www.timesnewspapers.com Open in urlscan Pro
192.104.183.109 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02...
Submission: On May 08 via manual (May 8th 2020, 6:03:18 am UTC) from PL

Summary HTTP 81 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 18 IPs in 7 countries across 16 domains to perform 81 HTTP transactions. The main IP is 192.104.183.109, located in United States and belongs to LEE-ASN, US. The main domain is www.timesnewspapers.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 25th 2020. Valid for: 3 months.

This is the only time www.timesnewspapers.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Constant Contact (Online)

Domain & IP information

	IP Address	AS Autonomous System
23	192.104.183.109 192.104.183.109	10668 (LEE-ASN) (LEE-ASN)
29	104.18.130.43 104.18.130.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:814::200a	15169 (GOOGLE) (GOOGLE)
4	2a02:26f0:6c0... 2a02:26f0:6c00:18c::37f0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1288:f03... 2a00:1288:f03d:1fa::4000	10310 (YAHOO-1) (YAHOO-1)
2 2	23.23.203.59 23.23.203.59	14618 (AMAZON-AES) (AMAZON-AES)
3	23.21.244.127 23.21.244.127	14618 (AMAZON-AES) (AMAZON-AES)
1 4	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:84e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	212.82.100.146 212.82.100.146	34010 (YAHOO-IRD) (YAHOO-IRD)
1	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:815::2004	15169 (GOOGLE) (GOOGLE)
1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
1	143.204.97.117 143.204.97.117	16509 (AMAZON-02) (AMAZON-02)
81	18

23 192.104.183.109 (United States)

ASN10668 (LEE-ASN, US)
PTR: cms.newyork1.vip.townnews.com

www.timesnewspapers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
timesnewspapers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 104.18.130.43 (United States)

ASN13335 (CLOUDFLARENET, US)

bloximages.newyork1.vip.townnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:6c00:18c::37f0 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

static.ctctcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:f03d:1fa::4000 (United Kingdom)

ASN10310 (YAHOO-1, US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.23.203.59 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-203-59.compute-1.amazonaws.com

x.wayfareinteractive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.21.244.127 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-244-127.compute-1.amazonaws.com

x.metarail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:84e5 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.146 (Switzerland)

ASN34010 (YAHOO-IRD, GB)
PTR: media-router-flurry71.prod.media.vip.ir2.yahoo.com

ads.yap.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:815::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.97.117 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-97-117.fra50.r.cloudfront.net

listgrowth.ctctcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	townnews.com bloximages.newyork1.vip.townnews.com	424 KB
23	timesnewspapers.com www.timesnewspapers.com timesnewspapers.com	59 KB
5	ctctcdn.com static.ctctcdn.com listgrowth.ctctcdn.com	49 KB
4	google.com ampcid.google.com www.google.com	1 KB
4	google-analytics.com 1 redirects www.google-analytics.com	20 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	171 KB
3	metarail.com x.metarail.com	20 KB
2	doubleclick.net stats.g.doubleclick.net	204 B
2	wayfareinteractive.com 2 redirects x.wayfareinteractive.com	623 B
1	google.de ampcid.google.de	271 B
1	gravatar.com secure.gravatar.com	3 KB
1	yahoo.com ads.yap.yahoo.com	680 B
1	cloudflare.com cdnjs.cloudflare.com	6 KB
1	yimg.com s.yimg.com	22 KB
1	googletagmanager.com www.googletagmanager.com	38 KB
1	googleapis.com fonts.googleapis.com	919 B
81	16

	Domain	Requested by
29	bloximages.newyork1.vip.townnews.com	www.timesnewspapers.com
16	timesnewspapers.com	www.timesnewspapers.com
7	www.timesnewspapers.com	www.timesnewspapers.com
4	www.google-analytics.com	1 redirects www.googletagmanager.com www.google-analytics.com www.timesnewspapers.com
4	static.ctctcdn.com	www.timesnewspapers.com static.ctctcdn.com
3	www.google.com	bloximages.newyork1.vip.townnews.com www.gstatic.com
3	x.metarail.com	blank x.metarail.com
3	fonts.gstatic.com	bloximages.newyork1.vip.townnews.com www.timesnewspapers.com
2	stats.g.doubleclick.net	www.timesnewspapers.com
2	x.wayfareinteractive.com	2 redirects
1	listgrowth.ctctcdn.com	bloximages.newyork1.vip.townnews.com
1	ampcid.google.de	www.google-analytics.com
1	www.gstatic.com	www.google.com
1	secure.gravatar.com	www.timesnewspapers.com
1	ampcid.google.com	www.google-analytics.com
1	ads.yap.yahoo.com	s.yimg.com
1	cdnjs.cloudflare.com	bloximages.newyork1.vip.townnews.com
1	s.yimg.com	www.timesnewspapers.com
1	www.googletagmanager.com	www.timesnewspapers.com
1	fonts.googleapis.com	www.timesnewspapers.com
81	20

This site contains links to these domains. Also see Links.

Domain
timesnewspapers.com
www.facebook.com
twitter.com
wa.me
tiny.cc
www.youtube.com
bloxcms.com
townnews.com
www.constantcontact.com

Subject Issuer	Validity	Valid
timesnewspapers.com Let's Encrypt Authority X3	`2020-04-25` - `2020-07-24`	3 months	crt.sh
bloximages.chicago2.vip.townnews.com GeoTrust RSA CA 2018	`2020-02-25` - `2021-04-25`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
www.constantcontact.com GlobalSign Organization Validation CA - SHA256 - G2	`2019-03-05` - `2021-03-01`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-04-16` - `2020-05-31`	a month	crt.sh
*.metarail.com Amazon	`2020-03-08` - `2021-04-08`	a year	crt.sh
cloudflare.com CloudFlare Inc ECC CA-2	`2020-01-07` - `2020-10-09`	9 months	crt.sh
*.gw.flurry.com DigiCert SHA2 High Assurance Server CA	`2020-04-05` - `2020-10-02`	6 months	crt.sh
*.google.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
*.gravatar.com COMODO RSA Domain Validation Secure Server CA	`2018-09-06` - `2020-09-05`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
listgrowth.ctctcdn.com Amazon	`2020-03-18` - `2021-04-18`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
Frame ID: B5E9264344725C44013F1CD0ECB7D191
Requests: 77 HTTP requests in this frame

Frame: https://x.metarail.com/x/www/delivery/spcjs.php?id=1104&callbackZone=83687&cb=L73KVaWy
Frame ID: FC3947BACE5CAE7C271BBB5DEA34E19D
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfHrSkUAAAAAPnKk5cT6JuKlKPzbwyTYuO8--Vr&co=aHR0cHM6Ly93d3cudGltZXNuZXdzcGFwZXJzLmNvbTo0NDM.&hl=en&v=-wV2EAWEOTlEtZh4vNQtn3H1&size=invisible&cb=sbon9hvh79j8
Frame ID: 3CADDFF92610CB665EEE71DF8071D00E
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=-wV2EAWEOTlEtZh4vNQtn3H1&k=6LfHrSkUAAAAAPnKk5cT6JuKlKPzbwyTYuO8--Vr&cb=97mtx3tr39uj
Frame ID: F9ECB9585759D47C723152CF559FB6ED
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

81
Requests

99 %
HTTPS

67 %
IPv6

16
Domains

20
Subdomains

18
IPs

7
Countries

813 kB
Transfer

2288 kB
Size

1
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://timesnewspapers.com/tncms/tracking/bannerad/clicks/?i=ros/block-leaderboard-top1/3c9e2f94-864e-11ea-9397-db2b43ea4b3f&r=http://lizgibbonsforkirkwood.com/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.timesnewspapers.com%2Fcalendar%2F100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no%2Fevent_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html%3Futm_medium%3Dsocial%26utm_source%3Dfacebook%26utm_campaign%3Duser-share
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?&text=%5B%7B%20100%25APPROVED%20%7D%5D%20%21Free%21%20V%20Bucks%20Generator%20%7C%20V%20Bucks%20Fortnite%202020%20%7C%20V%20Bucks%20No%20Survey%20No%20Human%20Verification%202020&url=https%3A%2F%2Fwww.timesnewspapers.com%2Fcalendar%2F100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no%2Fevent_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html%3Futm_medium%3Dsocial%26utm_source%3Dtwitter%26utm_campaign%3Duser-share
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
Title: WhatsApp

Search URL Search Domain Scan URL

URL: https://tiny.cc/GetUnlimitedVBucks2020
Title: https://tiny.cc/GetUnlimitedVBucks2020

Search URL Search Domain Scan URL

URL: https://timesnewspapers.com/tncms/tracking/bannerad/clicks/?i=ros/fixed-big-ad-top1/1605efce-62f5-11ea-8b82-9b2cf1e35965&r=https://allentodd.org

Search URL Search Domain Scan URL

URL: https://timesnewspapers.com/tncms/tracking/bannerad/clicks/?i=ros/block-rectangle-five1/cffb1a9e-799d-11ea-a422-e75ed8931841&r=https://www.ggfogg.com

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCwVlqBYmsy2xM3FUwK8coCA/videos
Title: YouTube

Search URL Search Domain Scan URL

URL: https://bloxcms.com/
Title: BLOX Content Management System

Search URL Search Domain Scan URL

URL: https://townnews.com/
Title: TownNews.com

Search URL Search Domain Scan URL

URL: https://www.constantcontact.com/legal/service-provider
Title: Emails are serviced by Constant Contact.

