urlscan.io logo urlscan.io
SecurityTrails logo

www.newser.com Open in urlscan Pro
40.114.51.62  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.newser.com/
Effective URL: https://www.newser.com/
Submission: On April 27 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 91 IPs in 9 countries across 80 domains to perform 385 HTTP transactions. The main IP is 40.114.51.62, located in Washington, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.newser.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on December 31st 2020. Valid for: a year.
This is the only time www.newser.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 40.114.51.62 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
73 2620:1ec:bdf::45 8068 (MICROSOFT...)
60 2620:1ec:46::45 8068 (MICROSOFT...)
2 2606:2800:234... 15133 (EDGECAST)
1 50.16.249.42 14618 (AMAZON-AES)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 6 2620:116:800d... 16509 (AMAZON-02)
3 104.109.85.134 16625 (AKAMAI-AS)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 54.78.254.47 16509 (AMAZON-02)
2 169.50.137.179 36351 (SOFTLAYER)
3 2600:9000:20c... 16509 (AMAZON-02)
1 3 13.224.111.129 16509 (AMAZON-02)
1 2600:9000:20c... 16509 (AMAZON-02)
1 2.18.235.40 16625 (AKAMAI-AS)
1 2a02:6ea0:c70... 60068 (CDN77 (^_^)/)
6 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 107.23.67.161 14618 (AMAZON-AES)
9 10 3.120.52.76 16509 (AMAZON-02)
2 52.11.196.81 16509 (AMAZON-02)
6 6 18.156.0.31 16509 (AMAZON-02)
7 142.250.186.66 15169 (GOOGLE)
2 11 34.98.64.218 15169 (GOOGLE)
2 10 2.18.234.21 16625 (AKAMAI-AS)
1 185.255.84.151 200271 (IGUANE-)
1 178.162.133.150 60781 (LEASEWEB-...)
4 9 185.33.221.91 29990 (ASN-APPNEX)
1 18.194.69.169 16509 (AMAZON-02)
1 213.19.147.43 3356 (LEVEL3)
8 18.185.167.149 16509 (AMAZON-02)
1 178.250.0.165 44788 (ASN-CRITE...)
3 13.224.105.229 16509 (AMAZON-02)
8 34.200.78.134 14618 (AMAZON-AES)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 104.244.42.8 13414 (TWITTER)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
4 6 2a00:1450:400... 15169 (GOOGLE)
1 4 2a00:1450:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
1 44.238.170.237 16509 (AMAZON-02)
16 24 159.253.128.188 36351 (SOFTLAYER)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 2 35.227.248.159 15169 (GOOGLE)
1 1 18.133.35.94 16509 (AMAZON-02)
1 1 18.194.113.221 16509 (AMAZON-02)
2 13.224.111.41 16509 (AMAZON-02)
2 2 2600:1901:0:8... 15169 (GOOGLE)
1 18.198.69.109 16509 (AMAZON-02)
2 3.217.41.235 14618 (AMAZON-AES)
1 23.45.99.241 16625 (AKAMAI-AS)
1 2 34.251.130.56 16509 (AMAZON-02)
1 2 216.52.2.19 30282 (AS-INAPCD...)
1 35.244.174.68 15169 (GOOGLE)
1 1 142.250.185.130 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 185.94.180.125 35220 (SPOTX-AMS)
2 69.173.144.138 26667 (RUBICONPR...)
19 21 142.250.186.98 15169 (GOOGLE)
1 2.18.232.130 16625 (AKAMAI-AS)
2 52.22.15.148 14618 (AMAZON-AES)
1 104.16.68.69 13335 (CLOUDFLAR...)
1 104.17.120.107 13335 (CLOUDFLAR...)
