com
Frame ID: 0852F7C7C788E7D8379914A2620F651F
Requests: 1 HTTP requests in this frame

Frame: https://56d57c183579609d6c7f2278ff69ee19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CDAE736327551BA56AFC0C2A13693F36
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 123BAFB6173302638FD4EED4C565DBD4
Requests: 1 HTTP requests in this frame

Frame: https://56d57c183579609d6c7f2278ff69ee19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8587497EE0067001064932ECBA6F0BB5
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: B4AC70F20CD410264954571779738C92
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AB0B338ED77A41E1261E1FB9B777044E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

herenewing

Page URL History Show full URLs

  1. http://herenewing.com/ HTTP 307
    https://herenewing.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Page Statistics

76
Requests

92 %
HTTPS

33 %
IPv6

19
Domains

29
Subdomains

31
IPs

2
Countries

1219 kB
Transfer

3571 kB
Size

29
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://herenewing.com/ HTTP 307
    https://herenewing.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fherenewing.com%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fherenewing.com%2F&rid=esp&cc=1
Request Chain 48
  • https://analytics.google.com/g/collect?v=2&tid=G-HGM5N36QZC&gtm=45je4b70v9133154062za200zb9133144017&_p=1731531899600&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101925629~102067555~102077855&cid=1469442740.1731531901&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEI&_s=3&sid=1731531900&sct=1&seg=1&dl=https%3A%2F%2Fherenewing.com%2F&dt=herenewing&en=ad_impression&_c=1&ep.site_id=24787948&ep.widget_id=&ep.creative_id=&ep.query_id=CPz6-_6a2okDFXG10QQdXUAXug&_et=537&tfd=3328 HTTP 302
  • https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1469442740.1731531901&dbk=9300672418066740183&dma=0&en=ad_impression&gtm=45je4b70v9133154062za200zb9133144017&npa=0&tid=G-HGM5N36QZC&dl=https%3A%2F%2Fherenewing.com%3F
Request Chain 49
  • https://analytics.google.com/g/collect?v=2&tid=G-HGM5N36QZC&gtm=45je4b70v9133154062z89133144017za200zb9133144017&_p=1731531899600&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101925629~102067555~102077855&cid=1469442740.1731531901&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=4&sid=1731531900&sct=1&seg=1&dl=https%3A%2F%2Fherenewing.com%2F&dt=herenewing&en=ad_impression&_c=1&ep.site_id=24787948&ep.widget_id=&ep.creative_id=&ep.event_label=0&ep.event_category=day&_et=2&tfd=3348 HTTP 302
  • https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1469442740.1731531901&dbk=10818742267328268676&dma=0&en=ad_impression&gtm=45je4b70v9133154062z89133144017za200zb9133144017&npa=0&tid=G-HGM5N36QZC&dl=https%3A%2F%2Fherenewing.com%3F
Request Chain 52
  • https://analytics.google.com/g/collect?v=2&tid=G-HGM5N36QZC&gtm=45je4b70v9133154062za200zb9133144017&_p=1731531899600&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101925629~102067555~102077855&cid=1469442740.1731531901&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEI&_s=5&sid=1731531900&sct=1&seg=1&dl=https%3A%2F%2Fherenewing.com%2F&dt=herenewing&en=ad_impression&_c=1&ep.site_id=24787948&ep.widget_id=&ep.creative_id=&ep.query_id=CKfplP-a2okDFd-_0QQdePok5A&_et=280&tfd=3647 HTTP 302
  • https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1469442740.1731531901&dbk=3220609964020395715&dma=0&en=ad_impression&gtm=45je4b70v9133154062za200zb9133144017&npa=0&tid=G-HGM5N36QZC&dl=https%3A%2F%2Fherenewing.com%3F
Request Chain 53
  • https://analytics.google.com/g/collect?v=2&tid=G-HGM5N36QZC&gtm=45je4b70v9133154062z89133144017za200zb9133144017&_p=1731531899600&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101925629~102067555~102077855&cid=1469442740.1731531901&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=6&sid=1731531900&sct=1&seg=1&dl=https%3A%2F%2Fherenewing.com%2F&dt=herenewing&en=ad_impression&_c=1&ep.site_id=24787948&ep.widget_id=&ep.creative_id=&ep.event_label=0&ep.event_category=day&_et=1&tfd=3655 HTTP 302
  • https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1469442740.1731531901&dbk=2844589902876021663&dma=0&en=ad_impression&gtm=45je4b70v9133154062z89133144017za200zb9133144017&npa=0&tid=G-HGM5N36QZC&dl=https%3A%2F%2Fherenewing.com%3F

76 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
herenewing.com/
Redirect Chain
  • http://herenewing.com/
  • https://herenewing.com/
190 KB
56 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://herenewing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-72.jfk50.r.cloudfront.net
Software
CloudFront /
Resource Hash
51ee07e310a53408e4328e3f00cedcb59ed834f7e2cebe88c6e3e8c03d1a9ebc
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.myworldfix.com https://*.beesads.com https://*.gamebridge.games http://*.gamebridge.games
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store
content-encoding
br
content-security-policy
frame-ancestors https://*.myworldfix.com https://*.beesads.com https://*.gamebridge.games http://*.gamebridge.games
content-type
text/html; charset=utf-8
date
Wed, 13 Nov 2024 21:04:58 GMT
server
CloudFront
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 google, 1.1 4c1a2d98b0820f90f630f0721b0b6538.cloudfront.net (CloudFront)
x-amz-cf-id
TlydsXjzX29qNBjdmT5087hjw9Gaqi8XxNBT0WBGdacshfDmYY5Ahg==
x-amz-cf-pop
JFK50-P8
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-download-options
noopen

Redirect headers

Location
https://herenewing.com/
Non-Authoritative-Reason
HttpsUpgrades
css
fonts.font.im/ 		821 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.font.im/css?family=Poppins:600
Requested by
Host: herenewing.com
URL: https://herenewing.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.105.196.206 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li1838-206.members.linode.com
Software
nginx/1.24.0 /
Resource Hash
0ede7f771034697a60eff281ea8957d9917c73f69308eb9c680aa31cdd6cb81b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://herenewing.com/

Response headers

Content-Encoding
gzip
X-Content-Type-Options
nosniff
Expires
Thu, 13 Mar 2025 21:04:59 GMT
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Cache
HIT
Date
Wed, 13 Nov 2024 21:04:59 GMT
Content-Type
text/css; charset=utf-8
Vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site,Accept-Encoding
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
Link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
Cache-Control
max-age=10368000
Timing-Allow-Origin
*
Cross-Origin-Opener-Policy
same-origin-allow-popups
Connection
keep-alive
Cross-Origin-Resource-Policy
cross-origin
Access-Control-Allow-Origin
*
X-XSS-Protection
0
Server
nginx/1.24.0
ads-tag.js
sdk.beesads.com/v1/ 		100 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.beesads.com/v1/ads-tag.js
Requested by
Host: herenewing.com
URL: https://herenewing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.54.12.158 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
158.12.54.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
20d086bb7d1c95c18e2a45badf7a062ad2ce014a78e4430a73607489cccfaab0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://herenewing.com/

Response headers

x-goog-metageneration
1
access-control-max-age
600
access-control-expose-headers
x-goog-hash
crc32c=GrPG5A==, md5=S2k6yk+IvFBmnr9vLboXEA==
content-encoding
br
age
2120
access-control-allow-methods
ALL
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
102121
date
Wed, 13 Nov 2024 20:29:39 GMT
last-modified
Wed, 13 Nov 2024 06:30:20 GMT
content-type
application/javascript
vary
Accept-Encoding
x-guploader-uploadid
AFiumC7278vhsJrU6M2kh-BdaWIjWpWBDMbw8g5W36-s9CdG6lzTZTb-LP0gbdBacR-c_72D0HDvXsO2BQ
access-control-allow-headers
*
cache-control
public,max-age=600
x-goog-storage-class
STANDARD
access-control-allow-credentials
false
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1731479420847007
content-length
31097
server
UploadServer
cp3el43pog9roe7i7v20.png
img.enjoy4fun.com/site_logo/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.enjoy4fun.com/site_logo/cp3el43pog9roe7i7v20.png
Requested by
Host: herenewing.com
URL: https://herenewing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.197.63 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
63.197.36.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
26dda7a20a4921e6bfdffeb3fa7a594b5d23a7b64fd54a80115202e733a05a14

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://herenewing.com/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=eSqoJw==, md5=e3OUbMX8i3HwLeyIX4MzhA==
etag
"7b73946cc5fc8b71f02dec885f833384"
age
1865
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
32333
date
Wed, 13 Nov 2024 20:33:54 GMT
x-goog-meta-x-goog-source-etag
"7b73946cc5fc8b71f02dec885f833384"
last-modified
Fri, 18 Oct 2024 06:37:27 GMT
content-type
image/png
x-guploader-uploadid
AHmUCY2MITxDkJiTNNj1IdRI6zKBDTh93KaSei8mdsJyihJaJhIJVCfTzO7Z7mwGE0TO0Lh_kDVXmD8BZQ
cache-control
public,max-age=3600
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
x-goog-generation
1729233447396549
content-length
32333
server
UploadServer
pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
fonts.gstatic.font.im/s/poppins/v21/ 		8 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.font.im/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
Requested by
Host: fonts.font.im
URL: https://fonts.font.im/css?family=Poppins:600
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.105.196.206 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li1838-206.members.linode.com
Software
nginx/1.24.0 /
Resource Hash
872e862918591a9e824dc03ed92f05729435ffbb8ebbb10eff7eda26592b1798
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://herenewing.com
Referer
https://fonts.font.im/