Search URL Search Domain Scan URL

URL: http://www.constantcontact.com/index.jsp?cc=forms_popup
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://x.wayfareinteractive.com/x/www/delivery/spcjs.php?id=1104&callbackZone=83687&cb=L73KVaWy HTTP 301
https://x.metarail.com/x/www/delivery/spcjs.php?id=1104&callbackZone=83687&cb=L73KVaWy

Request Chain 43

https://x.wayfareinteractive.com/x/ob/?L3gvd3d3L2RlbGl2ZXJ5L3NwY2pzLnBocD9pZD0xMTA0JmFtcDtjYWxsYmFja1pvbmU9ODM2ODc=&cb=L73KVaWy HTTP 301
https://x.metarail.com/x/ob/?L3gvd3d3L2RlbGl2ZXJ5L3NwY2pzLnBocD9pZD0xMTA0JmFtcDtjYWxsYmFja1pvbmU9ODM2ODc=&cb=L73KVaWy

Request Chain 55

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1984399643&t=pageview&_s=1&dl=https%3A%2F%2Fwww.timesnewspapers.com%2Fcalendar%2F100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no%2Fevent_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html&ul=en-us&de=UTF-8&dt=%5B%7B%20100%25APPROVED%20%7D%5D%20!Free!%20V%20Bucks%20Generator%20%7C%20V%20Bucks%20Fortnite%202020%20%7C%20V%20Bucks%20No%20Survey%20No%20Human%20Verification%202020%20%7C%20Calendar%20%7C%20timesnewspapers.com&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDAAUALAAQC~&jid=1596238910&gjid=985705559&cid=1342140813.1588917762&tid=UA-128702563-1&_gid=934337484.1588917762&_r=1&gtm=2wg4t0PDQV3N&z=347444701 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-128702563-1&cid=1342140813.1588917762&jid=1596238910&_gid=934337484.1588917762&gjid=985705559&_v=j82&z=347444701

81 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html Show response
www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/ 135 KB
28 KB 691ms
354ms Document
text/html 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

192.104.183.109 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.newyork1.vip.townnews.com

Software

Resource Hash

6560227bc8521c14dd4faf9538c645d6baf3eeb6a27765dc3aa886ccf567b12d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.timesnewspapers.com
:scheme: https
:path: /calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Fri, 08 May 2020 06:02:41 GMT
content-type: text/html; charset=UTF-8
x-loop: 1
cache-control: public, max-age=300
last-modified: Fri, 08 May 2020 05:59:04 GMT
x-robots-tag: noarchive
x-ua-compatible: IE=edge
link: <https://bloximages.newyork1.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://bloximages.newyork1.vip.townnews.com/timesnewspapers.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.c34c594a0128ca26764dd8ecad278707.js>; rel=preload; as=script </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/timesnewspapers.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/timesnewspapers.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.5ee3960b4d37bc106988fa535b393865.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/timesnewspapers.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ac87000c8e1356e20584473075fd0f2e.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/timesnewspapers.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.caf244e2614d000b4f73058e1c610d12.js>; rel=preload; as=script
x-tncms: 1.50.1; app18; 0.21s; 3.6M
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
etag: W/92998a5b80aea361cfd7216b0f1d0ae8
content-encoding: gzip
vary: X-IPCountry, Accept-Encoding
age: 0
x-vcache: MISS
accept-ranges: bytes
content-length: 27177

GET
H2 200 jquery.min.c34c594a0128ca26764dd8ecad278707.js Show response
bloximages.newyork1.vip.townnews.com/timesnewspapers.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ 95 KB
32 KB 272ms
144ms Script
application/x-javascript 104.18.130.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/timesnewspapers.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.c34c594a0128ca26764dd8ecad278707.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

810be1dd18d86970f462e922b79789e08c7fd4e0ae40e3f26a14b71e7af50263

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 06:02:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
cf-ray: 5900f928fd63cc62-ZRH
status: 200
last-modified: Fri, 06 Sep 2019 21:12:18 GMT
cf-request-id: 02947a0d9f0000cc62d339e200000001
x-vcache: HIT
server: cloudflare
etag: W/"5d72cbb2-17af6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Mon, 08 Feb 2021 05:17:33 GMT

GET
H2 200 user.js Show response
www.timesnewspapers.com/shared-content/art/tncms/user/ 6 KB
3 KB 116ms
114ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.timesnewspapers.com/shared-content/art/tncms/user/user.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: 125d46686c153a543d0336becdc095cb3f902211c406e51b72270d2165e22545

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 05:59:03 GMT
content-encoding: gzip
last-modified: Thu, 07 May 2020 17:07:30 GMT
age: 218
etag: W/"5eb44052-19fa"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 2360
service-worker-allowed: /

GET
H2 200 bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js Show response
bloximages.newyork1.vip.townnews.com/timesnewspapers.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ 39 KB
11 KB 286ms
159ms Script
application/x-javascript 104.18.130.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/timesnewspapers.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 06:02:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
cf-ray: 5900f9291d8bcc62-ZRH
status: 200
last-modified: Fri, 06 Sep 2019 14:16:03 GMT
cf-request-id: 02947a0daa0000cc62d33a8200000001
x-vcache: HIT
server: cloudflare
etag: W/"5d726a23-9bd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Tue, 09 Feb 2021 19:37:05 GMT

GET
H2 200 common.5ee3960b4d37bc106988fa535b393865.js Show response
bloximages.newyork1.vip.townnews.com/timesnewspapers.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 35 KB
13 KB 296ms
168ms Script
application/x-javascript 104.18.130.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/timesnewspapers.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.5ee3960b4d37bc106988fa535b393865.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e6c02cecdf5cb7b5db7cbf455c81c05828f2f801dd585ffdfa9d4cc90e9be1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 06:02:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
cf-ray: 5900f9291d89cc62-ZRH
status: 200
last-modified: Tue, 28 Jan 2020 17:19:09 GMT
cf-request-id: 02947a0daa0000cc62d33a7200000001
x-vcache: HIT
server: cloudflare
etag: W/"5e306d0d-8a06"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 10 Feb 2021 17:22:08 GMT

GET
H2 200 tnt.ac87000c8e1356e20584473075fd0f2e.js Show response
bloximages.newyork1.vip.townnews.com/timesnewspapers.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 7 KB
3 KB 269ms
142ms Script
application/x-javascript 104.18.130.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/timesnewspapers.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ac87000c8e1356e20584473075fd0f2e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26ce09ee584cc63c71fcaa77be3b1272e094016cc53fb9167b867d8a57dd5284

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 06:02:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
cf-ray: 5900f9291d85cc62-ZRH
status: 200
last-modified: Tue, 03 Mar 2020 21:10:15 GMT
cf-request-id: 02947a0daa0000cc62d33a5200000001
x-vcache: MISS
server: cloudflare
etag: W/"5e5ec7b7-1b8a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Thu, 11 Mar 2021 14:27:04 GMT

GET
H2 200 application.caf244e2614d000b4f73058e1c610d12.js Show response
bloximages.newyork1.vip.townnews.com/timesnewspapers.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 4 KB
1 KB 268ms
141ms Script
application/x-javascript 104.18.130.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/timesnewspapers.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.caf244e2614d000b4f73058e1c610d12.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93a386fdea3b733231ed733d68beda9e84eaa22710f6402b874075673d7f376d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 06:02:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
cf-ray: 5900f9291d93cc62-ZRH
status: 200
last-modified: Thu, 12 Dec 2019 13:59:39 GMT
cf-request-id: 02947a0dae0000cc62d33ac200000001
x-vcache: MISS
server: cloudflare
etag: W/"5df247cb-f6b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 16 Dec 2020 20:02:52 GMT

GET
H2 200 bootstrap.min.44f4ed00052aeaf66307fd409db0d101.css
bloximages.newyork1.vip.townnews.com/timesnewspapers.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ 107 KB
16 KB 289ms
164ms Stylesheet
text/css 104.18.130.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/timesnewspapers.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.44f4ed00052aeaf66307fd409db0d101.css

Requested by

Host: www.timesnewspapers.com
URL: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d584af3d0a8ad98207995400856e5e8c608551e080e252ed413e82c19ffd04f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 06:02:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
cf-ray: 5900f928fd59cc62-ZRH
status: 200
last-modified: Tue, 28 Jan 2020 17:18:44 GMT
cf-request-id: 02947a0d9e0000cc62d3399200000001
x-vcache: HIT
server: cloudflare
etag: W/"5e306cf4-1ab8e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Tue, 09 Feb 2021 17:34:36 GMT

GET
H2 200 layout.4afa87871b5c74c45e5da67666c2705b.css
bloximages.newyork1.vip.townnews.com/timesnewspapers.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ 127 KB
21 KB 299ms
174ms Stylesheet
text/css 104.18.130.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/timesnewspapers.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.4afa87871b5c74c45e5da67666c2705b.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e434c1242a58984eebb5b3b730c7452084d2e35e0e835d014aec35067e451663

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 06:02:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
cf-ray: 5900f928fd5bcc62-ZRH
status: 200
last-modified: Mon, 04 May 2020 13:18:44 GMT
cf-request-id: 02947a0d9f0000cc62d339a200000001
x-vcache: MISS
server: cloudflare
etag: W/"5eb01634-1fcf3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Tue, 04 May 2021 15:01:52 GMT

GET
H2 200 theme-basic.f5e0209e8fa74e9037c8703df61fdb9c.css
bloximages.newyork1.vip.townnews.com/timesnewspapers.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/ 41 KB
7 KB 297ms
172ms Stylesheet
text/css 104.18.130.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/timesnewspapers.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/theme-basic.f5e0209e8fa74e9037c8703df61fdb9c.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90a697f151ddfaf8d79e0718338c7e54dc257fcfbeb8073101360eed8d50baee

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 06:02:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
cf-ray: 5900f928fd5dcc62-ZRH
status: 200
last-modified: Wed, 05 Feb 2020 17:07:35 GMT
cf-request-id: 02947a0d9f0000cc62d339b200000001
x-vcache: HIT
server: cloudflare
etag: W/"5e3af657-a4a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 10 Feb 2021 20:04:29 GMT

GET
H2 200 flex-utility-promo-designer.93ba289b1a2aa847633520d7a43d11ed.css
bloximages.newyork1.vip.townnews.com/timesnewspapers.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 7 KB
2 KB 297ms
173ms Stylesheet
text/css 104.18.130.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/timesnewspapers.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-utility-promo-designer.93ba289b1a2aa847633520d7a43d11ed.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a56e235cc7b2d3ff45d51c86010f045445a91e2532e6922a2e1b121f51ee912f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 06:02:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
cf-ray: 5900f928fd5ecc62-ZRH
status: 200
last-modified: Thu, 09 Apr 2020 16:21:16 GMT
cf-request-id: 02947a0d9f0000cc62d339c200000001
x-vcache: MISS
server: cloudflare
etag: W/"5e8f4b7c-1dba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Fri, 09 Apr 2021 18:27:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
919 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700|Playfair+Display:400,700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d038096c8ae2c0550ae846757eaa5f3efd8d993748500578dab073d9554b9646