1 2 185.33.221.88 29990 (ASN-APPNEX)
7 10 63.33.11.43 16509 (AMAZON-02)
2 4 54.239.17.112 16509 (AMAZON-02)
1 18.235.163.155 14618 (AMAZON-AES)
1 1 193.0.160.129 54312 (ROCKETFUEL)
1 1 66.155.71.149 13768 (COGECO-PEER1)
1 52.58.127.188 16509 (AMAZON-02)
4 2.18.233.180 16625 (AKAMAI-AS)
4 104.111.230.142 16625 (AKAMAI-AS)
1 104.111.242.245 16625 (AKAMAI-AS)
1 1 13.224.111.115 16509 (AMAZON-02)
2 7 3.124.65.205 16509 (AMAZON-02)
2 185.64.190.78 62713 (AS-PUBMATIC)
2 69.173.144.139 26667 (RUBICONPR...)
2 178.250.0.163 44788 (ASN-CRITE...)
2 213.155.156.169 1299 (TELIANET ...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 4 77.243.60.138 42697 (NETIC-AS)
4 4 35.201.96.126 15169 (GOOGLE)
2 185.64.190.106 62713 (AS-PUBMATIC)
13 185.64.190.80 62713 (AS-PUBMATIC)
3 3 185.29.132.68 30419 (MEDIAMATH...)
6 6 37.157.6.251 198622 (ADFORM)
1 4 2a00:1288:110... 34010 (YAHOO-IRD)
4 185.64.189.114 62713 (AS-PUBMATIC)
2 2 18.192.249.156 16509 (AMAZON-02)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 1 64.202.112.63 23352 (SERVERCEN...)
1 2600:9000:20c... 16509 (AMAZON-02)
8 208.100.17.187 32748 (STEADFAST)
2 2 3.125.99.7 16509 (AMAZON-02)
2 2 54.194.211.3 16509 (AMAZON-02)
2 3 52.19.106.86 16509 (AMAZON-02)
1 1 23.79.143.124 16625 (AKAMAI-AS)
4 54.84.143.226 14618 (AMAZON-AES)
2 2 52.57.10.248 16509 (AMAZON-02)
1 1 88.214.206.142 46636 (NATCOWEB)
1 1 154.59.122.79 174 (COGENT-174)
385 91
5    40.114.51.62 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.newser.com
1    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
73    2620:1ec:bdf::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
static1-azrcdn.newser.com
img1-azrcdn.newser.com
60    2620:1ec:46::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
static2-azrcdn.newser.com
img2-azrcdn.newser.com
2    2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    50.16.249.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-249-42.compute-1.amazonaws.com
api.ipify.org
3    2606:4700::6811:4e22 (United States)

ASN13335 (CLOUDFLARENET, US)
global.proper.io
eb.proper.io
6    2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
3    104.109.85.134 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-85-134.deploy.static.akamaitechnologies.com
s7.addthis.com
v1.addthisedge.com
2    2606:4700::6810:9e11 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.engine.4dsply.com
engine.4dsply.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loadus.exelator.com
2    169.50.137.179 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b3.89.32a9.ip4.static.sl-reverse.com
i.simpli.fi
3    2600:9000:20c8:2600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
3    13.224.111.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-111-129.mad50.r.cloudfront.net
sb.scorecardresearch.com
1    2600:9000:20c8:bc00:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
1    2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com
z.moatads.com
1    2a02:6ea0:c700::3 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)
load77.exelator.com
6    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2606:4700:3036::ac43:8a2c (United States)

ASN13335 (CLOUDFLARENET, US)
rddywd.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleapis.com
2    107.23.67.161 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-67-161.compute-1.amazonaws.com
ping.chartbeat.net
10    3.120.52.76 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
2    52.11.196.81 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-11-196-81.us-west-2.compute.amazonaws.com
usync.proper.io
6    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
7    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
securepubads.g.doubleclick.net
11    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
propermedia-d.openx.net
us-u.openx.net
eu-u.openx.net
10    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
as-sec.casalemedia.com
js-sec.indexww.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