Response headers

Age
295115
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
X-Content-Type-Options
nosniff
Expires
Thu, 13 Mar 2025 21:05:00 GMT
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Cache
HIT
Date
Wed, 13 Nov 2024 21:05:00 GMT
Content-Type
font/woff2
Transfer-Encoding
chunked
Cache-Control
max-age=10368000
Timing-Allow-Origin
*
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Access-Control-Allow-Origin
*
X-XSS-Protection
0
Server
nginx/1.24.0
csqejmcdj1ks72tih1lg.webp
img.enjoy4fun.com/image/429*237/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.enjoy4fun.com/image/429*237/csqejmcdj1ks72tih1lg.webp?type=news_icon
Requested by
Host: herenewing.com
URL: https://herenewing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.197.63 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
63.197.36.34.bc.googleusercontent.com
Software
/
Resource Hash
e0c4768e3bf894d2484743a77cc403a13deb88343da0c34c9a8f68b7bf0b658d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://herenewing.com/

Response headers

access-control-expose-headers
Authorization, Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type, uid
cache-control
public,max-age=600
access-control-allow-credentials
true
access-control-allow-methods
POST, OPTIONS, GET, PUT, DELETE
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 21:04:59 GMT
content-type
image/webp
access-control-allow-headers
Content-Type, Authorization, Cache-Control, uid
csqejncdj1ks72tih26g.webp
img.enjoy4fun.com/image/429*237/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.enjoy4fun.com/image/429*237/csqejncdj1ks72tih26g.webp?type=news_icon
Requested by
Host: herenewing.com
URL: https://herenewing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.197.63 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
63.197.36.34.bc.googleusercontent.com
Software
/
Resource Hash
753f20eddcd7455e3141e976b4d69c4bfb16b0860dbe4b1c995725826ec72065

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://herenewing.com/

Response headers

access-control-expose-headers
Authorization, Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type, uid
cache-control
public,max-age=600
access-control-allow-credentials
true
access-control-allow-methods
POST, OPTIONS, GET, PUT, DELETE
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 21:04:59 GMT
content-type
image/webp
access-control-allow-headers
Content-Type, Authorization, Cache-Control, uid
csqejnkdj1ks72tih280.webp
img.enjoy4fun.com/image/204*105/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.enjoy4fun.com/image/204*105/csqejnkdj1ks72tih280.webp?type=news_icon
Requested by
Host: herenewing.com
URL: https://herenewing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.197.63 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
63.197.36.34.bc.googleusercontent.com
Software
/
Resource Hash
d279bac84ea33713a4f9c1e8c08ea5ead66f628487ded4983b01ccf6b3288a2d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://herenewing.com/

Response headers

access-control-expose-headers
Authorization, Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type, uid
cache-control
public,max-age=600
access-control-allow-credentials
true
access-control-allow-methods
POST, OPTIONS, GET, PUT, DELETE
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 21:04:59 GMT
content-type
image/webp
access-control-allow-headers
Content-Type, Authorization, Cache-Control, uid
csqejnsdj1ks72tih2ag.webp
img.enjoy4fun.com/image/204*105/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.enjoy4fun.com/image/204*105/csqejnsdj1ks72tih2ag.webp?type=news_icon
Requested by
Host: herenewing.com
URL: https://herenewing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.197.63 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
63.197.36.34.bc.googleusercontent.com
Software
/
Resource Hash
6bc6fa4c25a852ea34886e66e61e6e46d9f5d7d7ed7dbba975285840f782a46d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://herenewing.com/

Response headers

access-control-expose-headers
Authorization, Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type, uid
cache-control
public,max-age=600
access-control-allow-credentials
true
access-control-allow-methods
POST, OPTIONS, GET, PUT, DELETE
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 21:04:59 GMT
content-type
image/webp
access-control-allow-headers
Content-Type, Authorization, Cache-Control, uid
csqejocdj1ks72tih2gg.webp
img.enjoy4fun.com/image/204*105/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.enjoy4fun.com/image/204*105/csqejocdj1ks72tih2gg.webp?type=news_icon
Requested by
Host: herenewing.com
URL: https://herenewing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.197.63 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
63.197.36.34.bc.googleusercontent.com
Software
/
Resource Hash
35d530cc26a4e1216f95f84774f499f8036232514fe8ab68719f42267683c697

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://herenewing.com/

Response headers

access-control-expose-headers
Authorization, Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type, uid
cache-control
public,max-age=600
access-control-allow-credentials
true
access-control-allow-methods
POST, OPTIONS, GET, PUT, DELETE
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 21:04:59 GMT
content-type
image/webp
access-control-allow-headers
Content-Type, Authorization, Cache-Control, uid
csqejocdj1ks72tih2ig.webp
img.enjoy4fun.com/image/204*105/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.enjoy4fun.com/image/204*105/csqejocdj1ks72tih2ig.webp?type=news_icon
Requested by
Host: herenewing.com
URL: https://herenewing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.197.63 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
63.197.36.34.bc.googleusercontent.com
Software
/
Resource Hash
c9ebe6d2c6e02f14209d2f8aea21cf431eb0a330c3da5e4578fe050cc5e0d64c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://herenewing.com/

Response headers

access-control-expose-headers
Authorization, Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type, uid
cache-control
public,max-age=600
access-control-allow-credentials
true
access-control-allow-methods
POST, OPTIONS, GET, PUT, DELETE
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 21:04:59 GMT
content-type
image/webp
access-control-allow-headers
Content-Type, Authorization, Cache-Control, uid
csqejpcdj1ks72tih2tg.webp
img.enjoy4fun.com/image/429*237/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.enjoy4fun.com/image/429*237/csqejpcdj1ks72tih2tg.webp?type=news_icon
Requested by
Host: herenewing.com
URL: https://herenewing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.197.63 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
63.197.36.34.bc.googleusercontent.com
Software
/
Resource Hash
ad73ab5c9a11db36cfcb310965a4647e10794f5f6440325afee8913e80174efb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://herenewing.com/

Response headers

access-control-expose-headers
Authorization, Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type, uid
cache-control
public,max-age=600
access-control-allow-credentials
true
access-control-allow-methods
POST, OPTIONS, GET, PUT, DELETE
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 21:04:59 GMT
content-type
image/webp
access-control-allow-headers
Content-Type, Authorization, Cache-Control, uid
csqejpkdj1ks72tih30g.webp
img.enjoy4fun.com/image/429*237/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.enjoy4fun.com/image/429*237/csqejpkdj1ks72tih30g.webp?type=news_icon
Requested by
Host: herenewing.com
URL: https://herenewing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.197.63 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
63.197.36.34.bc.googleusercontent.com
Software
/
Resource Hash
d117d6c4a8dfe9026a0ea5468b051f3e0b46b6a9dc0c31fbe6c846574ccf5fb3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://herenewing.com/

Response headers

access-control-expose-headers
Authorization, Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type, uid
cache-control
public,max-age=600
access-control-allow-credentials
true
access-control-allow-methods
POST, OPTIONS, GET, PUT, DELETE
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 21:04:59 GMT
content-type
image/webp
access-control-allow-headers
Content-Type, Authorization, Cache-Control, uid
csqejpsdj1ks72tih32g.webp
img.enjoy4fun.com/image/204*105/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.enjoy4fun.com/image/204*105/csqejpsdj1ks72tih32g.webp?type=news_icon
Requested by
Host: herenewing.com
URL: https://herenewing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.197.63 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
63.197.36.34.bc.googleusercontent.com
Software
/
Resource Hash
09d49623c6b38f7d52ccffd7f256afeca566fe8af388a2e4b779bcfa86b0ed71

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://herenewing.com/

Response headers

access-control-expose-headers
Authorization, Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type, uid
cache-control
public,max-age=600
access-control-allow-credentials
true
access-control-allow-methods
POST, OPTIONS, GET, PUT, DELETE
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 21:05:00 GMT
content-type
image/webp
access-control-allow-headers
Content-Type, Authorization, Cache-Control, uid
csqejr4dj1ks72tih3lg.webp
img.enjoy4fun.com/image/204*105/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.enjoy4fun.com/image/204*105/csqejr4dj1ks72tih3lg.webp?type=news_icon
Requested by
Host: herenewing.com
URL: https://herenewing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.197.63 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
63.197.36.34.bc.googleusercontent.com
Software
/
Resource Hash
359c6868bc925ea722f407f6f044c35860a2e086cda1df1335b1743e2b4c3f7e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://herenewing.com/

Response headers

access-control-expose-headers
Authorization, Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type, uid
cache-control
public,max-age=600
access-control-allow-credentials
true
access-control-allow-methods
POST, OPTIONS, GET, PUT, DELETE
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 21:05:00 GMT
content-type
image/webp
access-control-allow-headers
Content-Type, Authorization, Cache-Control, uid
gtm.js
www.googletagmanager.com/ 		334 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WJ6SSRR
Requested by
Host: herenewing.com
URL: https://herenewing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
06899a81f1d0d7cca6e7488762f294c97330cb39943ac4b45a69dbdf3b45d14f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://herenewing.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Wed, 13 Nov 2024 21:04:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 21:04:59 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
106662
x-xss-protection
0
server
Google Tag Manager
session-config
api.gamebridge.games/gamebridge/v1/site/24787948/ 		4 KB
898 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.gamebridge.games/gamebridge/v1/site/24787948/session-config?pn=%2F&uid=
Requested by
Host: sdk.beesads.com
URL: https://sdk.beesads.com/v1/ads-tag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.184.159 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
159.184.111.34.bc.googleusercontent.com
Software
/
Resource Hash
49b6bd2f981db689c79454531a3a05a91cf2f79b8db4783fe66cff91289ac83d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://herenewing.com/