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 08 May 2020 06:02:41 GMT
server: ESF
date: Fri, 08 May 2020 06:02:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 May 2020 06:02:41 GMT

GET
H2 200 calendar.5aecdd36e26c197022a1bced3841832d.css
bloximages.newyork1.vip.townnews.com/timesnewspapers.com/shared-content/art/tncms/templates/libraries/flex/components/calendar/resources/styles/ 2 KB
638 B 261ms
138ms Stylesheet
text/css 104.18.130.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/timesnewspapers.com/shared-content/art/tncms/templates/libraries/flex/components/calendar/resources/styles/calendar.5aecdd36e26c197022a1bced3841832d.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

530a535697fcf53b5f129387eca7ba508a3b1ed5f17ffdf75b804d2ab2cd7f4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 06:02:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
cf-ray: 5900f928fd60cc62-ZRH
status: 200
last-modified: Tue, 28 Jan 2020 17:20:21 GMT
cf-request-id: 02947a0d9f0000cc62d339d200000001
x-vcache: HIT
server: cloudflare
etag: W/"5e306d55-71f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Tue, 09 Feb 2021 17:34:36 GMT

GET
H2 200 tnt.ads.init.c2b9574823d0d16ffc6f20eef83f4232.js Show response
bloximages.newyork1.vip.townnews.com/timesnewspapers.com/shared-content/art/tncms/templates/libraries/flex/components/ads_blox/resources/scripts/ 9 KB
3 KB 470ms
442ms Script
application/x-javascript 104.18.130.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/timesnewspapers.com/shared-content/art/tncms/templates/libraries/flex/components/ads_blox/resources/scripts/tnt.ads.init.c2b9574823d0d16ffc6f20eef83f4232.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd43c41dc23b54388328c3e0833aedddaac3ae7babcc6d94d405d1f9aebb6b8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 06:02:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
cf-ray: 5900f928fd65cc62-ZRH
status: 200
last-modified: Mon, 02 Mar 2020 17:31:32 GMT
cf-request-id: 02947a0d9f0000cc62d33a0200000001
x-vcache: MISS
server: cloudflare
etag: W/"5e5d42f4-251a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Tue, 02 Mar 2021 17:35:22 GMT

GET
H2 200 tnt.ads.load.6a3c47703ee96f20ef132e36033ca1bc.js Show response
bloximages.newyork1.vip.townnews.com/timesnewspapers.com/shared-content/art/tncms/templates/libraries/flex/components/ads_blox/resources/scripts/ 886 B
633 B 120ms
119ms Script
application/x-javascript 104.18.130.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

324e02d24f001792f4a75a157af2f5ececa6f0208ce0cbdd8809ad48a3e537c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 06:02:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
cf-ray: 5900f92bc9bccc62-ZRH
status: 200
last-modified: Mon, 04 May 2020 13:17:25 GMT
cf-request-id: 02947a0f5b0000cc62d33cb200000001
x-vcache: MISS
server: cloudflare
etag: W/"5eb015e5-376"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Fri, 07 May 2021 10:42:10 GMT

GET
H2 200 tracking.js Show response
www.timesnewspapers.com/shared-content/art/tncms/ 3 KB
1 KB 116ms
113ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.timesnewspapers.com/shared-content/art/tncms/tracking.js
Requested by: Host: www.timesnewspapers.com
URL: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: f95fe1c0376aa720a01267e70fb42a259d610fa9fa66f78e7fc629f9bd835c43

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 05:59:03 GMT
content-encoding: gzip
last-modified: Thu, 07 May 2020 17:07:30 GMT
age: 218
etag: W/"5eb44052-a4c"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 1150
service-worker-allowed: /

GET
H2 200 admanager.js Show response
www.timesnewspapers.com/shared-content/art/tncms-ad-manager/ 39 KB
13 KB 121ms
118ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.timesnewspapers.com/shared-content/art/tncms-ad-manager/admanager.js
Requested by: Host: www.timesnewspapers.com
URL: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: 7ec48a60849c066e9da617d0db011a6b4d70f743d6295cabdf1c38e5e4de5fe7

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 05:59:03 GMT
content-encoding: gzip
last-modified: Wed, 15 Apr 2020 20:26:22 GMT
age: 218
etag: W/"5e976dee-9d7c"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 12863
service-worker-allowed: /

GET
H2 200 impressions.js Show response
bloximages.newyork1.vip.townnews.com/timesnewspapers.com/content/tncms/ads/ 83 B
226 B 168ms
141ms Script
application/x-javascript 104.18.130.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/timesnewspapers.com/content/tncms/ads/impressions.js?_dc=1588916133

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de0432f861b6bd4cb88c6282f2b6b5b90903370f6c3c8498721037f48d333a3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 06:02:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
cf-ray: 5900f9291d91cc62-ZRH
status: 200
last-modified: Fri, 08 May 2020 05:35:33 GMT
cf-request-id: 02947a0dae0000cc62d33ab200000001
x-vcache: HIT
server: cloudflare
etag: W/"5eb4efa5-53"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Sat, 08 May 2021 05:41:21 GMT

GET
H2 200 traffic.js Show response
bloximages.newyork1.vip.townnews.com/timesnewspapers.com/content/tncms/ads/ 1 KB
888 B 171ms
143ms Script
application/x-javascript 104.18.130.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/timesnewspapers.com/content/tncms/ads/traffic.js?_dc=1588916133

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a52f9da8aae9aecbc187684f241e267573bba7bf44356cdff746b8ff2a61c35

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 06:02:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
cf-ray: 5900f9291d96cc62-ZRH
status: 200
last-modified: Fri, 08 May 2020 05:35:33 GMT
cf-request-id: 02947a0dae0000cc62d33ad200000001
x-vcache: HIT
server: cloudflare
etag: W/"5eb4efa5-5ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Sat, 08 May 2021 05:41:21 GMT

GET
H2 200 settings.js Show response
bloximages.newyork1.vip.townnews.com/timesnewspapers.com/content/tncms/ads/ 2 KB
509 B 167ms
140ms Script
application/x-javascript 104.18.130.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/timesnewspapers.com/content/tncms/ads/settings.js?_dc=1572532032

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04944e27e5d836b3b6e4e4341b34b0367defca21e5440e2bef80597532f53e20

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 06:02:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
cf-ray: 5900f9291d8ecc62-ZRH
status: 200
last-modified: Thu, 31 Oct 2019 14:27:12 GMT
cf-request-id: 02947a0daa0000cc62d33a9200000001
x-vcache: MISS
server: cloudflare
etag: W/"5dbaef40-81a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Fri, 07 May 2021 10:42:10 GMT

GET
H2 200 user-controls.578df3df79d812af55ab13bae47f9857.js Show response
bloximages.newyork1.vip.townnews.com/timesnewspapers.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/ 517 B
558 B 124ms
122ms Script
application/x-javascript 104.18.130.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/timesnewspapers.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/user-controls.578df3df79d812af55ab13bae47f9857.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f402b2d75ac54e1c369d34b97efcedb68aa084b039ab91b85ad70ea53ebb5a3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 06:02:42 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
cf-ray: 5900f92bd9d3cc62-ZRH
status: 200
last-modified: Mon, 02 Dec 2019 19:20:15 GMT
cf-request-id: 02947a0f630000cc62d33cc200000001
x-vcache: MISS
server: cloudflare
etag: W/"5de563ef-205"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 09 Dec 2020 20:02:42 GMT

GET
H2 200 sms-link.8eefede3265fd6c6de07bc0cb5f3f779.js Show response
bloximages.newyork1.vip.townnews.com/timesnewspapers.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 1 KB
963 B 123ms
122ms Script
application/x-javascript 104.18.130.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/timesnewspapers.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/sms-link.8eefede3265fd6c6de07bc0cb5f3f779.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9180a94ecd3d5f93f0fb9fcd95a68ec3a9e1decce55694bfb9e5ce6281bdd672

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 06:02:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
cf-ray: 5900f92bd9d7cc62-ZRH
status: 200
last-modified: Mon, 14 Oct 2019 15:26:43 GMT
cf-request-id: 02947a0f640000cc62d33cd200000001
x-vcache: MISS
server: cloudflare
etag: W/"5da493b3-5b2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Sat, 17 Oct 2020 08:41:57 GMT

GET
H2 200 1.js Show response
bloximages.newyork1.vip.townnews.com/timesnewspapers.com/content/tncms/ads/fixed-big-ad-top/ 4 KB
977 B 164ms
137ms Script
application/x-javascript 104.18.130.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/timesnewspapers.com/content/tncms/ads/fixed-big-ad-top/1.js?_dc=1588693313

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d371be30037ed902af4d8f34fc18c94982dbbfbbde4348b35347e26092125caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 06:02:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
cf-ray: 5900f9291d7ecc62-ZRH
status: 200
last-modified: Tue, 05 May 2020 15:41:53 GMT
cf-request-id: 02947a0daa0000cc62d33a2200000001
x-vcache: MISS
server: cloudflare
etag: W/"5eb18941-f02"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 05 May 2021 15:47:31 GMT

GET
H2 200 1.js Show response
bloximages.newyork1.vip.townnews.com/timesnewspapers.com/content/tncms/ads/fixed-big-ad-middle/ 1 KB
737 B 166ms
140ms Script
application/x-javascript 104.18.130.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/timesnewspapers.com/content/tncms/ads/fixed-big-ad-middle/1.js?_dc=1562190615

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da15a34222ec4090e6165fb1778f0b9fe6b7124b28e2bbf412fd904edc83c8da

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 06:02:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
cf-ray: 5900f9291d87cc62-ZRH
status: 200
last-modified: Wed, 03 Jul 2019 21:50:15 GMT
cf-request-id: 02947a0daa0000cc62d33a6200000001
x-vcache: MISS
server: cloudflare
etag: W/"5d1d2317-45c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Tue, 15 Sep 2020 11:27:27 GMT