1    185.255.84.151 (Paris, France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
1    178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com
apex.go.sonobi.com
9    185.33.221.91 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    18.194.69.169 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-69-169.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
1    213.19.147.43 (United Kingdom)

ASN3356 (LEVEL3, US)
tag.1rx.io
8    18.185.167.149 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-167-149.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
1    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
3    13.224.105.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-105-229.mad50.r.cloudfront.net
c.amazon-adsystem.com
8    34.200.78.134 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-78-134.compute-1.amazonaws.com
ssc.33across.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    104.244.42.8 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    2a00:1450:400f:808::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.pl
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
6116d3d949bda88a13307fdab1f05e8d.safeframe.googlesyndication.com
18    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
15    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
6    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2404:6800:4008:c07::78 (New Taipei, Taiwan)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    44.238.170.237 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-170-237.us-west-2.compute.amazonaws.com
bids.proper.io
24    159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
um.simpli.fi
1    2600:1f18:612b:4264:7659:1bf:d736:fba9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
simplifi.partners.tremorhub.com
2    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
1    18.133.35.94 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
aa.agkn.com
1    18.194.113.221 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
d.agkn.com
2    13.224.111.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-111-41.mad50.r.cloudfront.net
sync.intentiq.com
2    2600:1901:0:8eee:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
fei.pro-market.net
1    18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
loadm.exelator.com
2    3.217.41.235 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-41-235.compute-1.amazonaws.com
sync.bfmio.com
1    23.45.99.241 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-99-241.deploy.static.akamaitechnologies.com
stags.bluekai.com
2    34.251.130.56 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
bcp.crwdcntrl.net
2    216.52.2.19 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ce.lijit.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
www.googleadservices.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    185.94.180.125 (United States)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
2    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
21    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
cm.g.doubleclick.net
1    2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com
acdn.adnxs.com
2    52.22.15.148 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
mantodea.mantisadnetwork.com
ecs.mantisadnetwork.com
1    104.16.68.69 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.districtm.io
1    104.17.120.107 (United States)

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
2    185.33.221.88 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
10    63.33.11.43 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.adsrvr.org
4    54.239.17.112 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    18.235.163.155 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rtb.adentifi.com
1    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    52.58.127.188 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pre.ads.justpremium.com