Response headers

access-control-expose-headers
Authorization, Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type, uid, tid
content-encoding
br
access-control-allow-credentials
true
access-control-allow-methods
POST, OPTIONS, GET, PUT, DELETE
via
1.1 google
access-control-allow-origin
https://herenewing.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 21:04:59 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
access-control-allow-headers
Content-Type, Authorization, Cache-Control, uid, tid
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		158 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6544196357785415
Requested by
Host: sdk.beesads.com
URL: https://sdk.beesads.com/v1/ads-tag.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
f66bfa056217d2581132aac69f8a80f8d938b22ca2f51fa6de94d9ba972abb62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://herenewing.com
Referer
https://herenewing.com/

Response headers

content-encoding
br
etag
4413969289010873270
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 21:04:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 13 Nov 2024 21:04:59 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53634
x-xss-protection
0
server
cafe
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		108 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: sdk.beesads.com
URL: https://sdk.beesads.com/v1/ads-tag.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
fdbdead9a6e6d720ad2a403cf338c97e43a707cfcda3f4a620e9d80f640184eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://herenewing.com/

Response headers

content-encoding
br
etag
66 / 20040 / m202411070102 / config-hash: 13888407362765616528
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 21:04:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 13 Nov 2024 21:04:59 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33589
x-xss-protection
0
server
cafe
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411070102/ 		488 KB
151 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411070102/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
f24d425e2554a7f4288364bd3a87a27037627c72728fc809554b8cf919c39ec9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://herenewing.com/

Response headers

content-encoding
br
etag
14763398007457274827
age
840
x-content-type-options
nosniff
expires
Thu, 13 Nov 2025 20:51:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 13 Nov 2024 20:51:00 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
154591
x-xss-protection
0
server
cafe
slotcar_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411120101/ 		90 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411120101/slotcar_library_fy2021.js?bust=31088922
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6544196357785415
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
44228a94bbb73bed39ea4df254425cd57dc64558024665c2413f31252b0d2e7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://herenewing.com/

Response headers

content-encoding
br
etag
15085489947407350354
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 21:05:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 13 Nov 2024 21:05:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
31896
x-xss-protection
0
server
cafe
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411120101/ 		434 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411120101/show_ads_impl_fy2021.js?bust=31088922
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6544196357785415
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
f0131c2ea86ac9286019cb07bc397a2810d6c15e212925720fb47bbf79dd452c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://herenewing.com/

Response headers

content-encoding
br
etag
15910699095607746913
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 21:05:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 13 Nov 2024 21:05:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
147374
x-xss-protection
0
server
cafe
destination
www.googletagmanager.com/gtag/ 		338 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-HGM5N36QZC&l=dataLayer&cx=c&gtm=45He4b70v9133144017za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJ6SSRR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1f9c778d72f961cf46742326267bec4215b3b24153c2d36457917c7bffeaf955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://herenewing.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Wed, 13 Nov 2024 21:05:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 21:05:00 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
112750
x-xss-protection
0
server
Google Tag Manager
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fherenewing.com%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=911258131.1731531900&auid=711917770.1731531900&npa=0&gtm=45He4b70v9133144017za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629~102067554~102077855&tft=1731531900469&tfd=2244&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJ6SSRR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.100 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://herenewing.com/

Response headers
js
www.googletagmanager.com/gtag/ 		338 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-HGM5N36QZC&l=dataLayer&cx=c&gtm=45He4b70v9133144017za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJ6SSRR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1834666d7164eeea774483ab115e64e75add119631c20a2d2be12b4ddc55b06b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://herenewing.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 13 Nov 2024 21:05:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 21:05:00 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
112776
x-xss-protection
0
server
Google Tag Manager
sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame DE10 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fherenewing.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJ6SSRR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Nov 2024 21:05:00 GMT
expires
Thu, 13 Nov 2025 21:05:00 GMT
last-modified
Mon, 21 Oct 2024 16:58:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6544196357785415
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://herenewing.com/

Response headers
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame AF66 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411070102/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://herenewing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
378
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
29121
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Nov 2024 20:58:43 GMT
expires
Wed, 13 Nov 2024 21:48:43 GMT
last-modified
Mon, 11 Nov 2024 20:42:41 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411070102/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-46.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
30b32e97f2e3e06deb742bf2e19daeb4f4657a956e836c2a25a7df2bc72f7500

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://herenewing.com/

Response headers

vary
Accept-Encoding
cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"7db46e1255a018ecf02f47b2c19c26c4"
age
47979
via
1.1 cd958e502c6aea704f0f824e60431e72.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
hDVkvTViQN4Jt22IJ7et-POM1N0w5mv61Tp284tf4wqMhOCuOJBkig==
date
Wed, 13 Nov 2024 09:18:44 GMT
content-type
text/javascript
last-modified
Tue, 20 Aug 2024 18:47:40 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
x-amz-server-side-encryption
AES256
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411070102/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://herenewing.com/

Response headers

etag
cd19e0900da0cdbc6697310fd9330fb6
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1195
date
Wed, 13 Nov 2024 21:05:01 GMT
content-type
text/javascript; charset=utf-8
last-modified
Mon, 05 Feb 2024 22:07:56 GMT
server
Google Frontend
x-cloud-trace-context
f91b5a93455fbf4e20f6f2e5d387b40d
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411070102/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
1635d2075d3343c86490d2229c1fb868ad59d92958ef65e04cb65767c703e9f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://herenewing.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=86400, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"670e3454-a69c"
cross-origin-resource-policy
cross-origin
expires
Thu, 14 Nov 2024 21:05:01 GMT
access-control-allow-origin
*
date
Wed, 13 Nov 2024 21:05:01 GMT
content-type
text/javascript
last-modified
Tue, 15 Oct 2024 09:22:28 GMT
server
nginx
ob.js
cdn-ima.33across.com/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411070102/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ffa45453324362cbc5cc78288e04513100c2d61baf3a969717ea5df3d0dbb39

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://herenewing.com/

Response headers

cache-control
public, max-age=259200
content-encoding
gzip
cf-cache-status
HIT
etag
W/"671a7174-43df"
age
549572
cf-ray
8e21b7acea235361-LAX
expires
Sat, 16 Nov 2024 21:05:00 GMT
date
Wed, 13 Nov 2024 21:05:00 GMT
content-type
application/javascript
last-modified
Thu, 24 Oct 2024 16:10:28 GMT
vary
Accept-Encoding
server
cloudflare
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411070102/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://herenewing.com/

Response headers

x-goog-metageneration
1
content-encoding
gzip
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
etag
"df5542b88bc0e368c6999754a5b9e2ba"
age
33216
x-goog-stored-content-encoding
gzip
expires
Thu, 13 Nov 2025 11:51:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
7927
date
Wed, 13 Nov 2024 11:51:24 GMT
last-modified
Thu, 27 May 2021 18:30:51 GMT
content-type
application/javascript
x-guploader-uploadid
AHmUCY2Cg0LjHE57cnCzGBibModr9GUUcA4IjwEGAt16W3IiRSDE8nc26J2GT8-PmDu4q3oVtarqz-G0sg
cache-control
no-transform
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
x-goog-generation
1622140251693895
content-length
7927
server
UploadServer
ads
securepubads.g.doubleclick.net/gampad/ 		253 KB
62 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2331664439214529&correlator=2397423421774492&eid=31088122%2C31088252&output=ldjh&gdfp_req=1&vrg=202411070102&ptt=17&impl=fif&iu_parts=22964834814%2Cherenewing.com%2Czone_54924_config_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&fas=8&fsapi=1&sc=1&cookie_enabled=1&abxe=1&dt=1731531900741&lmt=1731531900&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fherenewing.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&td=1&egid=49359&tan=91bcc554-3387-42d4-9837-db815996c0c8&tdf=2&topics=9&tps=9&htps=10&a3p=EhwKDWNyd2RjbnRybC5uZXQYuY7gurIySABSAghkEhQKBW9wZW54GLqO4LqyMkgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRi6juC6sjJIAFICCGQSGwoMMzNhY3Jvc3MuY29tGLqO4LqyMkgAUgIIZBIXCghydGJob3VzZRi6juC6sjJIAFICCGQ.&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1731531898815&idt=1830&prev_scp=adstag_id%3Dtag-code-1%26adstag_bid%3Dno-bid&cust_params=cid%3Ddefault%26user_day%3Dday_20241114&adks=308307625&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411070102/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
f6de997e5fd107ab0f2311f9c937a69f5eb4ba156c0d25e4c4cb9aab632e0080
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://herenewing.com/

Response headers

content-encoding
br
google-lineitem-id
-1
observe-browsing-topics
?1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 13 Nov 2024 21:05:01 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-1
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://herenewing.com
content-length
63102
x-xss-protection
0
server
cafe
ads
securepubads.g.doubleclick.net/gampad/ 		44 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2331664439214529&correlator=2397423421774492&eid=31088122%2C31088252&output=ldjh&gdfp_req=1&vrg=202411070102&ptt=17&impl=fif&iu_parts=22964834814%2Cherenewing.com%2Czone_54917_config_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=3&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1731531900753&lmt=1731531900&adxs=436&adys=905&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fherenewing.com%2F&vis=1&psz=728x-1&msz=728x-1&fws=0&ohw=0&td=1&egid=49359&tan=91bcc554-3387-42d4-9837-db815996c0c9&tdf=2&topics=9&tps=9&htps=10&a3p=EhwKDWNyd2RjbnRybC5uZXQYuY7gurIySABSAghkEhQKBW9wZW54GLqO4LqyMkgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRi6juC6sjJIAFICCGQSGwoMMzNhY3Jvc3MuY29tGLqO4LqyMkgAUgIIZBIXCghydGJob3VzZRi6juC6sjJIAFICCGQ.&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1731531898815&idt=1830&prev_scp=adstag_id%3Dtag-code-0%26adstag_bid%3Dno-bid&cust_params=cid%3Ddefault%26user_day%3Dday_20241114&adks=887133879&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411070102/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
2936b1465f48a935599f49d9cc9dfc3603992173d389c51b02526c8b49c66ae6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://herenewing.com/