GET
H2 200 tnt.ads.advertisements.66a3812a7b5c12fde8cd998fd691ad7d.js Show response
bloximages.newyork1.vip.townnews.com/timesnewspapers.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 205 B
474 B 184ms
157ms Script
application/x-javascript 104.18.130.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/timesnewspapers.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.advertisements.66a3812a7b5c12fde8cd998fd691ad7d.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ef65a8b0945be297b4de2890c3150d92cb59132d70b03746b25507da58e54ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 06:02:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
cf-ray: 5900f9291d90cc62-ZRH
status: 200
last-modified: Tue, 03 Sep 2019 14:49:45 GMT
cf-request-id: 02947a0daa0000cc62d33aa200000001
x-vcache: MISS
server: cloudflare
etag: W/"5d6e7d89-cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Tue, 15 Sep 2020 11:27:27 GMT

GET
H2 200 fontawesome.a8c7e0dc594b3a0b53141cdea833eee5.js Show response
bloximages.newyork1.vip.townnews.com/timesnewspapers.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 252 KB
88 KB 138ms
137ms Script
application/x-javascript 104.18.130.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/timesnewspapers.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.a8c7e0dc594b3a0b53141cdea833eee5.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e721a857616e84f98bd743e56dd8e1fb44104f621bab75b6502cf3ea78afa307

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 06:02:42 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
cf-ray: 5900f92bd9dacc62-ZRH
status: 200
last-modified: Mon, 02 Mar 2020 17:31:46 GMT
cf-request-id: 02947a0f640000cc62d33ce200000001
x-vcache: MISS
server: cloudflare
etag: W/"5e5d4302-3f06f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Tue, 09 Mar 2021 08:00:39 GMT

GET
H2 200 tracker.js Show response
www.timesnewspapers.com/shared-content/art/stats/common/ 9 KB
4 KB 120ms
119ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.timesnewspapers.com/shared-content/art/stats/common/tracker.js
Requested by: Host: www.timesnewspapers.com
URL: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: 129363a1c7ac096a6c9db2a5717877caaa04e1b30e0ee5e1b35a1d05f57bb3b2

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 05:59:03 GMT
content-encoding: gzip
last-modified: Tue, 24 Mar 2020 19:08:38 GMT
age: 218
etag: W/"5e7a5ab6-23f6"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 3404
service-worker-allowed: /

GET
H2 200 signup-form-widget.min.js Show response
static.ctctcdn.com/js/signup-form-widget/current/ 444 KB
37 KB 33ms
7ms Script
application/javascript 2a02:26f0:6c00:18c::37f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ctctcdn.com/js/signup-form-widget/current/signup-form-widget.min.js
Requested by: Host: www.timesnewspapers.com
URL: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:18c::37f0 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Apache /
Resource Hash: 9e1dbb44fe5495ad5cbb57a492a71307c29e5cd82057a5a61fe6837a212d6980

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 06:02:41 GMT
content-encoding: gzip
last-modified: Fri, 12 Jul 2019 14:27:04 GMT
server: Apache
status: 200
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=603
accept-ranges: bytes
content-length: 37677
expires: Fri, 08 May 2020 06:12:44 GMT

GET
H2 200 asset-edit.b419cb3c218ef0da9fa281dd92729a83.js Show response
bloximages.newyork1.vip.townnews.com/timesnewspapers.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 217 B
271 B 193ms
171ms Script
application/x-javascript 104.18.130.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/timesnewspapers.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/asset-edit.b419cb3c218ef0da9fa281dd92729a83.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9fb611609ba692d8f7b21eaa854bb3ddd17a88374cc16504b44123d520afb99

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 06:02:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
cf-ray: 5900f9291d81cc62-ZRH
status: 200
last-modified: Tue, 28 Jan 2020 17:18:51 GMT
cf-request-id: 02947a0daa0000cc62d33a3200000001
x-vcache: HIT
server: cloudflare
etag: W/"5e306cfb-d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Tue, 09 Feb 2021 19:37:05 GMT

GET
H2 200 promo_popup.fe40d77fce691e6ed54cb520a782a693.js Show response
bloximages.newyork1.vip.townnews.com/timesnewspapers.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/ 2 KB
681 B 475ms
454ms Script
application/x-javascript 104.18.130.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/timesnewspapers.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/promo_popup.fe40d77fce691e6ed54cb520a782a693.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b720014075e9f358cf860b0ec69a9803b5975ab5bce8fa558e64024df1038ae9

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 06:02:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
cf-ray: 5900f9291d83cc62-ZRH
status: 200
last-modified: Thu, 09 Apr 2020 16:19:51 GMT
cf-request-id: 02947a0daa0000cc62d33a4200000001
x-vcache: MISS
server: cloudflare
etag: W/"5e8f4b27-643"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Fri, 09 Apr 2021 18:27:00 GMT

GET
H2 200 asset-upsell.fbb2442a4c8432a07306fece16a360f5.js Show response
bloximages.newyork1.vip.townnews.com/timesnewspapers.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 404 B
724 B 149ms
128ms Script
application/x-javascript 104.18.130.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a8bf8ae66cec479738242dff7a1f855e2ab213e42101075c0159868893c3d31

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 06:02:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
cf-ray: 5900f928fd64cc62-ZRH
status: 200
last-modified: Tue, 28 Jan 2020 17:18:52 GMT
cf-request-id: 02947a0d9f0000cc62d339f200000001
x-vcache: HIT
server: cloudflare
etag: W/"5e306cfc-194"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Tue, 09 Feb 2021 19:37:05 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 124 KB
38 KB 29ms
28ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N&gtm_auth=UaWpb3d_PDCaIVzoLRLRYA&gtm_preview=env-2&gtm_cookies_win=x

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d212aeb9339ceea24a6beeda4b1b95f5814a257533e685150ca395f7191ce97b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 06:02:41 GMT
content-encoding: br
vary: *
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38769
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.timesnewspapers.com/_services/v1/client_ip_info/ 80 B
182 B 114ms
113ms XHR
application/json 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.timesnewspapers.com/_services/v1/client_ip_info/
Requested by: Host: www.timesnewspapers.com
URL: https://www.timesnewspapers.com/shared-content/art/tncms-ad-manager/admanager.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: e031307ddcda30e3aa2b2e3bd76f670af03ca6a92a02a0173b6e9857332a36e3

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Fri, 08 May 2020 06:02:41 GMT
cache-control: private, max-age=3600
accept-ranges: bytes
content-length: 80
content-type: application/json

GET
H2 200 tracker.gif
www.timesnewspapers.com/shared-content/art/stats/common/ 0
149 B 114ms
114ms Image
image/gif 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.timesnewspapers.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=158891776188316001200141672437008&tnms_dt=%5B%7B%20100%25APPROVED%20%7D%5D%20%21Free%21%20V%20Bucks%20Generator%20%7C%20V%20Bucks%20Fortnite%202020%20%7C%20V%20Bucks%20No%20Survey%20No%20Human%20Verification%202020%20%7C%20Calendar%20%7C%20timesnewspapers.com&tnms_upage=1&tnms_do=www.timesnewspapers.com&tnms_uri=/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html&tnms_ref=&rt=1588917761888
Requested by: Host: www.timesnewspapers.com
URL: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 06:02:41 GMT
last-modified: Thu, 16 Oct 2008 20:11:25 GMT
age: 0
etag: "48f79fed-0"
x-vcache: MISS
content-type: image/gif
status: 200
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 0

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: bloximages.newyork1.vip.townnews.com
URL: https://bloximages.newyork1.vip.townnews.com/timesnewspapers.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.5ee3960b4d37bc106988fa535b393865.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,700|Playfair+Display:400,700
Origin: https://www.timesnewspapers.com

Response headers

date: Wed, 06 May 2020 00:50:17 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 191544
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Thu, 06 May 2021 00:50:17 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,700|Playfair+Display:400,700
Origin: https://www.timesnewspapers.com

Response headers

date: Fri, 10 Apr 2020 06:12:35 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:11 GMT
server: sffe
age: 2418606
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9080
x-xss-protection: 0
expires: Sat, 10 Apr 2021 06:12:35 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 541df9709e639a31e400f0b9d0255d2b096ec4cefefe496c38450b96f6e7ff0e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 a0bfb17e-8fbc-11ea-be2a-f72dc66b7f13.jpg
bloximages.newyork1.vip.townnews.com/timesnewspapers.com/content/tncms/custom/image/ 15 KB
15 KB 132ms
131ms Image
image/jpeg 104.18.130.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/timesnewspapers.com/content/tncms/custom/image/a0bfb17e-8fbc-11ea-be2a-f72dc66b7f13.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

227ebe9e178edd8e58abdab0ca06d71c660c82c76e0e438e7c424b7ca74abb82

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 06:02:42 GMT
vary: Accept-Encoding
cf-cache-status: HIT
status: 200
last-modified: Wed, 06 May 2020 17:11:30 GMT
content-length: 15407
cf-request-id: 02947a0fa70000cc62d33d8200000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "5eb2efc2-3c2f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5900f92c3a6ecc62-ZRH
expires: Thu, 06 May 2021 17:11:30 GMT

GET
H2 200 0287f29c-7828-11ea-addd-fbf5c92983b1.jpg
bloximages.newyork1.vip.townnews.com/timesnewspapers.com/content/tncms/custom/image/ 33 KB
33 KB 127ms
125ms Image
image/jpeg 104.18.130.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/timesnewspapers.com/content/tncms/custom/image/0287f29c-7828-11ea-addd-fbf5c92983b1.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55680f52914826ee1609dc6f8b0e93cd6aa16c235cfcdacd37d40ada8d4a0714

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.timesnewspapers.com/content/tncms/live/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 06:02:42 GMT
vary: Accept-Encoding
cf-cache-status: HIT
status: 200
last-modified: Mon, 06 Apr 2020 16:59:42 GMT
content-length: 33659
cf-request-id: 02947a0fab0000cc62d33d9200000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "5e8b5ffe-837b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5900f92c4a75cc62-ZRH
expires: Fri, 09 Apr 2021 18:27:00 GMT

GET
H2 200 nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgEM86xQ.woff2
fonts.gstatic.com/s/playfairdisplay/v20/ 32 KB
33 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v20/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgEM86xQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb7d97eb19604573681684dfe0fef40692a943c29f59d11e7ba9eb39242e4e3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,700|Playfair+Display:400,700
Origin: https://www.timesnewspapers.com