4    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
4    104.111.230.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
sync.teads.tv
1    13.224.111.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-111-115.mad50.r.cloudfront.net
ib.3lift.com
7    3.124.65.205 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-65-205.eu-central-1.compute.amazonaws.com
eb2.3lift.com
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    213.155.156.169 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-169.teliacarrier-cust.com
d5p.de17a.com
2    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
4    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
4    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
visitor.fiftyt.com
2    185.64.190.106 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
13    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
3    185.29.132.68 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
6    37.157.6.251 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
c1.adform.net
4    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
4    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
2    18.192.249.156 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
prod.perf-serving.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    64.202.112.63 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    2600:9000:20c8:5600:1f:2473:9080:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.undertone.com
8    208.100.17.187 (United States)

ASN32748 (STEADFAST, US)
de.tynt.com
2    3.125.99.7 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pm.w55c.net
2    54.194.211.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
ads.avct.cloud
3    52.19.106.86 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.prod.bidr.io
1    23.79.143.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    54.84.143.226 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
usr.undertone.com
2    52.57.10.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-10-248.eu-central-1.compute.amazonaws.com
pixel.advertising.com
1    88.214.206.142 (United Kingdom)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
1    154.59.122.79 (United States)

ASN174 (COGENT-174, US)
ums.acuityplatform.com
Apex Domain
Subdomains		 Transfer
138 newser.com
www.newser.com
static1-azrcdn.newser.com
static2-azrcdn.newser.com
img2-azrcdn.newser.com
img1-azrcdn.newser.com
5 MB
32 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
153 KB
26 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
aud.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com
64 KB
26 simpli.fi
i.simpli.fi
um.simpli.fi
15 KB
25 googlesyndication.com
pagead2.googlesyndication.com
6116d3d949bda88a13307fdab1f05e8d.safeframe.googlesyndication.com
tpc.googlesyndication.com
202 KB
15 ampproject.org
cdn.ampproject.org
314 KB
12 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
9 KB
11 openx.net
propermedia-d.openx.net
us-u.openx.net
eu-u.openx.net
3 KB
10 adsrvr.org
match.adsrvr.org
4 KB
10 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
7 KB
10 bidswitch.net
x.bidswitch.net
4 KB
9 rubiconproject.com
fastlane.rubiconproject.com Failed
pixel.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
secure-assets.rubiconproject.com
22 KB
8 tynt.com
de.tynt.com
2 KB
8 3lift.com
ib.3lift.com
eb2.3lift.com
3 KB
8 33across.com
ssc.33across.com
5 KB
8 sharethrough.com
btlr.sharethrough.com
905 B
8 casalemedia.com
as-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
9 KB
7 google.com
adservice.google.com
www.google.com
631 B
7 amazon-adsystem.com
c.amazon-adsystem.com
s.amazon-adsystem.com
36 KB
6 adform.net
c1.adform.net
3 KB
6 quantserve.com
secure.quantserve.com
pixel.quantserve.com
19 KB
6 proper.io
global.proper.io
usync.proper.io
bids.proper.io Failed
eb.proper.io
89 KB
5 undertone.com
cdn.undertone.com
usr.undertone.com
3 KB
4 fiftyt.com
visitor.fiftyt.com
2 KB
4 semasio.net