Response headers

content-encoding
br
google-lineitem-id
-1
observe-browsing-topics
?1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 13 Nov 2024 21:05:01 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-1
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://herenewing.com
content-length
19161
x-xss-protection
0
server
cafe
container.html
56d57c183579609d6c7f2278ff69ee19.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 02E9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://56d57c183579609d6c7f2278ff69ee19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411070102/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://herenewing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Nov 2024 21:05:01 GMT
expires
Wed, 13 Nov 2024 21:05:01 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411070102/ 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411070102/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411070102/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
259ebe1408a65dc59061540c2e10bad8ec85700fc4116ca0af37c9e4c0e7761b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://herenewing.com/

Response headers

content-encoding
br
etag
6839144550544191367
age
79819
x-content-type-options
nosniff
expires
Wed, 12 Nov 2025 22:54:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Tue, 12 Nov 2024 22:54:41 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
15741
x-xss-protection
0
server
cafe
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241107/r20190131/ Frame D2CC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241107/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411120101/show_ads_impl_fy2021.js?bust=31088922
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://herenewing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
745
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4134
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 13 Nov 2024 20:52:36 GMT
etag
4475648825157136472
expires
Wed, 27 Nov 2024 20:52:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3273 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6544196357785415&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1731531900&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A192%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x945_l%7C404x945_r&channel=3487216655&format=0x0&url=https%3A%2F%2Fherenewing.com%2F&pra=5&wgl=1&aihb=0&aiof=4&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1731531900269&bpp=11&bdt=1454&idt=538&shv=r20241107&mjsv=m202411120101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=2021938118662&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31088771%2C42531705%2C95344187%2C31088922%2C95335245%2C31088250%2C95345966&oid=2&pvsid=2331664439214529&tmod=1529584861&uas=0&nvt=1&fsapi=1&fc=1920&brdim=240%2C240%2C240%2C240%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=581
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411120101/show_ads_impl_fy2021.js?bust=31088922
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://herenewing.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
647
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 13 Nov 2024 21:05:01 GMT
expires
Wed, 13 Nov 2024 21:05:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-HGM5N36QZC&gtm=45je4b70v9133154062z89133144017za200zb9133144017&_p=1731531899600&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101925629~102067555~102077855&cid=1469442740.1731531901&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1731531900&sct=1&seg=0&dl=https%3A%2F%2Fherenewing.com%2F&dt=herenewing&en=gtm.init_consent&_fv=1&_nsi=1&_ss=1&up.site_id=24787948&up.widget_id=&up.creative_id=&tfd=2692
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-HGM5N36QZC&l=dataLayer&cx=c&gtm=45He4b70v9133144017za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://herenewing.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://herenewing.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 21:05:01 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
553 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-HGM5N36QZC&cid=1469442740.1731531901&gtm=45je4b70v9133154062z89133144017za200zb9133144017&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101823848~101925629~102067555~102077855
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-HGM5N36QZC&l=dataLayer&cx=c&gtm=45He4b70v9133144017za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://herenewing.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://herenewing.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 21:05:01 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 0430 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-HGM5N36QZC&gacid=1469442740.1731531901&gtm=45je4b70v9133154062z89133144017za200zb9133144017&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101823848~101925629~102067555~102077855&z=1202966069
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-HGM5N36QZC&l=dataLayer&cx=c&gtm=45He4b70v9133144017za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://herenewing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 13 Nov 2024 21:05:01 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fherenewing.com%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fherenewing.com%2F&rid=esp&cc=1
85 B
193 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fherenewing.com%2F&rid=esp&cc=1
Requested by
Host: herenewing.com
URL: https://herenewing.com/
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
554d7fe08deda12c3c724e854ab7226c617f83db328e32a80fb285484474e2e7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://herenewing.com/

Response headers

etag
W/"55-d/OcO0k7A0IhW4aaxyWfnd8Q9fE"
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://herenewing.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85
date
Wed, 13 Nov 2024 21:05:01 GMT
content-type
application/json; charset=utf-8
x-powered-by
Express
vary
Origin

Redirect headers

location
/esp?url=https%3A%2F%2Fherenewing.com%2F&rid=esp&cc=1
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://herenewing.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 13 Nov 2024 21:05:01 GMT
x-powered-by
Express
vary
Origin
map
bcp.crwdcntrl.net/6/ 		156 B
613 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.132.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-132-221.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
dbc568b4e6cd879da1affc904bdf0cdfcb800a3d65c9cdf1da1b6ca195db96c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://herenewing.com/

Response headers

cache-control
no-cache
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://herenewing.com
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
156
date
Wed, 13 Nov 2024 21:05:01 GMT
content-type
application/json;charset=utf-8
x-server
10.40.1.231
server
Jetty(9.4.38.v20210224)
json
deapi.funsdata.com/v1/wgt/report/ 		51 B
342 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://deapi.funsdata.com/v1/wgt/report/json
Requested by
Host: sdk.beesads.com
URL: https://sdk.beesads.com/v1/ads-tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.221.104.121 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash
42f90637ea25ad029a8be581e8d36bd49b021a7a27639c9bf6230cf49dbb4d1c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://herenewing.com/

Response headers

access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin
*
content-length
51
date
Wed, 13 Nov 2024 21:05:01 GMT
content-type
application/json;charset=utf8
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,Authorization,accept,origin,Cache-Control,X-Requested-With
syncframe
gum.criteo.com/ Frame 0852 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=herenewing.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://herenewing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 13 Nov 2024 21:05:01 GMT
server
Kestrel
server-processing-duration-in-ticks
351842
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
ca-pub-6544196357785415
fundingchoicesmessages.google.com/i/ 		195 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-6544196357785415?href=https%3A%2F%2Fherenewing.com&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411120101/show_ads_impl_fy2021.js?bust=31088922
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1402468b05b174966057bcf7d4ea45559b15618403ca1c88bbf8ab0e214b12dc
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-vyPE5YS8FOu-Mu-NNS_f1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://herenewing.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 21:05:01 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmII0pBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgdte6yOoPxIYKl1idgdix6BKrJxCr9lxiNQfi--susT4H4iKJK6wtQHy76QrrYyBm-HqFlQOIhXg4_q64spNN4MGtc-3MShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRiaGhoZGegbG8QUGAKztQKY"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-vyPE5YS8FOu-Mu-NNS_f1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
container.html
56d57c183579609d6c7f2278ff69ee19.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CDAE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://56d57c183579609d6c7f2278ff69ee19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411070102/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://herenewing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Nov 2024 21:05:01 GMT
expires
Wed, 13 Nov 2024 21:05:01 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-HGM5N36QZC&gtm=45je4b70v9133154062z89133144017za200zb9133144017&_p=1731531899600&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101925629~102067555~102077855&cid=1469442740.1731531901&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&sid=1731531900&sct=1&seg=1&dl=https%3A%2F%2Fherenewing.com%2F&dt=herenewing&_s=2&tfd=3327
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-HGM5N36QZC&l=dataLayer&cx=c&gtm=45He4b70v9133144017za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://herenewing.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://herenewing.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 21:05:01 GMT
content-type
text/plain
server
Golfe2
register-conversion
www.google-analytics.com/privacy-sandbox/
Redirect Chain
  • https://analytics.google.com/g/collect?v=2&tid=G-HGM5N36QZC&gtm=45je4b70v9133154062za200zb9133144017&_p=1731531899600&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101925629~102067555~102077855&ci...
  • https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1469442740.1731531901&dbk=9300672418066740183&dma=0&en=ad_impression&gtm=45je4b70v9133154062za200zb9133144017&npa=0&tid...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1469442740.1731531901&dbk=9300672418066740183&dma=0&en=ad_impression&gtm=45je4b70v9133154062za200zb9133144017&npa=0&tid=G-HGM5N36QZC&dl=https%3A%2F%2Fherenewing.com%3F
Requested by
Host: herenewing.com
URL: https://herenewing.com/
Protocol
H2
Server
2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://herenewing.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgnc:90:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgnc:90:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Wed, 13 Nov 2024 21:05:02 GMT
content-type
text/plain
server
Golfe2

Redirect headers

cache-control
no-cache, no-store, must-revalidate
location
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1469442740.1731531901&dbk=9300672418066740183&dma=0&en=ad_impression&gtm=45je4b70v9133154062za200zb9133144017&npa=0&tid=G-HGM5N36QZC&dl=https%3A%2F%2Fherenewing.com%3F
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
474
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 21:05:01 GMT
content-type
text/html; charset=UTF-8
server
Golfe2
register-conversion
www.google-analytics.com/privacy-sandbox/
Redirect Chain
  • https://analytics.google.com/g/collect?v=2&tid=G-HGM5N36QZC&gtm=45je4b70v9133154062z89133144017za200zb9133144017&_p=1731531899600&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101925629~102067555~...
  • https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1469442740.1731531901&dbk=10818742267328268676&dma=0&en=ad_impression&gtm=45je4b70v9133154062z89133144017za200zb9133144...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1469442740.1731531901&dbk=10818742267328268676&dma=0&en=ad_impression&gtm=45je4b70v9133154062z89133144017za200zb9133144017&npa=0&tid=G-HGM5N36QZC&dl=https%3A%2F%2Fherenewing.com%3F
Requested by
Host: herenewing.com
URL: https://herenewing.com/
Protocol
H2
Server
2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://herenewing.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgnc:90:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgnc:90:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Wed, 13 Nov 2024 21:05:02 GMT
content-type
text/plain
server
Golfe2