Response headers

date: Wed, 06 May 2020 02:54:11 GMT
x-content-type-options: nosniff
last-modified: Tue, 04 Feb 2020 22:41:36 GMT
server: sffe
age: 184110
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33256
x-xss-protection: 0
expires: Thu, 06 May 2021 02:54:11 GMT

GET
H2 200 yap.js Show response
s.yimg.com/av/yap/ga/ 69 KB
22 KB 55ms
18ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/av/yap/ga/yap.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

56cf6c2adb75e276955f3bf951793f0c794ceb51d67d5d2c64b8ec01b996ecc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 05:34:40 GMT
content-encoding: gzip
x-amz-meta-created-date: Thu, 14 Jun 2018 21:01:51 GMT
age: 1683
x-amz-server-side-encryption: AES256
status: 200
vary: Accept-Encoding,Origin
x-amz-request-id: 9DEA3B797FA278AE
x-amz-id-2: DvA+SatqSFuFFX4nikSBdq1CQBTpFaeOmh0gGXg2k1kxfzVheqS2Wo1iGcCA654sgLO+J6efrS0=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 22 Jun 2018 20:24:03 GMT
server: ATS
etag: "dc33089f908605f46038b49337653924-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,stale-while-revalidate=30,max-age=3600
x-amz-meta-x-ysws-mbst-vtime: 1529010111289407
x-amz-meta-x-ysws-access: public
x-amz-meta-mbst-etag: "YM:1:f804d14e-b940-4c8c-9951-826241a860ad00056ea0688a983f"
x-content-type-options: nosniff
expires: Fri, 22 Jun 2018 21:24:02 GMT

GET
H2 200 5e67cf206800c.image.jpg
bloximages.newyork1.vip.townnews.com/timesnewspapers.com/content/tncms/assets/v3/bannerad/1/60/1605efce-62f5-11ea-8b82-9b2cf1e35965/ 86 KB
86 KB 135ms
135ms Image
image/jpeg 104.18.130.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/timesnewspapers.com/content/tncms/assets/v3/bannerad/1/60/1605efce-62f5-11ea-8b82-9b2cf1e35965/5e67cf206800c.image.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0dcd600d14ce74ef98be264d07f0f7520681400113194e022984774f232bc3a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 06:02:42 GMT
vary: Accept-Encoding
cf-cache-status: HIT
status: 200
last-modified: Tue, 10 Mar 2020 17:32:16 GMT
content-length: 88168
cf-request-id: 02947a10190000cc62d33e0200000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "5e67cf20-15868"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5900f92cfb64cc62-ZRH
expires: Tue, 13 Apr 2021 16:21:44 GMT

GET
H/1.1

200
OK

spcjs.php Show response
x.metarail.com/x/www/delivery/ Frame FC39
Redirect Chain

https://x.wayfareinteractive.com/x/www/delivery/spcjs.php?id=1104&callbackZone=83687&cb=L73KVaWy
https://x.metarail.com/x/www/delivery/spcjs.php?id=1104&callbackZone=83687&cb=L73KVaWy

6 KB
6 KB

525ms
148ms

Script
application/x-javascript

23.21.244.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://x.metarail.com/x/www/delivery/spcjs.php?id=1104&callbackZone=83687&cb=L73KVaWy
Requested by: Host: blank
URL: about:blank
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.244.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-244-127.compute-1.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) / PHP/5.5.9-1ubuntu4.21
Resource Hash: 7cf699208f030ec20d21efb4f5940cd459899e0c8ee3010496fd643ff30bb75b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 08 May 2020 06:02:43 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.21
transfer-encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
Connection: keep-alive
Content-Type: application/x-javascript
X-Backend-Server: slave-2
Expires: Sat, 09 May 2020 06:02:43 +0000

Redirect headers

Location: https://x.metarail.com/x/www/delivery/spcjs.php?id=1104&callbackZone=83687&cb=L73KVaWy
Date: Fri, 08 May 2020 06:02:42 GMT
Server: nginx/1.4.6 (Ubuntu)
Connection: keep-alive
X-Backend-Server: slave-3
Content-Length: 193
Content-Type: text/html

GET
H/1.1

200
OK

/ Show response
x.metarail.com/x/ob/ Frame FC39
Redirect Chain

https://x.wayfareinteractive.com/x/ob/?L3gvd3d3L2RlbGl2ZXJ5L3NwY2pzLnBocD9pZD0xMTA0JmFtcDtjYWxsYmFja1pvbmU9ODM2ODc=&cb=L73KVaWy
https://x.metarail.com/x/ob/?L3gvd3d3L2RlbGl2ZXJ5L3NwY2pzLnBocD9pZD0xMTA0JmFtcDtjYWxsYmFja1pvbmU9ODM2ODc=&cb=L73KVaWy

7 KB
7 KB

526ms
149ms

Script
application/x-javascript

23.21.244.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://x.metarail.com/x/ob/?L3gvd3d3L2RlbGl2ZXJ5L3NwY2pzLnBocD9pZD0xMTA0JmFtcDtjYWxsYmFja1pvbmU9ODM2ODc=&cb=L73KVaWy
Requested by: Host: blank
URL: about:blank
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.244.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-244-127.compute-1.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) / PHP/5.5.9-1ubuntu4.21
Resource Hash: dca7b23352f69a905b1c6f89962c9ecc49b1086a22fcd5e69858a8e3547f7f6d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 08 May 2020 06:02:43 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.21
transfer-encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
Connection: keep-alive
Content-Type: application/x-javascript
X-Backend-Server: slave-3
Expires: Sat, 09 May 2020 06:02:43 +0000

Redirect headers

Location: https://x.metarail.com/x/ob/?L3gvd3d3L2RlbGl2ZXJ5L3NwY2pzLnBocD9pZD0xMTA0JmFtcDtjYWxsYmFja1pvbmU9ODM2ODc=&cb=L73KVaWy
Date: Fri, 08 May 2020 06:02:42 GMT
Server: nginx/1.4.6 (Ubuntu)
Connection: keep-alive
X-Backend-Server: slave-3
Content-Length: 193
Content-Type: text/html

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N&gtm_auth=UaWpb3d_PDCaIVzoLRLRYA&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 5047
date: Fri, 08 May 2020 04:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Fri, 08 May 2020 06:38:35 GMT

GET
H2 200 underscore-min.js Show response
cdnjs.cloudflare.com/ajax/libs/underscore.js/1.8.3/ 16 KB
6 KB 25ms
25ms Script
application/javascript 2606:4700::6810:84e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/underscore.js/1.8.3/underscore-min.js

Requested by

Host: bloximages.newyork1.vip.townnews.com
URL: https://bloximages.newyork1.vip.townnews.com/timesnewspapers.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.c34c594a0128ca26764dd8ecad278707.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1b6400a21ddee090e93d8882ffa629963132785bfa41b0abbea199d278121e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 06:02:42 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1216423
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 02947a107300006479883ed200000001
served-in-seconds: 0.001
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:26:23 GMT
server: cloudflare
etag: W/"5afd4abf-4041"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 5900f92d89db6479-FRA
expires: Wed, 28 Apr 2021 06:02:42 GMT

GET
H/1.1 200
OK getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ 306 B
680 B 230ms
99ms Script
application/javascript 212.82.100.146
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_us&agentVersion=205&adTrackingEnabled=true&adUnitCode=832ed22d-3ce2-4937-9f93-e56306b8315c&apiKey=YDC2G9T2K4BXNCJ3XDMR&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fwww.timesnewspapers.com&caps=16&cb=JSONPCallback0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/av/yap/ga/yap.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

212.82.100.146 , Switzerland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-flurry71.prod.media.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

ce84e8adbd54469d455f033b1f06bceef08f1d1c3f8e6a614f49ae86d7e695dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 08 May 2020 06:02:42 GMT
Content-Encoding: gzip
Server: ATS
Age: 0
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Vary: Accept-Encoding, User-Agent
Content-Type: application/javascript; charset=UTF-8
Connection: keep-alive
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 05:10:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 3125
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
expires: Fri, 08 May 2020 06:10:37 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
574 B 34ms
13ms XHR
application/json 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 08 May 2020 06:02:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
status: 200
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.timesnewspapers.com
access-control-expose-headers: content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 737 B
575 B 15ms
15ms Script
text/javascript 2a00:1450:4001:815::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=ctctOnLoadCallback&render=explicit

Requested by

Host: bloximages.newyork1.vip.townnews.com
URL: https://bloximages.newyork1.vip.townnews.com/timesnewspapers.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.c34c594a0128ca26764dd8ecad278707.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

51dee4055004fcc4f0fc93f5b1262aafd2ec0070f6b5cebc3e06c4aeea250cda

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 06:02:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 472
x-xss-protection: 1; mode=block
expires: Fri, 08 May 2020 06:02:42 GMT

GET
H2 200 c71c619380dbe42e6e2f275d33b2e7a4
secure.gravatar.com/avatar/ 3 KB
3 KB 131ms
131ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/c71c619380dbe42e6e2f275d33b2e7a4?d=mm&r=g
Requested by: Host: www.timesnewspapers.com
URL: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: def0ff146145a12f6a7847920687731e6c3975e860dd405fd5a069e96ffbe7e1

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT lb7.dfw.gravatar.com, MISS fra 4
date: Fri, 08 May 2020 06:02:42 GMT
last-modified: Tue, 28 Apr 2020 07:55:46 GMT
server: nginx
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="c71c619380dbe42e6e2f275d33b2e7a4.jpeg"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/c71c619380dbe42e6e2f275d33b2e7a4?d=mm&r=g>; rel="canonical"
content-length: 3193
expires: Fri, 08 May 2020 06:07:42 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/-wV2EAWEOTlEtZh4vNQtn3H1/ 298 KB
120 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-wV2EAWEOTlEtZh4vNQtn3H1/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=ctctOnLoadCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10de7d69af358751d5f0146c012cf400cb2940c6dbdb7d624061e60914c48666