uipglob.semasio.net
2 KB
3 bidr.io
match.prod.bidr.io
2 KB
3 mathtag.com
sync.mathtag.com
2 KB
3 criteo.com
bidder.criteo.com
dis.criteo.com
752 B
3 scorecardresearch.com
sb.scorecardresearch.com
3 KB
3 quantcount.com
rules.quantcount.com
1 KB
3 exelator.com
loadus.exelator.com
load77.exelator.com
loadm.exelator.com
1 KB
3 twitter.com
platform.twitter.com
syndication.twitter.com
132 KB
2 advertising.com
pixel.advertising.com
677 B
2 avct.cloud
ads.avct.cloud
888 B
2 w55c.net
pm.w55c.net
1 KB
2 perf-serving.com
prod.perf-serving.com
1 KB
2 zeotap.com
mwzeom.zeotap.com
984 B
2 de17a.com
d5p.de17a.com
268 B
2 mantisadnetwork.com
mantodea.mantisadnetwork.com
ecs.mantisadnetwork.com
722 B
2 indexww.com
js-sec.indexww.com
2 KB
2 spotxchange.com
sync.search.spotxchange.com
1 KB
2 lijit.com
ce.lijit.com
968 B
2 crwdcntrl.net
bcp.crwdcntrl.net
977 B
2 bfmio.com
sync.bfmio.com
421 B
2 pro-market.net
fei.pro-market.net
852 B
2 intentiq.com
sync.intentiq.com
2 agkn.com
aa.agkn.com
d.agkn.com
957 B
2 tapad.com
pixel.tapad.com
906 B
2 chartbeat.net
ping.chartbeat.net
337 B
2 rddywd.com
rddywd.com
1 KB
2 gstatic.com
fonts.gstatic.com
csi.gstatic.com
16 KB
2 facebook.net
connect.facebook.net
67 KB
2 4dsply.com
cdn.engine.4dsply.com
engine.4dsply.com
77 KB
2 addthis.com
s7.addthis.com
190 KB
2 googleapis.com
fonts.googleapis.com
www.googleapis.com
1 KB
1 acuityplatform.com
ums.acuityplatform.com
706 B
1 admanmedia.com
cs.admanmedia.com
413 B
1 zemanta.com
b1sync.zemanta.com
301 B
1 bing.com
c.bing.com
444 B
1 teads.tv
sync.teads.tv
1 KB
1 justpremium.com
pre.ads.justpremium.com
4 KB
1 sitescout.com
pixel-sync.sitescout.com
299 B
1 rfihub.com
p.rfihub.com
771 B
1 adentifi.com
rtb.adentifi.com
88 B
1 brealtime.com
biddr.brealtime.com
1 KB
1 google.de
www.google.de
64 B
1 googleadservices.com
www.googleadservices.com
23 B
1 rlcdn.com
idsync.rlcdn.com
66 B
1 bluekai.com
stags.bluekai.com
745 B
1 tremorhub.com
simplifi.partners.tremorhub.com
183 B
1 google.pl
adservice.google.pl
799 B
1 districtm.io
dmx.districtm.io Failed
cdn.districtm.io
1 1rx.io
tag.1rx.io
170 B
1 emxdgt.com
hb.emxdgt.com
159 B
1 sonobi.com
apex.go.sonobi.com
614 B
1 omnitagjs.com
hb-api.omnitagjs.com
758 B
1 addthisedge.com
v1.addthisedge.com
556 B
1 moatads.com
z.moatads.com
1 KB
1 chartbeat.com
static.chartbeat.com
14 KB
1 ipify.org
api.ipify.org
254 B
385 80
Domain Requested by
69 img1-azrcdn.newser.com www.newser.com
static1-azrcdn.newser.com
59 img2-azrcdn.newser.com www.newser.com
static1-azrcdn.newser.com
24 um.simpli.fi 16 redirects ads.pubmatic.com
21 cm.g.doubleclick.net 19 redirects eb2.3lift.com
eu-u.openx.net
18 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.newser.com
cdn.ampproject.org
tpc.googlesyndication.com
15 cdn.ampproject.org securepubads.g.doubleclick.net
10 match.adsrvr.org 7 redirects ssum-sec.casalemedia.com
eb2.3lift.com
eu-u.openx.net
10 x.bidswitch.net 9 redirects ads.pubmatic.com
9 ib.adnxs.com 4 redirects global.proper.io
eb2.3lift.com
cdn.undertone.com
8 de.tynt.com global.proper.io
8 ssc.33across.com global.proper.io
8 btlr.sharethrough.com global.proper.io
7 simage2.pubmatic.com ads.pubmatic.com
7 eb2.3lift.com 2 redirects global.proper.io
eb2.3lift.com
7 securepubads.g.doubleclick.net global.proper.io
securepubads.g.doubleclick.net
www.newser.com
6 c1.adform.net 6 redirects
6 image2.pubmatic.com ads.pubmatic.com
6 www.google.com 4 redirects www.newser.com
6 ups.analytics.yahoo.com 6 redirects
6 pagead2.googlesyndication.com www.newser.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
5 eu-u.openx.net 1 redirects global.proper.io
eu-u.openx.net
5 us-u.openx.net 1 redirects eu-u.openx.net
5 www.newser.com 1 redirects www.newser.com
static1-azrcdn.newser.com
4 usr.undertone.com cdn.undertone.com
4 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
eu-u.openx.net
4 visitor.fiftyt.com 4 redirects
4 uipglob.semasio.net 2 redirects ads.pubmatic.com
4 eus.rubiconproject.com global.proper.io
eus.rubiconproject.com