Redirect headers

cache-control
no-cache, no-store, must-revalidate
location
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1469442740.1731531901&dbk=10818742267328268676&dma=0&en=ad_impression&gtm=45je4b70v9133154062z89133144017za200zb9133144017&npa=0&tid=G-HGM5N36QZC&dl=https%3A%2F%2Fherenewing.com%3F
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
487
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 21:05:01 GMT
content-type
text/html; charset=UTF-8
server
Golfe2
pd
google-bidout-d.openx.net/w/1.0/ Frame 123B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Referer
https://herenewing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
455
content-type
text/html
date
Wed, 13 Nov 2024 21:05:01 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
container.html
56d57c183579609d6c7f2278ff69ee19.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8587 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://56d57c183579609d6c7f2278ff69ee19.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411070102/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://herenewing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Nov 2024 21:05:01 GMT
expires
Wed, 13 Nov 2024 21:05:01 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
register-conversion
www.google-analytics.com/privacy-sandbox/
Redirect Chain
  • https://analytics.google.com/g/collect?v=2&tid=G-HGM5N36QZC&gtm=45je4b70v9133154062za200zb9133144017&_p=1731531899600&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101925629~102067555~102077855&ci...
  • https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1469442740.1731531901&dbk=3220609964020395715&dma=0&en=ad_impression&gtm=45je4b70v9133154062za200zb9133144017&npa=0&tid...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1469442740.1731531901&dbk=3220609964020395715&dma=0&en=ad_impression&gtm=45je4b70v9133154062za200zb9133144017&npa=0&tid=G-HGM5N36QZC&dl=https%3A%2F%2Fherenewing.com%3F
Requested by
Host: herenewing.com
URL: https://herenewing.com/
Protocol
H2
Server
2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://herenewing.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgnc:90:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgnc:90:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Wed, 13 Nov 2024 21:05:02 GMT
content-type
text/plain
server
Golfe2

Redirect headers

cache-control
no-cache, no-store, must-revalidate
location
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1469442740.1731531901&dbk=3220609964020395715&dma=0&en=ad_impression&gtm=45je4b70v9133154062za200zb9133144017&npa=0&tid=G-HGM5N36QZC&dl=https%3A%2F%2Fherenewing.com%3F
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
474
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 21:05:01 GMT
content-type
text/html; charset=UTF-8
server
Golfe2
register-conversion
www.google-analytics.com/privacy-sandbox/
Redirect Chain
  • https://analytics.google.com/g/collect?v=2&tid=G-HGM5N36QZC&gtm=45je4b70v9133154062z89133144017za200zb9133144017&_p=1731531899600&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101925629~102067555~...
  • https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1469442740.1731531901&dbk=2844589902876021663&dma=0&en=ad_impression&gtm=45je4b70v9133154062z89133144017za200zb91331440...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1469442740.1731531901&dbk=2844589902876021663&dma=0&en=ad_impression&gtm=45je4b70v9133154062z89133144017za200zb9133144017&npa=0&tid=G-HGM5N36QZC&dl=https%3A%2F%2Fherenewing.com%3F
Requested by
Host: herenewing.com
URL: https://herenewing.com/
Protocol
H2
Server
2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://herenewing.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgnc:90:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgnc:90:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Wed, 13 Nov 2024 21:05:02 GMT
content-type
text/plain
server
Golfe2

Redirect headers

cache-control
no-cache, no-store, must-revalidate
location
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1469442740.1731531901&dbk=2844589902876021663&dma=0&en=ad_impression&gtm=45je4b70v9133154062z89133144017za200zb9133144017&npa=0&tid=G-HGM5N36QZC&dl=https%3A%2F%2Fherenewing.com%3F
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
486
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 21:05:01 GMT
content-type
text/html; charset=UTF-8
server
Golfe2
AGSKWxVyiJ8j9_cOGVFLHwQ_0-t0wucqUu6LjwYQtJG-ted4xv9HSKfQ6e5Kqo2o9bd7kN1Z69p6kBVthIKEQv-P3Ysw4nkF7r5Xx0buQoocVSITSghYoSH8jojq5X8vkK0HWtJUpzKVww==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVyiJ8j9_cOGVFLHwQ_0-t0wucqUu6LjwYQtJG-ted4xv9HSKfQ6e5Kqo2o9bd7kN1Z69p6kBVthIKEQv-P3Ysw4nkF7r5Xx0buQoocVSITSghYoSH8jojq5X8vkK0HWtJUpzKVww==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.grMUXx59Hww.es5.O/am=GAw/d=1/rs=AJlcJMxd4sUEQIAITlzOz3alHgX4yT9WRw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.174 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-IW5QTGLYXbH-m8xHOAKt5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://herenewing.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 21:05:02 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw05BicEqfwRoExO5aF1n9gZjh6xVWDiAW4uH4t-LKTjaBBScvtjApuSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDIxNDQ0MjPQPz-AIDAExfKSA"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-IW5QTGLYXbH-m8xHOAKt5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://herenewing.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxXkfzBTjGxTPzvX8Mivrwb6Z2-p0yQC6FdKNg3MqDw2vaUua7PSFCwAaYDSXwvPIxjc86JAhpQdyygNpRdqgMHT4tDdgU50wif3Qffdqu7T9atGwxmcTdE9ZviJzBOb91p8hi72gw==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXkfzBTjGxTPzvX8Mivrwb6Z2-p0yQC6FdKNg3MqDw2vaUua7PSFCwAaYDSXwvPIxjc86JAhpQdyygNpRdqgMHT4tDdgU50wif3Qffdqu7T9atGwxmcTdE9ZviJzBOb91p8hi72gw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMxNTMxOTAyLDIyOTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9oZXJlbmV3aW5nLmNvbS8iLG51bGwsW1s4LCJnck1VWHg1OUh3dyJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsyMCwiW251bGwsbnVsbCxbMzEwODgyNDhdLDEwLDE2XSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.grMUXx59Hww.es5.O/am=GAw/d=1/rs=AJlcJMxd4sUEQIAITlzOz3alHgX4yT9WRw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1eab412d91f7cb02765d32e37d9af29c5540a10332a15a88c993caae66bc2336
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-DUuvrBWleELlYcMiyAAsFA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://herenewing.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 21:05:02 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmII1JBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgdte6yOoPxIYKl1idgdix6BKrJxCr9lxiNQfi--susT4H4iKJK6wtQHy76QrrYyBm-HqFlQOIhXg4_q24spNNYEH7_PmMShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRiaGhoZGegbG8QUGAI1jP_o"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-DUuvrBWleELlYcMiyAAsFA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
json
deapi.funsdata.com/v1/wgt/report/ 		51 B
341 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://deapi.funsdata.com/v1/wgt/report/json
Requested by
Host: sdk.beesads.com
URL: https://sdk.beesads.com/v1/ads-tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.221.104.121 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash
42f90637ea25ad029a8be581e8d36bd49b021a7a27639c9bf6230cf49dbb4d1c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://herenewing.com/

Response headers

access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin
*
content-length
51
date
Wed, 13 Nov 2024 21:05:02 GMT
content-type
application/json;charset=utf8
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,Authorization,accept,origin,Cache-Control,X-Requested-With
AGSKWxXkhXFdaZDAFg_vz2aOB2yoKmOCC7gyoYVoJV_951PSbbunCofXFr-XeZns6RiaHlJ0Uppuo5W20HSWs-7gGcBbmd8CoP5TiPcdiuJt_cMEzC7Hv18D7YnXRC36KRHyP1wFVZzlHw==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXkhXFdaZDAFg_vz2aOB2yoKmOCC7gyoYVoJV_951PSbbunCofXFr-XeZns6RiaHlJ0Uppuo5W20HSWs-7gGcBbmd8CoP5TiPcdiuJt_cMEzC7Hv18D7YnXRC36KRHyP1wFVZzlHw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMxNTMxOTAyLDQyMzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vaGVyZW5ld2luZy5jb20vIixudWxsLFtbOCwiZ3JNVVh4NTlId3ciXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMjAsIltudWxsLG51bGwsWzMxMDg4MjQ4XSwxMCwxNl0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.grMUXx59Hww.es5.O/am=GAw/d=1/rs=AJlcJMxd4sUEQIAITlzOz3alHgX4yT9WRw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
321e430f881c84c9683ab3bf0a4c057d17caf97c3fae44db8e30d839beaf89aa
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-diaQkY7dWLzKAvZUnP31sQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://herenewing.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 21:05:02 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw0pBiOHnrNtNFIJb4-pJJC4id0mewhgBx681zrNOBOOnfedYSIHbXusjqD8SGCpdYnYHYsegSqycQq_ZcYjUH4vvrLrE-B-IiiSusLUB8u-kK62MgZvh6hZUDiIV4OP6tuLKTTWBC3_5fjEoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmhoaGRnoGxvEFBgC9JkVt"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-diaQkY7dWLzKAvZUnP31sQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
zxy
fundingchoicesmessages.google.com/f/AGSKWxVw1Xq4DXymHDkeXpYoGbkMMxa6c1OWa_pT2GzOMfVtPkpwMmwhBQBw9mxpFpjEdEDCSlRVLT-WHUJNFg-PGX0xpXcSXZkHxhmhCvKcqsT2jWtQtFCon2EYny0BS3Nh9H6e2jSSIkACM7fvNuMsITxw1y2qc... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVw1Xq4DXymHDkeXpYoGbkMMxa6c1OWa_pT2GzOMfVtPkpwMmwhBQBw9mxpFpjEdEDCSlRVLT-WHUJNFg-PGX0xpXcSXZkHxhmhCvKcqsT2jWtQtFCon2EYny0BS3Nh9H6e2jSSIkACM7fvNuMsITxw1y2qc7VLNiTzT1MqV7bZZGirKRv-ZA7ymdrz/__sidebarad_/newBuildAdfoxBanner.-988x60./adnet./zxy?
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.grMUXx59Hww.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwhwCQtMG6fRUUQVijeU30NlnnKIQ/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.174 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f14.1e100.net
Software
ESF /
Resource Hash
15250e5709384e919821c1c92671754459e4211e20a2cc2c99888793b100105f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bPWtGn7fXF0XDw3oMwImDw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://herenewing.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 21:05:03 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw0pBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgdte6yOoPxIYKl1idgdix6BKrJxCr9lxiNQfi--susT4H4iKJK6wtQHy76QrrYyBm-HqFlQOIhXg4_q-4spNNYMaGj3cYlTSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMDQ2N9AyM4wsMAKggQKQ"
content-security-policy
script-src 'report-sample' 'nonce-bPWtGn7fXF0XDw3oMwImDw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		158 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.grMUXx59Hww.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwhwCQtMG6fRUUQVijeU30NlnnKIQ/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
7da341dcc5a56211681ddb7d01fabfd18efa700deafd90a9df07f993e433476e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://herenewing.com/