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 04 May 2020 19:15:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 04 May 2020 04:09:11 GMT
server: sffe
age: 298004
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123152
x-xss-protection: 0
expires: Tue, 04 May 2021 19:15:58 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
271 B 16ms
13ms XHR
application/json 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 08 May 2020 06:02:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
status: 200
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.timesnewspapers.com
access-control-expose-headers: content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H2 200 collect
www.google-analytics.com/ 35 B
107 B 6ms
5ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j82&aip=1&a=1984399643&t=pageview&_s=1&dl=https%3A%2F%2Fwww.timesnewspapers.com%2Fcalendar%2F100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no%2Fevent_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html&ul=en-us&de=UTF-8&dt=%5B%7B%20100%25APPROVED%20%7D%5D%20!Free!%20V%20Bucks%20Generator%20%7C%20V%20Bucks%20Fortnite%202020%20%7C%20V%20Bucks%20No%20Survey%20No%20Human%20Verification%202020%20%7C%20Calendar%20%7C%20timesnewspapers.com&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGBAgUALAAQC~&jid=264423556&gjid=237571055&cid=1342140813.1588917762&tid=UA-54716522-7&_gid=934337484.1588917762&gtm=2wg4t0PDQV3N&cd2=calendar&cd3=flex&cd4=flex-calendar&cd5=no&cd6=Large%3A%20Desktop%20computers.&cd8=200&cd9=No&cd10=No&cd12=No&cd13=https%3A%2F%2Fwww.timesnewspapers.com%2Fcalendar%2F100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no%2Fevent_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html&cd15=3.155.0&cd16=false&cd17=Page%20View&cd20=02798c3a-90eb-11ea-9582-5cb9017b8d9f&cm1=205&z=387576250

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Apr 2020 05:47:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2938539
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
stats.g.doubleclick.net/r/ 35 B
102 B 17ms
16ms Image
image/gif 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j82&tid=UA-54716522-7&cid=1342140813.1588917762&jid=264423556&gjid=237571055&_gid=934337484.1588917762&_u=aGBAgUALAAQC~&z=1311593887

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 08 May 2020 06:02:42 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1984399643&t=pageview&_s=1&dl=https%3A%2F%2Fwww.timesnewspapers.com%2Fcalendar%2F100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-128702563-1&cid=1342140813.1588917762&jid=1596238910&_gid=934337484.1588917762&gjid=985705559&_v=j82&z=347444701

35 B
102 B

16ms
16ms

Image
image/gif

2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-128702563-1&cid=1342140813.1588917762&jid=1596238910&_gid=934337484.1588917762&gjid=985705559&_v=j82&z=347444701

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 08 May 2020 06:02:42 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 May 2020 06:02:42 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-128702563-1&cid=1342140813.1588917762&jid=1596238910&_gid=934337484.1588917762&gjid=985705559&_v=j82&z=347444701
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 418
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 signup-form-widget.css
static.ctctcdn.com/js/signup-form-widget/current/ 21 KB
3 KB 6ms
6ms Stylesheet
text/css 2a02:26f0:6c00:18c::37f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ctctcdn.com/js/signup-form-widget/current/signup-form-widget.css
Requested by: Host: static.ctctcdn.com
URL: https://static.ctctcdn.com/js/signup-form-widget/current/signup-form-widget.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:18c::37f0 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Apache /
Resource Hash: a3c779721b0188cb7cf996bee7958fdcbdbe179a98bd1a15ec906e45ed281274

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 06:02:42 GMT
content-encoding: gzip
last-modified: Fri, 12 Jul 2019 14:27:04 GMT
server: Apache
status: 200
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=477
accept-ranges: bytes
content-length: 3050
expires: Fri, 08 May 2020 06:10:39 GMT

GET
H2 200 f1eefbe270b652f98106224442f842c6.json Show response
listgrowth.ctctcdn.com/v1/ 2 KB
2 KB 199ms
132ms XHR
application/json 143.204.97.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://listgrowth.ctctcdn.com/v1/f1eefbe270b652f98106224442f842c6.json
Requested by: Host: bloximages.newyork1.vip.townnews.com
URL: https://bloximages.newyork1.vip.townnews.com/timesnewspapers.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.c34c594a0128ca26764dd8ecad278707.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.97.117 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-97-117.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2e4a1364672886d20b773852455e15d7e91c5d570f61de61646bc1d3ebaacd48

Request headers

Accept: */*
Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: XW__Q8Qe_D03I86o8tC.7kqNtnqScmFq
content-encoding: gzip
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-request-id: 9FC15105ADA47E97
x-cache: RefreshHit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
recaptcha-key: 6LfHrSkUAAAAAPnKk5cT6JuKlKPzbwyTYuO8--Vr
x-amz-id-2: 7CaShj53F4hLN7iu4sH1aWym0MyIJSf0X/egILnLkFWyrSgGZ16RXW/eB0N5ysp7SEyjDswAp/I=
access-control-allow-origin: *
last-modified: Wed, 22 Apr 2020 18:29:04 GMT
server: AmazonS3
date: Fri, 08 May 2020 06:02:43 GMT
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
access-control-expose-headers: recaptcha-key
cache-control: max-age=5
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: RcvOSg34SVTEO2JexleyvDx1eNvJ8ngXDpHId74d6_K8D_Ng3prtNQ==

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame 3CAD 0
0 26ms
25ms Document
text/html 2a00:1450:4001:815::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfHrSkUAAAAAPnKk5cT6JuKlKPzbwyTYuO8--Vr&co=aHR0cHM6Ly93d3cudGltZXNuZXdzcGFwZXJzLmNvbTo0NDM.&hl=en&v=-wV2EAWEOTlEtZh4vNQtn3H1&size=invisible&cb=sbon9hvh79j8

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-wV2EAWEOTlEtZh4vNQtn3H1/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Kf4JABd9vDzhfiLtzzx1Yw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LfHrSkUAAAAAPnKk5cT6JuKlKPzbwyTYuO8--Vr&co=aHR0cHM6Ly93d3cudGltZXNuZXdzcGFwZXJzLmNvbTo0NDM.&hl=en&v=-wV2EAWEOTlEtZh4vNQtn3H1&size=invisible&cb=sbon9hvh79j8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 08 May 2020 06:02:42 GMT
content-security-policy: script-src 'report-sample' 'nonce-Kf4JABd9vDzhfiLtzzx1Yw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 9935
server: GSE
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ctct-close-x.svg
static.ctctcdn.com/contacts/images/signup-tools/ 4 KB
2 KB 6ms
6ms Image
image/svg+xml 2a02:26f0:6c00:18c::37f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ctctcdn.com/contacts/images/signup-tools/ctct-close-x.svg
Requested by: Host: www.timesnewspapers.com
URL: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:18c::37f0 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Apache /
Resource Hash: 544caf2f35f849cb11a559ddec8995f3ff5b350d378e04771eb5c46b7622ba2e

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 06:02:42 GMT
content-encoding: gzip
last-modified: Mon, 04 Dec 2017 14:32:54 GMT
server: Apache
status: 200
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=15857480
accept-ranges: bytes
content-length: 1374
expires: Sat, 07 Nov 2020 18:54:02 GMT

GET
H2 200 logo-ctct-white.svg
static.ctctcdn.com/lp/images/standard/logos/ 14 KB
5 KB 7ms
6ms Image
image/svg+xml 2a02:26f0:6c00:18c::37f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ctctcdn.com/lp/images/standard/logos/logo-ctct-white.svg
Requested by: Host: www.timesnewspapers.com
URL: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:18c::37f0 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Apache /
Resource Hash: 93d4ee52322461f159a6b2b53429a81f970f591e3b90e8cd185cb106ab29a389

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 06:02:42 GMT
content-encoding: gzip
last-modified: Tue, 16 Jun 2015 14:40:57 GMT
server: Apache
status: 200
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=18291561
accept-ranges: bytes
content-length: 5351
expires: Sat, 05 Dec 2020 23:02:03 GMT

GET
H2 200 bframe
www.google.com/recaptcha/api2/ Frame F9EC 0
0 18ms
17ms Document
text/html 2a00:1450:4001:815::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=-wV2EAWEOTlEtZh4vNQtn3H1&k=6LfHrSkUAAAAAPnKk5cT6JuKlKPzbwyTYuO8--Vr&cb=97mtx3tr39uj

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-wV2EAWEOTlEtZh4vNQtn3H1/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IIbrMJL7KQT48HQQKZK25g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=-wV2EAWEOTlEtZh4vNQtn3H1&k=6LfHrSkUAAAAAPnKk5cT6JuKlKPzbwyTYuO8--Vr&cb=97mtx3tr39uj
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 08 May 2020 06:02:42 GMT
content-security-policy: script-src 'report-sample' 'nonce-IIbrMJL7KQT48HQQKZK25g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1182
server: GSE
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 /
timesnewspapers.com/tncms/tracking/bannerad/impressions/ 0
165 B 115ms
114ms Other
application/octet-stream 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://timesnewspapers.com/tncms/tracking/bannerad/impressions/?i=ros/fixed-big-ad-middle1/65031f70-f7d0-11e8-8837-0f6ef4cf703c,ros/fixed-big-ad-top1/1605efce-62f5-11ea-8b82-9b2cf1e35965,
Requested by: Host: www.timesnewspapers.com
URL: https://www.timesnewspapers.com/shared-content/art/tncms/tracking.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 08 May 2020 06:02:43 GMT
x-vcache: MISS
real-hostname: timesnewspapers.com
age: 0
content-type: application/octet-stream
status: 200
cache-control: s-maxage=0, private, no-cache
accept-ranges: bytes
content-length: 0

GET spc.php
x.metarail.com/x/www/delivery/ Frame FC39 0
0

GET
H/1.1 200
OK fl.js Show response
x.metarail.com/x/www/delivery/ Frame FC39 5 KB
6 KB 123ms
122ms Script
application/x-javascript 23.21.244.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://x.metarail.com/x/www/delivery/fl.js
Requested by: Host: blank
URL: about:blank
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.244.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-244-127.compute-1.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 223b20f1ef4b5c4975608d2e2e462f15f7fa39f0c40c52ff1765b95e780ee72b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Fri, 08 May 2020 06:02:43 GMT
Last-Modified: Thu, 22 Mar 2018 14:33:17 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5ab3bead-15d6"
Content-Type: application/x-javascript
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5590
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 404 1.js
timesnewspapers.com/content/tncms/ads/_popup/ 0
0 114ms
113ms Script
text/html 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://timesnewspapers.com/content/tncms/ads/_popup/1.js
Requested by: Host: www.timesnewspapers.com
URL: https://www.timesnewspapers.com/shared-content/art/tncms-ad-manager/admanager.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 1.js Show response
timesnewspapers.com/content/tncms/ads/block-leaderboard-top/ 11 KB
3 KB 114ms
114ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://timesnewspapers.com/content/tncms/ads/block-leaderboard-top/1.js
Requested by: Host: www.timesnewspapers.com
URL: https://www.timesnewspapers.com/shared-content/art/tncms-ad-manager/admanager.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: 867f5c5d91a0d954dc0c2ddc75ba103e5c962f4baad34788e4b98fd71cd73107