cdn.undertone.com
4 ads.pubmatic.com global.proper.io
ads.pubmatic.com
4 s.amazon-adsystem.com 2 redirects ssum-sec.casalemedia.com
eb2.3lift.com
4 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
4 googleads.g.doubleclick.net 1 redirects www.newser.com
4 pixel.quantserve.com 1 redirects www.newser.com
mantodea.mantisadnetwork.com
4 static1-azrcdn.newser.com www.newser.com
3 match.prod.bidr.io 2 redirects eu-u.openx.net
3 sync.mathtag.com 3 redirects
3 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
3 c.amazon-adsystem.com global.proper.io
c.amazon-adsystem.com
3 sb.scorecardresearch.com 1 redirects www.newser.com
3 rules.quantcount.com secure.quantserve.com
2 simage4.pubmatic.com ads.pubmatic.com
2 pixel.advertising.com 2 redirects
2 ads.avct.cloud 2 redirects
2 pm.w55c.net 2 redirects
2 prod.perf-serving.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 aud.pubmatic.com ads.pubmatic.com
2 mwzeom.zeotap.com ads.pubmatic.com
2 d5p.de17a.com ads.pubmatic.com
2 dis.criteo.com ads.pubmatic.com
2 token.rubiconproject.com eus.rubiconproject.com
2 image6.pubmatic.com ads.pubmatic.com
2 secure.adnxs.com 1 redirects
2 js-sec.indexww.com global.proper.io
ssum-sec.casalemedia.com
2 pixel.rubiconproject.com cdn.undertone.com
2 sync.search.spotxchange.com 1 redirects
2 ce.lijit.com 1 redirects
2 bcp.crwdcntrl.net 1 redirects ssum-sec.casalemedia.com
2 sync.bfmio.com global.proper.io
2 fei.pro-market.net 2 redirects
2 sync.intentiq.com
2 pixel.tapad.com 1 redirects
2 usync.proper.io www.newser.com
2 ping.chartbeat.net www.newser.com
2 rddywd.com www.newser.com
2 i.simpli.fi www.newser.com
i.simpli.fi
2 connect.facebook.net www.newser.com
connect.facebook.net
2 s7.addthis.com www.newser.com
s7.addthis.com
2 secure.quantserve.com www.newser.com
mantodea.mantisadnetwork.com
2 global.proper.io www.newser.com
global.proper.io
2 platform.twitter.com static1-azrcdn.newser.com
platform.twitter.com
1 ums.acuityplatform.com 1 redirects
1 cs.admanmedia.com 1 redirects
1 secure-assets.rubiconproject.com 1 redirects
1 cdn.undertone.com global.proper.io
1 b1sync.zemanta.com 1 redirects
1 c.bing.com eb2.3lift.com
1 ib.3lift.com 1 redirects
1 sync.teads.tv global.proper.io
1 pre.ads.justpremium.com global.proper.io
1 ecs.mantisadnetwork.com mantodea.mantisadnetwork.com
1 pixel-sync.sitescout.com 1 redirects
1 p.rfihub.com 1 redirects
1 rtb.adentifi.com ssum-sec.casalemedia.com
1 biddr.brealtime.com global.proper.io
1 cdn.districtm.io global.proper.io
1 mantodea.mantisadnetwork.com global.proper.io
1 acdn.adnxs.com global.proper.io
1 www.google.de
1 www.googleadservices.com 1 redirects
1 idsync.rlcdn.com
1 stags.bluekai.com
1 loadm.exelator.com
1 d.agkn.com 1 redirects
1 aa.agkn.com 1 redirects
1 simplifi.partners.tremorhub.com
1 csi.gstatic.com cdn.ampproject.org
1 6116d3d949bda88a13307fdab1f05e8d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.pl securepubads.g.doubleclick.net
1 eb.proper.io global.proper.io
1 syndication.twitter.com platform.twitter.com
1 hbopenbid.pubmatic.com global.proper.io
1 bidder.criteo.com global.proper.io
1 tag.1rx.io global.proper.io
1 hb.emxdgt.com global.proper.io
1 apex.go.sonobi.com global.proper.io
1 hb-api.omnitagjs.com global.proper.io
1 as-sec.casalemedia.com global.proper.io
1 propermedia-d.openx.net global.proper.io
1 bids.proper.io global.proper.io
1 v1.addthisedge.com s7.addthis.com
1 www.googleapis.com www.newser.com
1 load77.exelator.com www.newser.com
1 z.moatads.com s7.addthis.com
1 static.chartbeat.com www.newser.com
1 engine.4dsply.com cdn.engine.4dsply.com
1 loadus.exelator.com www.newser.com
1 fonts.gstatic.com fonts.googleapis.com
1 cdn.engine.4dsply.com www.newser.com
1 api.ipify.org static1-azrcdn.newser.com
1 static2-azrcdn.newser.com www.newser.com
1 fonts.googleapis.com www.newser.com
0 fastlane.rubiconproject.com Failed global.proper.io
0 dmx.districtm.io Failed global.proper.io
385 125

This site contains links to these domains. Also see Links.