Response headers

content-encoding
br
etag
7971392440606551279
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 21:05:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 13 Nov 2024 21:05:03 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53579
x-xss-protection
0
server
cafe
AGSKWxVyiJ8j9_cOGVFLHwQ_0-t0wucqUu6LjwYQtJG-ted4xv9HSKfQ6e5Kqo2o9bd7kN1Z69p6kBVthIKEQv-P3Ysw4nkF7r5Xx0buQoocVSITSghYoSH8jojq5X8vkK0HWtJUpzKVww==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVyiJ8j9_cOGVFLHwQ_0-t0wucqUu6LjwYQtJG-ted4xv9HSKfQ6e5Kqo2o9bd7kN1Z69p6kBVthIKEQv-P3Ysw4nkF7r5Xx0buQoocVSITSghYoSH8jojq5X8vkK0HWtJUpzKVww==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.grMUXx59Hww.es5.O/am=GAw/d=1/rs=AJlcJMxd4sUEQIAITlzOz3alHgX4yT9WRw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.174 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ymZ4EYbB5LCPoP9yzNZ65w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://herenewing.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 21:05:03 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw05BicEqfwRoExO5aF1n9gZjh6xVWDiAW4uH4v-LKTjaBEy3L7zAquSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDIxNDQ0MjPQPz-AIDAFD1KTE"
content-security-policy
script-src 'report-sample' 'nonce-ymZ4EYbB5LCPoP9yzNZ65w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://herenewing.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxVyiJ8j9_cOGVFLHwQ_0-t0wucqUu6LjwYQtJG-ted4xv9HSKfQ6e5Kqo2o9bd7kN1Z69p6kBVthIKEQv-P3Ysw4nkF7r5Xx0buQoocVSITSghYoSH8jojq5X8vkK0HWtJUpzKVww==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVyiJ8j9_cOGVFLHwQ_0-t0wucqUu6LjwYQtJG-ted4xv9HSKfQ6e5Kqo2o9bd7kN1Z69p6kBVthIKEQv-P3Ysw4nkF7r5Xx0buQoocVSITSghYoSH8jojq5X8vkK0HWtJUpzKVww==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.grMUXx59Hww.es5.O/am=GAw/d=1/rs=AJlcJMxd4sUEQIAITlzOz3alHgX4yT9WRw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.174 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-gxf77AV0I4tI2I9EXRSOxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://herenewing.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 21:05:03 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1JBicEqfwRoExO5aF1n9gZjh6xVWDiAW4uH4v-LKTjaBH7f61zApuSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDIxNDQ0MjPQPz-AIDAGUgKXM"
content-security-policy
script-src 'report-sample' 'nonce-gxf77AV0I4tI2I9EXRSOxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://herenewing.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxVyiJ8j9_cOGVFLHwQ_0-t0wucqUu6LjwYQtJG-ted4xv9HSKfQ6e5Kqo2o9bd7kN1Z69p6kBVthIKEQv-P3Ysw4nkF7r5Xx0buQoocVSITSghYoSH8jojq5X8vkK0HWtJUpzKVww==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVyiJ8j9_cOGVFLHwQ_0-t0wucqUu6LjwYQtJG-ted4xv9HSKfQ6e5Kqo2o9bd7kN1Z69p6kBVthIKEQv-P3Ysw4nkF7r5Xx0buQoocVSITSghYoSH8jojq5X8vkK0HWtJUpzKVww==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.grMUXx59Hww.es5.O/am=GAw/d=1/rs=AJlcJMxd4sUEQIAITlzOz3alHgX4yT9WRw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.174 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-RcCgdhwJwdTyKms_O0UtsA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://herenewing.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 21:05:03 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII0JBicEqfwRoExO5aF1n9gZjh6xVWDiAW4uH4v-LKTjaBD-cWnGVScknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGhoZGegbm8QUGAHCBKZg"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-RcCgdhwJwdTyKms_O0UtsA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://herenewing.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxVyiJ8j9_cOGVFLHwQ_0-t0wucqUu6LjwYQtJG-ted4xv9HSKfQ6e5Kqo2o9bd7kN1Z69p6kBVthIKEQv-P3Ysw4nkF7r5Xx0buQoocVSITSghYoSH8jojq5X8vkK0HWtJUpzKVww==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVyiJ8j9_cOGVFLHwQ_0-t0wucqUu6LjwYQtJG-ted4xv9HSKfQ6e5Kqo2o9bd7kN1Z69p6kBVthIKEQv-P3Ysw4nkF7r5Xx0buQoocVSITSghYoSH8jojq5X8vkK0HWtJUpzKVww==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.grMUXx59Hww.es5.O/am=GAw/d=1/rs=AJlcJMxd4sUEQIAITlzOz3alHgX4yT9WRw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.174 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ZIaFBFMGmLXzNNI6poTXLQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://herenewing.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 21:05:03 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII0JBicEqfwRoExO5aF1n9gZjh6xVWDiAW4uH4v-LKTjaBFftunWFScknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGhoZGegbm8QUGAGcLKXk"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ZIaFBFMGmLXzNNI6poTXLQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://herenewing.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxX7V6PXzz-ffqFozP0oJhG5xQCTFJXEzGNu7F3lsmNpu64Wxr4EGwDh-FUxqUkto2KefSnxR6IKQeZ4RK70_jsVRw-QF9ddKAZ7VbFbD8kv4FqXzZrEzUgX_poKmU6IfFQPthHGWg==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxX7V6PXzz-ffqFozP0oJhG5xQCTFJXEzGNu7F3lsmNpu64Wxr4EGwDh-FUxqUkto2KefSnxR6IKQeZ4RK70_jsVRw-QF9ddKAZ7VbFbD8kv4FqXzZrEzUgX_poKmU6IfFQPthHGWg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMxNTMxOTAzLDYxNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9oZXJlbmV3aW5nLmNvbS8iLG51bGwsW1s4LCJnck1VWHg1OUh3dyJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsyMCwiW251bGwsbnVsbCxbMzEwODgyNDhdLDEwLDE2XSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.grMUXx59Hww.es5.O/am=GAw/d=1/rs=AJlcJMxd4sUEQIAITlzOz3alHgX4yT9WRw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.174 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f14.1e100.net
Software
ESF /
Resource Hash
9569f24550ccf3b6caf68c35b93d538f794543e3b6b7c1d3b2fd0cd0e68295f9
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-X72pKdruRaQdq5X5IqDUPA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://herenewing.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 21:05:03 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw1ZBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgdte6yOoPxIYKl1idgdix6BKrJxCr9lxiNQfi--susT4H4iKJK6wtQHy76QrrYyBm-HqFlQOIhXg4_q-4spNNoGHFyutMShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRiaGhoZGegbG8QUGAJbDQDs"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-X72pKdruRaQdq5X5IqDUPA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
AGSKWxVs4x0UtOUJyyb6jw5xk-UcuxzeOBj9dG3ha7UTqHLwbY5Ca-NY3tLsDg4Wa9_GRCU2i6Eyb2zSBJTP1NzdnzSh0bOUKGbk_Ue1JZOXMod5BqsTRMhKHpbFklFp9VGviw5kqrl1tQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVs4x0UtOUJyyb6jw5xk-UcuxzeOBj9dG3ha7UTqHLwbY5Ca-NY3tLsDg4Wa9_GRCU2i6Eyb2zSBJTP1NzdnzSh0bOUKGbk_Ue1JZOXMod5BqsTRMhKHpbFklFp9VGviw5kqrl1tQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.grMUXx59Hww.es5.O/am=GAw/d=1/rs=AJlcJMxd4sUEQIAITlzOz3alHgX4yT9WRw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.174 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JApUhosONMFo3GYtsm_Rbw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://herenewing.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 21:05:03 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1pBicEqfwRoExO5aF1n9gZjh6xVWDiAW4uH4v-LKTjaBC3ePrGZWcknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGhoZGegbm8QUGAGbCKX0"
content-security-policy
script-src 'report-sample' 'nonce-JApUhosONMFo3GYtsm_Rbw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://herenewing.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxVyiJ8j9_cOGVFLHwQ_0-t0wucqUu6LjwYQtJG-ted4xv9HSKfQ6e5Kqo2o9bd7kN1Z69p6kBVthIKEQv-P3Ysw4nkF7r5Xx0buQoocVSITSghYoSH8jojq5X8vkK0HWtJUpzKVww==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVyiJ8j9_cOGVFLHwQ_0-t0wucqUu6LjwYQtJG-ted4xv9HSKfQ6e5Kqo2o9bd7kN1Z69p6kBVthIKEQv-P3Ysw4nkF7r5Xx0buQoocVSITSghYoSH8jojq5X8vkK0HWtJUpzKVww==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.grMUXx59Hww.es5.O/am=GAw/d=1/rs=AJlcJMxd4sUEQIAITlzOz3alHgX4yT9WRw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.174 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-SeA7ZL_oTrAB1gpxjvRPSw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://herenewing.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 21:05:03 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0JBicEqfwRoExO5aF1n9gZjh6xVWDiAW4uH4v-LKTjaBE19XrmVWcknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGhoZGegbm8QUGAGZnKXk"
content-security-policy
script-src 'report-sample' 'nonce-SeA7ZL_oTrAB1gpxjvRPSw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://herenewing.com
content-length
0
x-xss-protection
0
server
ESF
sodar
ep1.adtrafficquality.google/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202411070102&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411070102/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f2.1e100.net
Software
cafe /
Resource Hash
001f216918ce87ff98c1e457fe35880fd900f2bd747d703d84706e11d33cb900
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://herenewing.com/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
12893
date
Wed, 13 Nov 2024 21:05:04 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-HGM5N36QZC&gtm=45je4b70v9133154062z89133144017za200zb9133144017&_p=1731531899600&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101925629~102067555~102077855&cid=1469442740.1731531901&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&sid=1731531900&sct=1&seg=1&dl=https%3A%2F%2Fherenewing.com%2F&dt=herenewing&_s=7&tfd=5848
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-HGM5N36QZC&l=dataLayer&cx=c&gtm=45He4b70v9133144017za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://herenewing.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://herenewing.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 21:05:04 GMT
content-type
text/plain
server
Golfe2
cp3el6j6q9o1qah96la0.ico
img.enjoy4fun.com/site_icon/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://img.enjoy4fun.com/site_icon/cp3el6j6q9o1qah96la0.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.36.197.63 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
63.197.36.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
395db6cd6c2d2def186daf5466911a68706dfd4bbf176524ddf2352592d7ad1e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://herenewing.com/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=/FSsGQ==, md5=7Zezf+fiYDPKnQJD3Wj9DQ==
etag
"ed97b37fe7e26033ca9d0243dd68fd0d"
age
2947
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
4286
date
Wed, 13 Nov 2024 20:15:57 GMT
x-goog-meta-x-goog-source-etag
"ed97b37fe7e26033ca9d0243dd68fd0d"
last-modified
Fri, 18 Oct 2024 06:37:27 GMT
content-type
image/ico
x-guploader-uploadid
AHmUCY0Y64VuRDOHd-Xzvc29-dd3MM_9G_ydleCzeQAI2vX1_6y7rHNM8gfCMW2R4bIg4TR6YkZBx9ceAg
cache-control
public,max-age=3600
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
x-goog-generation
1729233447167963
content-length
4286
server
UploadServer
cp3el6j6q9o1qah96la0.ico
img.enjoy4fun.com/site_icon/ 		4 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://img.enjoy4fun.com/site_icon/cp3el6j6q9o1qah96la0.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.36.197.63 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
63.197.36.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
395db6cd6c2d2def186daf5466911a68706dfd4bbf176524ddf2352592d7ad1e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://herenewing.com/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=/FSsGQ==, md5=7Zezf+fiYDPKnQJD3Wj9DQ==
etag
"ed97b37fe7e26033ca9d0243dd68fd0d"
age
2947
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
4286
date
Wed, 13 Nov 2024 20:15:57 GMT
x-goog-meta-x-goog-source-etag
"ed97b37fe7e26033ca9d0243dd68fd0d"
last-modified
Fri, 18 Oct 2024 06:37:27 GMT
content-type
image/ico
x-guploader-uploadid
AHmUCY0Y64VuRDOHd-Xzvc29-dd3MM_9G_ydleCzeQAI2vX1_6y7rHNM8gfCMW2R4bIg4TR6YkZBx9ceAg
cache-control
public,max-age=3600
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
x-goog-generation
1729233447167963
content-length
4286
server
UploadServer
sodar2.js
ep2.adtrafficquality.google/sodar/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411070102/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://herenewing.com/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 21:05:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 21:05:04 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame B4AC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://herenewing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
25
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Nov 2024 21:04:40 GMT
expires
Wed, 13 Nov 2024 21:54:40 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame AB0B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.100 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-I37sRXByY7_hYn85NADwdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://herenewing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-I37sRXByY7_hYn85NADwdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Nov 2024 21:05:05 GMT
expires
Wed, 13 Nov 2024 21:05:05 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
sodar
ep1.adtrafficquality.google/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202411070102&jk=2331664439214529&bg=!JySlJGvNAAYQZ9WPMGc7ADQBe5WfOMR7a_6WgrOhVbvvseEOooGvjCaDesvnU6_iEW7iVA__NatJNp6UvWgod_RTB7lzAgAAAGdSAAAAA2gBB34ANnhBonSKDqWA_ZT6CncmgXRimEGFz8ZT9fL19P5nfAV0Ywr3_BKQKkDss90ZyoU78imUVgSgyQoAUKGdR-CJ4a4uFoFKEqGRZGjFpOecAq4NC02rv781Vw2U2dSHGSQqxcidxKr4CzTuIpvtIqA6QnN1wWmNxmoiTynGPH0ipsrR-ffIVZvthbVhmQKOaITWFZY7WBnafmNJ7J_hRCxiqW9zZxnBXWVyC8nt_Zfx5yAiRDZZA_yVYjd7LYT5qDOK4kVmXPJ8Z4dGyi3B6EJ2YYrz1OPAQhWjGnlnap6aJyqcwG5B-XQamyUahbospdwXQxvn9wv_jBiXR7psmBCnGQI6xMJ-k6hXjA6KSQRVt99wBnckB01jg4hsGREKMTSj0FV3sTN7eXKOkV5EBUGmS48AiWk9-OTByMiMLiIy7XS3OAt5zdK3J1CBt6hyQC3dbZFjnNrpV5SGrR_beDL4dfz00T8pT2hAh3xYzML5jub-a3Y6R1DvJQWrdfKffjzCxYObBEa-dTjaBvcVQV5H0yCfBrjcx5mrq8vZ5mbymJM5pmwVMB0GMLAiRKlWj5XqiQa8baOY9bbPnoNt29b69WsLVh6E3QtZs_2GuGaBNowqIRtnMLWKK-tKpJh7zs1Q5mu_yBHgS7nh3khH9Oiutz2_avAo4t5OdLUBA6lhjC5vpU5Bb-vyN_mjFQrl8sGRLz0OXxaIEX8fwwjfnTBiuFTHN3PKQEs2ZfNv0ByIia8y3NedpEYnqwFSBQK4kxZgdzahdPiDi-w8sYmqceQeNPpm-qCTiDwRhcoJTCLe905n32nW6WRqH-DbQE74JEmXupaHVFZqpsaxwhe54k_rtAw7FdGp1gIq-tK46NFPRbXT-_1azjEQ_WXCbQxlwi02NXFi75DYKX1y6u9dttQyIxtcmaB0mA5-qA1uh_j8B3iwqH5R8O_4aRPmqjr6bOXpOEOEFIp35w78fgsL1a-HWSOSnL3qXUEEnmahEsIsCuuxJLyrxQc3fhGndYwSg3XOC6r-AFRvKFVB7-k29RhCb-mHr3_nTbQFKBXT