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 06:01:43 GMT
content-encoding: gzip
last-modified: Tue, 05 May 2020 14:56:15 GMT
age: 60
etag: W/"5eb17e8f-2a85"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 2346
service-worker-allowed: /

GET
H2 200 1.js Show response
timesnewspapers.com/content/tncms/ads/block-rectangle-eight/ 1002 B
796 B 114ms
113ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://timesnewspapers.com/content/tncms/ads/block-rectangle-eight/1.js
Requested by: Host: www.timesnewspapers.com
URL: https://www.timesnewspapers.com/shared-content/art/tncms-ad-manager/admanager.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: 60bf49c7250b506041086578dae52837d2017ec71bef411e64cae301f78e018e

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 06:02:21 GMT
content-encoding: gzip
last-modified: Fri, 17 Apr 2020 10:01:07 GMT
age: 21
etag: W/"5e997e63-3ea"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 545
service-worker-allowed: /

GET
H2 404 1.js
timesnewspapers.com/content/tncms/ads/block-rectangle-eleven/ 0
0 114ms
113ms Script
text/html 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://timesnewspapers.com/content/tncms/ads/block-rectangle-eleven/1.js
Requested by: Host: www.timesnewspapers.com
URL: https://www.timesnewspapers.com/shared-content/art/tncms-ad-manager/admanager.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 1.js Show response
timesnewspapers.com/content/tncms/ads/block-rectangle-five/ 1001 B
796 B 114ms
113ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://timesnewspapers.com/content/tncms/ads/block-rectangle-five/1.js
Requested by: Host: www.timesnewspapers.com
URL: https://www.timesnewspapers.com/shared-content/art/tncms-ad-manager/admanager.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: a7822c9dab3b4c4acb6ff4cd8cd79208b0ddf10f9251110a24affaf0348cd9d7

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 06:02:21 GMT
content-encoding: gzip
last-modified: Fri, 17 Apr 2020 10:01:07 GMT
age: 21
etag: W/"5e997e63-3e9"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 545
service-worker-allowed: /

GET
H2 200 1.js Show response
timesnewspapers.com/content/tncms/ads/block-rectangle-four/ 1001 B
796 B 113ms
113ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://timesnewspapers.com/content/tncms/ads/block-rectangle-four/1.js
Requested by: Host: www.timesnewspapers.com
URL: https://www.timesnewspapers.com/shared-content/art/tncms-ad-manager/admanager.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: 5de4b245f1f0e0d6e98d91cd60c5d3168980566ee746bbba1f93a61bd993af0f

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 06:02:21 GMT
content-encoding: gzip
last-modified: Fri, 17 Apr 2020 10:01:07 GMT
age: 21
etag: W/"5e997e63-3e9"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 545
service-worker-allowed: /

GET
H2 200 1.js Show response
timesnewspapers.com/content/tncms/ads/block-rectangle-nine/ 1001 B
796 B 114ms
114ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://timesnewspapers.com/content/tncms/ads/block-rectangle-nine/1.js
Requested by: Host: www.timesnewspapers.com
URL: https://www.timesnewspapers.com/shared-content/art/tncms-ad-manager/admanager.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: 73069242e934bcfeee94675af20018a9ddf54f04396f050d35fd12d6c3c682be

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 06:02:21 GMT
content-encoding: gzip
last-modified: Fri, 17 Apr 2020 10:01:07 GMT
age: 21
etag: W/"5e997e63-3e9"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 545
service-worker-allowed: /

GET
H2 200 1.js Show response
timesnewspapers.com/content/tncms/ads/block-rectangle-one/ 1000 B
795 B 115ms
113ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://timesnewspapers.com/content/tncms/ads/block-rectangle-one/1.js
Requested by: Host: www.timesnewspapers.com
URL: https://www.timesnewspapers.com/shared-content/art/tncms-ad-manager/admanager.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: 27cc941523ba394c5d976cdd6b91aa1f8400e5bf2db1f1d7d2cf65b24934d796

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 06:02:21 GMT
content-encoding: gzip
last-modified: Fri, 17 Apr 2020 10:01:07 GMT
age: 21
etag: W/"5e997e63-3e8"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 544
service-worker-allowed: /

GET
H2 200 1.js Show response
timesnewspapers.com/content/tncms/ads/block-rectangle-seven/ 1002 B
796 B 116ms
115ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://timesnewspapers.com/content/tncms/ads/block-rectangle-seven/1.js
Requested by: Host: www.timesnewspapers.com
URL: https://www.timesnewspapers.com/shared-content/art/tncms-ad-manager/admanager.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: 350d213520e96710e7fe4fdcb778a9602c4ef6aaefdb212bb7631c2f899fc1fb

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 06:02:21 GMT
content-encoding: gzip
last-modified: Fri, 17 Apr 2020 10:01:07 GMT
age: 21
etag: W/"5e997e63-3ea"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 545
service-worker-allowed: /

GET
H2 200 1.js Show response
timesnewspapers.com/content/tncms/ads/block-rectangle-six/ 1000 B
796 B 115ms
115ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://timesnewspapers.com/content/tncms/ads/block-rectangle-six/1.js
Requested by: Host: www.timesnewspapers.com
URL: https://www.timesnewspapers.com/shared-content/art/tncms-ad-manager/admanager.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: d9f71dd3ccccc4d1ccb51c2b42c4e68d6532144599dcaee0838fbf3d1b3746a8

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 06:02:21 GMT
content-encoding: gzip
last-modified: Fri, 17 Apr 2020 10:01:07 GMT
age: 21
etag: W/"5e997e63-3e8"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 545
service-worker-allowed: /

GET
H2 200 1.js Show response
timesnewspapers.com/content/tncms/ads/block-rectangle-ten/ 1000 B
795 B 115ms
114ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://timesnewspapers.com/content/tncms/ads/block-rectangle-ten/1.js
Requested by: Host: www.timesnewspapers.com
URL: https://www.timesnewspapers.com/shared-content/art/tncms-ad-manager/admanager.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: a23310ac1616e97781e83f349094712c52c11baa6b3199fe8ff3848c227eca99

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 06:02:21 GMT
content-encoding: gzip
last-modified: Fri, 17 Apr 2020 10:01:07 GMT
age: 21
etag: W/"5e997e63-3e8"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 544
service-worker-allowed: /

GET
H2 200 1.js Show response
timesnewspapers.com/content/tncms/ads/block-rectangle-three/ 1002 B
796 B 114ms
114ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://timesnewspapers.com/content/tncms/ads/block-rectangle-three/1.js
Requested by: Host: www.timesnewspapers.com
URL: https://www.timesnewspapers.com/shared-content/art/tncms-ad-manager/admanager.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: dbea93fbfa852efd63250fd9333e7853caddeef8af3676565e047ecc861ddadd

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 06:02:21 GMT
content-encoding: gzip
last-modified: Fri, 17 Apr 2020 10:01:07 GMT
age: 21
etag: W/"5e997e63-3ea"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 545
service-worker-allowed: /

GET
H2 404 1.js
timesnewspapers.com/content/tncms/ads/block-rectangle-/ 0
0 114ms
113ms Script
text/html 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://timesnewspapers.com/content/tncms/ads/block-rectangle-/1.js
Requested by: Host: www.timesnewspapers.com
URL: https://www.timesnewspapers.com/shared-content/art/tncms-ad-manager/admanager.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 404 1.js
timesnewspapers.com/content/tncms/ads/block-leaderboard-bottom/ 0
0 115ms
114ms Script
text/html 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://timesnewspapers.com/content/tncms/ads/block-leaderboard-bottom/1.js
Requested by: Host: www.timesnewspapers.com
URL: https://www.timesnewspapers.com/shared-content/art/tncms-ad-manager/admanager.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 5e8dd3216b986.image.png
bloximages.newyork1.vip.townnews.com/timesnewspapers.com/content/tncms/assets/v3/bannerad/c/ff/cffb1a9e-799d-11ea-a422-e75ed8931841/ 49 KB
49 KB 127ms
127ms Image
image/png 104.18.130.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/timesnewspapers.com/content/tncms/assets/v3/bannerad/c/ff/cffb1a9e-799d-11ea-a422-e75ed8931841/5e8dd3216b986.image.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02cb990a6ba478b00d0eaa3ad5114fc8b33cc5eb84d062973b6e071eeb586286

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 06:02:43 GMT
vary: Accept-Encoding
cf-cache-status: HIT
status: 200
last-modified: Wed, 08 Apr 2020 13:35:29 GMT
content-length: 49953
cf-request-id: 02947a15b50000cc62d3094200000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "5e8dd321-c321"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5900f935eb93cc62-ZRH
expires: Thu, 08 Apr 2021 15:56:40 GMT

GET
H2 200 5ea31d1513bea.image.png
bloximages.newyork1.vip.townnews.com/timesnewspapers.com/content/tncms/assets/v3/bannerad/3/c9/3c9e2f94-864e-11ea-9397-db2b43ea4b3f/ 35 KB
35 KB 127ms
127ms Image
image/png 104.18.130.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/timesnewspapers.com/content/tncms/assets/v3/bannerad/3/c9/3c9e2f94-864e-11ea-9397-db2b43ea4b3f/5ea31d1513bea.image.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28879eaba467c85d45e75f1a2aaebe5c09e4d4041af9ba2bb94c7690f0dd822b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 06:02:43 GMT
vary: Accept-Encoding
cf-cache-status: HIT
status: 200
last-modified: Fri, 24 Apr 2020 17:08:37 GMT
content-length: 35982
cf-request-id: 02947a15b80000cc62d3095200000001
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "5ea31d15-8c8e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5900f935fb98cc62-ZRH
expires: Sat, 24 Apr 2021 17:11:40 GMT