Verdicts & Comments Add Verdict or Comment

207 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| adsTag boolean| templateFlag object| APP_PROPS object| React object| ReactDOM object| dataLayer object| __prebidVideo object| __prebidBanner object| adsbygoogle object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| google_persistent_state_async object| google_reactive_ads_global_state object| google_llp object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager function| AFMA_AddEventListener function| AFMA_RemoveEventListener function| AFMA_AddObserver function| AFMA_RemoveObserver function| AFMA_ReceiveMessage function| AFMA_SendMessage object| AFMA_Communicator object| __siteConf number| __tagIndex object| google_tag_topics_state function| google_sa_impl object| googPageScrollPreventerInfo number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| onYouTubeIframeAPIReady object| gaGlobal object| regeneratorRuntime object| ox_esp object| _33across function| lotameIsCompatible function| sync16589_aa function| sync16589_c function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ia object| sync16589_ja object| sync16589_s object| sync16589_wa function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_ga function| sync16589_ha function| sync16589_t function| sync16589_v function| sync16589_w function| sync16589_x function| sync16589_ka function| sync16589_la function| sync16589_y function| sync16589_ma function| sync16589_z function| sync16589_A function| sync16589_u function| sync16589_C function| sync16589_na function| sync16589_oa function| sync16589_pa function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_qa function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_M function| sync16589_L function| sync16589_N function| sync16589_O function| sync16589_J function| sync16589_ra function| sync16589_sa function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_P function| sync16589_Q function| sync16589_xa function| sync16589_R function| sync16589_ya function| sync16589_za function| sync16589_Aa function| sync16589_S function| sync16589_Ba function| sync16589_Ca function| sync16589_Da function| sync16589_Ea function| sync16589_T function| sync16589_Fa function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_X function| sync16589_Ga function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_1 function| sync16589_2 function| sync16589_Ha function| sync16589_3 function| sync16589_Ja function| sync16589_Ia function| sync16589_4 function| sync16589_La function| sync16589_Ma function| sync16589_Ka function| sync16589_Na function| sync16589_Qa function| sync16589_Pa function| sync16589_Oa function| sync16589_Sa function| sync16589_Ua function| sync16589_Ra function| sync16589_6 function| sync16589_Ta function| sync16589_Xa function| sync16589_Wa function| sync16589_Va function| sync16589_7 function| sync16589_5 function| sync16589_8 function| sync16589_Ya function| sync16589_Za function| sync16589__a function| sync16589_0a function| sync16589_9 function| sync16589_1a function| sync16589_$ function| sync16589_2a function| sync16589_3a function| sync16589_4a object| lotame_sync_16589 object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_159 object| Criteo object| Criteo_identitytag_159 object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| ZWMyYzEwY2EwN2E4YmY0NGxvYWRlcl9qcw== string| ZWMyYzEwY2EwN2E4YmY0NGNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady boolean| 5a78db3a-c90b-49eb-979b-069f6b0fdc18 object| GoogleGcLKhOms

29 Cookies

Domain/Path Name / Value
.gamebridge.games/ Name: uid
Value: csqh8uot49tc72vuhdg0
.herenewing.com/ Name: _gcl_au
Value: 1.1.711917770.1731531900
.herenewing.com/ Name: _ga
Value: GA1.1.1469442740.1731531901
.openx.net/ Name: i
Value: f60c7a27-d515-4389-be66-a6e100476de0|1731531901
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 75fa9bf4f7d4613cae50b588882771b9
.herenewing.com/ Name: _cc_id
Value: 75fa9bf4f7d4613cae50b588882771b9
.herenewing.com/ Name: panoramaId_expiry
Value: 1731618301509
.criteo.com/ Name: uid
Value: 95591e1a-22af-4642-9401-e7180490af27
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.herenewing.com/ Name: __gads
Value: ID=49cdac277d00bbe6:T=1731531900:RT=1731531900:S=ALNI_Mbfm9JgGFqp_Dz5SWFWkJE5ob9tog
.herenewing.com/ Name: __gpi
Value: UID=00000f94865ef083:T=1731531900:RT=1731531900:S=ALNI_Ma7o3qlJ_YLs2AaA4J-mQv0zqztQQ
.herenewing.com/ Name: __eoi
Value: ID=0eeb6bbb9f187c5c:T=1731531900:RT=1731531900:S=AA-AfjahFdM0lXxXUsrKpn9aLEOF
.openx.net/ Name: pd
Value: v2|1731531901|vMgavPkWgy
.adsrvr.org/ Name: TDID
Value: bf9c8658-be27-4a5b-9263-7fd13ba5c4bc
.doubleclick.net/ Name: IDE
Value: AHWqTUldNUWbwwTWJTOi1nP7-dZMXlvoc_EnUv9C3j_mnH7DtYx4aye9t5EZC86KO9g
.yahoo.com/ Name: A3
Value: d=AQABBH4UNWcCENxRq8Nn8JtwXno8vptSPZYFEgEBAQFlNmc-ZwAAAAAA_eMAAA&S=AQAAAiyMDyogbjIevZWJuP1sKUs
.herenewing.com/ Name: cto_bundle
Value: FZq0i19QTG5qbVhoMWljJTJGdklkWDRkZUZBMFpGMXNiZXJoQ3RnRkUlMkZ4M2Y3OHYyZ0Q5JTJCZDExR29UQ25VWkZXa1llUWFBSCUyQnZoeXJCazE3JTJCYUZVRmVLNWgzVUFFdjdFU2RENGZnbEJSYTJIUFQzemJ3RXQ3U2ZsYlMycThGY1ozeSUyRlNtWDJMJTJCQkVpZzFhbWIlMkZueDFJODA5ZWRoejMwUlAwS3Exa29KODJTRSUyQncxa0UlM0Q
.amazon-adsystem.com/ Name: ad-id
Value: A8efiKCdgUtzmBnpOVL4cVw
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.media.net/ Name: usp_status
Value: 1
.media.net/ Name: visitor-id
Value: 3745335031829698000V10
.media.net/ Name: data-exp
Value: setstatuscode~~1
.tapad.com/ Name: TapAd_TS
Value: 1731531903687
.tapad.com/ Name: TapAd_DID
Value: 34069e81-05ae-4e46-a8ff-6f012fdd9d2c
.herenewing.com/ Name: FCNEC
Value: %5B%5B%22AKsRol84LGh7NfB3TN4wSAOesyz1KktycoQtaBm_Gqw8wgr938n2B6Ff_Oyu8hdgBlnYYPJgiyfnOZoiUh9DVphRAPwESbSTPtUR7GKHSk0HLna9do6f8ykrmuxDpzQETPcWKP6dNh7EZZa9tVKIXGPd9LZjZjO1Sw%3D%3D%22%5D%5D
.adsrvr.org/ Name: TDCPM
Value: CAESFAoFdGFwYWQSCwicpOWHnIzCPRAFGAEgASgCMgsIlprotLKMwj0QBTgBWgV0YXBhZGAC
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!7653
.herenewing.com/ Name: _ga_HGM5N36QZC
Value: GS1.1.1731531900.1.1.1731531904.56.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors https://*.myworldfix.com https://*.beesads.com https://*.gamebridge.games http://*.gamebridge.games
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

56d57c183579609d6c7f2278ff69ee19.safeframe.googlesyndication.com
analytics.google.com
api.gamebridge.games
bcp.crwdcntrl.net
cdn-ima.33across.com
deapi.funsdata.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fonts.font.im
fonts.gstatic.font.im
fundingchoicesmessages.google.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
herenewing.com
img.enjoy4fun.com
invstatic101.creativecdn.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
sdk.beesads.com
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
tags.crwdcntrl.net
td.doubleclick.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
ep1.adtrafficquality.google
108.138.128.46
13.35.93.72
142.250.176.206
142.250.65.174
142.250.80.66
142.250.81.226
142.251.40.100
142.251.40.130
142.251.40.162
172.105.196.206
172.64.152.89
2001:4860:4802:38::181
2607:f8b0:4004:c06::9d
2607:f8b0:4006:80e::2001
2607:f8b0:4006:80e::200e
2607:f8b0:4006:80f::2008
2607:f8b0:4006:816::2001
2607:f8b0:4006:816::200e
2607:f8b0:4006:822::2002
2620:100:a00b::12
2620:100:a00b::4
34.102.146.192
34.111.184.159
34.120.135.53
34.36.197.63
34.54.12.158
34.96.70.87
35.244.159.8
52.22.132.221
8.221.104.121
001f216918ce87ff98c1e457fe35880fd900f2bd747d703d84706e11d33cb900
06899a81f1d0d7cca6e7488762f294c97330cb39943ac4b45a69dbdf3b45d14f
09d49623c6b38f7d52ccffd7f256afeca566fe8af388a2e4b779bcfa86b0ed71
0ede7f771034697a60eff281ea8957d9917c73f69308eb9c680aa31cdd6cb81b
1402468b05b174966057bcf7d4ea45559b15618403ca1c88bbf8ab0e214b12dc
15250e5709384e919821c1c92671754459e4211e20a2cc2c99888793b100105f
1635d2075d3343c86490d2229c1fb868ad59d92958ef65e04cb65767c703e9f6
1834666d7164eeea774483ab115e64e75add119631c20a2d2be12b4ddc55b06b
1eab412d91f7cb02765d32e37d9af29c5540a10332a15a88c993caae66bc2336
1f9c778d72f961cf46742326267bec4215b3b24153c2d36457917c7bffeaf955
20d086bb7d1c95c18e2a45badf7a062ad2ce014a78e4430a73607489cccfaab0
259ebe1408a65dc59061540c2e10bad8ec85700fc4116ca0af37c9e4c0e7761b
26dda7a20a4921e6bfdffeb3fa7a594b5d23a7b64fd54a80115202e733a05a14
2936b1465f48a935599f49d9cc9dfc3603992173d389c51b02526c8b49c66ae6
30b32e97f2e3e06deb742bf2e19daeb4f4657a956e836c2a25a7df2bc72f7500
321e430f881c84c9683ab3bf0a4c057d17caf97c3fae44db8e30d839beaf89aa
359c6868bc925ea722f407f6f044c35860a2e086cda1df1335b1743e2b4c3f7e
35d530cc26a4e1216f95f84774f499f8036232514fe8ab68719f42267683c697
395db6cd6c2d2def186daf5466911a68706dfd4bbf176524ddf2352592d7ad1e
42f90637ea25ad029a8be581e8d36bd49b021a7a27639c9bf6230cf49dbb4d1c
44228a94bbb73bed39ea4df254425cd57dc64558024665c2413f31252b0d2e7d
49b6bd2f981db689c79454531a3a05a91cf2f79b8db4783fe66cff91289ac83d
51ee07e310a53408e4328e3f00cedcb59ed834f7e2cebe88c6e3e8c03d1a9ebc
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
554d7fe08deda12c3c724e854ab7226c617f83db328e32a80fb285484474e2e7
6bc6fa4c25a852ea34886e66e61e6e46d9f5d7d7ed7dbba975285840f782a46d
753f20eddcd7455e3141e976b4d69c4bfb16b0860dbe4b1c995725826ec72065
7da341dcc5a56211681ddb7d01fabfd18efa700deafd90a9df07f993e433476e
872e862918591a9e824dc03ed92f05729435ffbb8ebbb10eff7eda26592b1798
9569f24550ccf3b6caf68c35b93d538f794543e3b6b7c1d3b2fd0cd0e68295f9
9ffa45453324362cbc5cc78288e04513100c2d61baf3a969717ea5df3d0dbb39
ad73ab5c9a11db36cfcb310965a4647e10794f5f6440325afee8913e80174efb
c9ebe6d2c6e02f14209d2f8aea21cf431eb0a330c3da5e4578fe050cc5e0d64c
d117d6c4a8dfe9026a0ea5468b051f3e0b46b6a9dc0c31fbe6c846574ccf5fb3
d279bac84ea33713a4f9c1e8c08ea5ead66f628487ded4983b01ccf6b3288a2d
dbc568b4e6cd879da1affc904bdf0cdfcb800a3d65c9cdf1da1b6ca195db96c3
e0c4768e3bf894d2484743a77cc403a13deb88343da0c34c9a8f68b7bf0b658d
e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0131c2ea86ac9286019cb07bc397a2810d6c15e212925720fb47bbf79dd452c
f24d425e2554a7f4288364bd3a87a27037627c72728fc809554b8cf919c39ec9
f66bfa056217d2581132aac69f8a80f8d938b22ca2f51fa6de94d9ba972abb62
f6de997e5fd107ab0f2311f9c937a69f5eb4ba156c0d25e4c4cb9aab632e0080
fdbdead9a6e6d720ad2a403cf338c97e43a707cfcda3f4a620e9d80f640184eb
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99