POST
H2 200 /
timesnewspapers.com/tncms/tracking/bannerad/impressions/ 0
165 B 115ms
114ms Other
application/octet-stream 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://timesnewspapers.com/tncms/tracking/bannerad/impressions/?i=ros/block-leaderboard-top1/3c9e2f94-864e-11ea-9397-db2b43ea4b3f,ros/block-rectangle-five1/cffb1a9e-799d-11ea-a422-e75ed8931841,
Requested by: Host: www.timesnewspapers.com
URL: https://www.timesnewspapers.com/shared-content/art/tncms/tracking.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.timesnewspapers.com/calendar/100-approved-free-v-bucks-generator-v-bucks-fortnite-2020-v-bucks-no-survey-no/event_02798c3a-90eb-11ea-9582-5cb9017b8d9f.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 08 May 2020 06:02:44 GMT
x-vcache: MISS
real-hostname: timesnewspapers.com
age: 0
content-type: application/octet-stream
status: 200
cache-control: s-maxage=0, private, no-cache
accept-ranges: bytes
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: x.metarail.com
URL: http://x.metarail.com/x/www/delivery/spc.php?zones=83687&source=&r=74840962&callbackZone=83687&cb=L73KVaWy&charset=UTF-8&loc=about%3Ablank

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Constant Contact (Online)

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.google.com/	1970-01-19 13:45:28	Name: NID Value: 204=d7h03pdg6maUcFarJwt1xvjquZ7r7Y6ImPY2gWQ5_h0JTmSq7WAofaa-JqtIDLW-1GMr9cTVpOS9EmeTmtwLv6etGbCh5a1LY1leuVZ63ga-luP61wtVg5--lZfNOmos_VNOb_3J_64NjYN-jCJU2PMWcJHLdwAYS96GoFjLQuo

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.yap.yahoo.com
ampcid.google.com
ampcid.google.de
bloximages.newyork1.vip.townnews.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
listgrowth.ctctcdn.com
s.yimg.com
secure.gravatar.com
static.ctctcdn.com
stats.g.doubleclick.net
timesnewspapers.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.timesnewspapers.com
x.metarail.com
x.wayfareinteractive.com
x.metarail.com
104.18.130.43
143.204.97.117
192.104.183.109
212.82.100.146
23.21.244.127
23.23.203.59
2606:4700::6810:84e5
2a00:1288:f03d:1fa::4000
2a00:1450:4001:809::2008
2a00:1450:4001:809::200e
2a00:1450:4001:814::200a
2a00:1450:4001:815::2004
2a00:1450:4001:816::200e
2a00:1450:4001:81f::2003
2a00:1450:4001:820::200e
2a00:1450:400c:c08::9d
2a02:26f0:6c00:18c::37f0
2a04:fa87:fffe::c000:4902
02cb990a6ba478b00d0eaa3ad5114fc8b33cc5eb84d062973b6e071eeb586286
04944e27e5d836b3b6e4e4341b34b0367defca21e5440e2bef80597532f53e20
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0dcd600d14ce74ef98be264d07f0f7520681400113194e022984774f232bc3a4
10de7d69af358751d5f0146c012cf400cb2940c6dbdb7d624061e60914c48666
125d46686c153a543d0336becdc095cb3f902211c406e51b72270d2165e22545
129363a1c7ac096a6c9db2a5717877caaa04e1b30e0ee5e1b35a1d05f57bb3b2
1d584af3d0a8ad98207995400856e5e8c608551e080e252ed413e82c19ffd04f
1ef65a8b0945be297b4de2890c3150d92cb59132d70b03746b25507da58e54ce
223b20f1ef4b5c4975608d2e2e462f15f7fa39f0c40c52ff1765b95e780ee72b
227ebe9e178edd8e58abdab0ca06d71c660c82c76e0e438e7c424b7ca74abb82
26ce09ee584cc63c71fcaa77be3b1272e094016cc53fb9167b867d8a57dd5284
27cc941523ba394c5d976cdd6b91aa1f8400e5bf2db1f1d7d2cf65b24934d796
28879eaba467c85d45e75f1a2aaebe5c09e4d4041af9ba2bb94c7690f0dd822b
2e4a1364672886d20b773852455e15d7e91c5d570f61de61646bc1d3ebaacd48
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
324e02d24f001792f4a75a157af2f5ececa6f0208ce0cbdd8809ad48a3e537c5
350d213520e96710e7fe4fdcb778a9602c4ef6aaefdb212bb7631c2f899fc1fb
51dee4055004fcc4f0fc93f5b1262aafd2ec0070f6b5cebc3e06c4aeea250cda
530a535697fcf53b5f129387eca7ba508a3b1ed5f17ffdf75b804d2ab2cd7f4b
541df9709e639a31e400f0b9d0255d2b096ec4cefefe496c38450b96f6e7ff0e
544caf2f35f849cb11a559ddec8995f3ff5b350d378e04771eb5c46b7622ba2e
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
55680f52914826ee1609dc6f8b0e93cd6aa16c235cfcdacd37d40ada8d4a0714
56cf6c2adb75e276955f3bf951793f0c794ceb51d67d5d2c64b8ec01b996ecc4
5a52f9da8aae9aecbc187684f241e267573bba7bf44356cdff746b8ff2a61c35
5de4b245f1f0e0d6e98d91cd60c5d3168980566ee746bbba1f93a61bd993af0f
60bf49c7250b506041086578dae52837d2017ec71bef411e64cae301f78e018e
6560227bc8521c14dd4faf9538c645d6baf3eeb6a27765dc3aa886ccf567b12d
6a8bf8ae66cec479738242dff7a1f855e2ab213e42101075c0159868893c3d31
6e6c02cecdf5cb7b5db7cbf455c81c05828f2f801dd585ffdfa9d4cc90e9be1a
73069242e934bcfeee94675af20018a9ddf54f04396f050d35fd12d6c3c682be
7cf699208f030ec20d21efb4f5940cd459899e0c8ee3010496fd643ff30bb75b
7ec48a60849c066e9da617d0db011a6b4d70f743d6295cabdf1c38e5e4de5fe7
810be1dd18d86970f462e922b79789e08c7fd4e0ae40e3f26a14b71e7af50263
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
867f5c5d91a0d954dc0c2ddc75ba103e5c962f4baad34788e4b98fd71cd73107
90a697f151ddfaf8d79e0718338c7e54dc257fcfbeb8073101360eed8d50baee
9180a94ecd3d5f93f0fb9fcd95a68ec3a9e1decce55694bfb9e5ce6281bdd672
93a386fdea3b733231ed733d68beda9e84eaa22710f6402b874075673d7f376d
93d4ee52322461f159a6b2b53429a81f970f591e3b90e8cd185cb106ab29a389
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9e1dbb44fe5495ad5cbb57a492a71307c29e5cd82057a5a61fe6837a212d6980
a1b6400a21ddee090e93d8882ffa629963132785bfa41b0abbea199d278121e9
a23310ac1616e97781e83f349094712c52c11baa6b3199fe8ff3848c227eca99
a3c779721b0188cb7cf996bee7958fdcbdbe179a98bd1a15ec906e45ed281274
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a56e235cc7b2d3ff45d51c86010f045445a91e2532e6922a2e1b121f51ee912f
a7822c9dab3b4c4acb6ff4cd8cd79208b0ddf10f9251110a24affaf0348cd9d7
b720014075e9f358cf860b0ec69a9803b5975ab5bce8fa558e64024df1038ae9
bb7d97eb19604573681684dfe0fef40692a943c29f59d11e7ba9eb39242e4e3b
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ce84e8adbd54469d455f033b1f06bceef08f1d1c3f8e6a614f49ae86d7e695dc
d038096c8ae2c0550ae846757eaa5f3efd8d993748500578dab073d9554b9646
d212aeb9339ceea24a6beeda4b1b95f5814a257533e685150ca395f7191ce97b
d371be30037ed902af4d8f34fc18c94982dbbfbbde4348b35347e26092125caa
d9f71dd3ccccc4d1ccb51c2b42c4e68d6532144599dcaee0838fbf3d1b3746a8
d9fb611609ba692d8f7b21eaa854bb3ddd17a88374cc16504b44123d520afb99
da15a34222ec4090e6165fb1778f0b9fe6b7124b28e2bbf412fd904edc83c8da
dbea93fbfa852efd63250fd9333e7853caddeef8af3676565e047ecc861ddadd
dca7b23352f69a905b1c6f89962c9ecc49b1086a22fcd5e69858a8e3547f7f6d
de0432f861b6bd4cb88c6282f2b6b5b90903370f6c3c8498721037f48d333a3e
def0ff146145a12f6a7847920687731e6c3975e860dd405fd5a069e96ffbe7e1
e031307ddcda30e3aa2b2e3bd76f670af03ca6a92a02a0173b6e9857332a36e3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e434c1242a58984eebb5b3b730c7452084d2e35e0e835d014aec35067e451663
e721a857616e84f98bd743e56dd8e1fb44104f621bab75b6502cf3ea78afa307
f402b2d75ac54e1c369d34b97efcedb68aa084b039ab91b85ad70ea53ebb5a3a
f95fe1c0376aa720a01267e70fb42a259d610fa9fa66f78e7fc629f9bd835c43
fd43c41dc23b54388328c3e0833aedddaac3ae7babcc6d94d405d1f9aebb6b8d

www.timesnewspapers.com Open in urlscan Pro 192.104.183.109 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

81 Requests

99 %HTTPS

67 %IPv6

16 Domains

20 Subdomains

18 IPs

7 Countries

813 kBTransfer

2288 kBSize

1 Cookies

12 Outgoing links

Redirected requests

81 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.timesnewspapers.com Open in urlscan Pro
192.104.183.109 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

81
Requests

99 %
HTTPS

67 %
IPv6

16
Domains

20
Subdomains

18
IPs

7
Countries

813 kB
Transfer

2288 kB
Size

1
Cookies

81 HTTP transactions
2 data transactions