Domain
itunes.apple.com
play.google.com
www.microsoft.com
Subject Issuer Validity Valid
*.newser.com
Go Daddy Secure Certificate Authority - G2		 2020-12-31 -
2022-02-01		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
static1-azrcdn.newser.com
DigiCert SHA2 Secure Server CA		 2020-09-27 -
2021-09-27		 a year crt.sh
static2-azrcdn.newser.com
DigiCert SHA2 Secure Server CA		 2020-09-27 -
2021-09-27		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-05 -
2021-11-09		 a year crt.sh
*.ipify.org
Sectigo RSA Domain Validation Secure Server CA		 2021-01-19 -
2022-02-19		 a year crt.sh
proper.io
Cloudflare Inc ECC CA-3		 2020-07-03 -
2021-07-03		 a year crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-04-25 -
2022-04-27		 a year crt.sh
img2-azrcdn.newser.com
DigiCert SHA2 Secure Server CA		 2020-09-27 -
2021-09-27		 a year crt.sh
img1-azrcdn.newser.com
DigiCert SHA2 Secure Server CA		 2020-09-27 -
2021-09-27		 a year crt.sh
4dsply.com
Cloudflare Inc ECC CA-3		 2020-07-01 -
2021-07-01		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-04-06 -
2021-07-03		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.exelator.com
Go Daddy Secure Certificate Authority - G2		 2019-05-17 -
2021-06-25		 2 years crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2020-06-01 -
2021-06-02		 a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-01-21 -
2022-01-25		 a year crt.sh
1605158521.rsc.cdn77.org
R3		 2021-03-17 -
2021-06-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-11 -
2021-08-11		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2020-12-01 -
2021-12-30		 a year crt.sh
*.proper.io
Sectigo RSA Domain Validation Secure Server CA		 2020-12-20 -
2022-01-20		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-18 -
2021-06-18		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.emxdgt.com
Amazon		 2020-07-31 -
2021-08-30		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2019-06-28 -
2021-06-27		 2 years crt.sh
*.sharethrough.com
Amazon		 2020-09-09 -
2021-10-11		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2020-08-04 -
2021-08-02		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2019-10-01 -
2021-09-30		 2 years crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
*.google.pl
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
misc-sni.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.tremorhub.com
Amazon		 2020-07-25 -
2021-08-25		 a year crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA		 2020-10-05 -
2021-11-06		 a year crt.sh
*.intentiq.com
Amazon		 2021-04-04 -
2022-05-03		 a year crt.sh
*.bfmio.com
Amazon		 2020-06-14 -
2021-07-14		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-04-25 -
2022-04-26		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2019-06-13 -
2021-06-28		 2 years crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.google.de
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2021-04-08 -
2022-05-09		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-03-11 -
2022-02-07		 a year crt.sh
*.mantisadnetwork.com
Amazon		 2020-11-13 -
2021-12-12		 a year crt.sh
districtm.io
Cloudflare Inc ECC CA-3		 2020-07-01 -
2021-07-01		 a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2020-01-22 -
2022-03-22		 2 years crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
adentifi.com
Amazon		 2020-10-02 -
2021-11-02		 a year crt.sh
tracking.justpremium.com
Amazon		 2021-03-01 -
2022-03-30		 a year crt.sh
teads.tv
R3		 2021-02-18 -
2021-05-19		 3 months crt.sh
*.3lift.com
Amazon		 2020-07-04 -
2021-08-05		 a year crt.sh
*.de17a.com
Sectigo ECC Domain Validation Secure Server CA		 2020-11-25 -
2021-12-25		 a year crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-09 -
2022-04-10		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-29 -
2021-09-22		 6 months crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-04-12 -
2021-10-12		 6 months crt.sh
*.undertone.com
Amazon		 2020-12-11 -
2022-01-09		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-01 -
2021-09-30		 a year crt.sh
*.match.prod.bidr.io
Amazon		 2021-02-26 -
2022-03-27		 a year crt.sh
*.k8s-cluster-p-us-east-1.ramp-ut.io
Amazon		 2020-11-18 -
2021-12-18		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh

This page contains 34 frames:

Primary Page: https://www.newser.com/
Frame ID: EEC530AEA2722C2EA275E639D8B8E9C6
Requests: 236 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.63899b173766ee6f8a729a72b542b0fb.html?origin=https%3A%2F%2Fwww.newser.com
Frame ID: 786B1F33DF22EAB6FCF5260B84651CF2
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032104130153000/amp4ads-v0.mjs
Frame ID: 5E26302E4BF06DA183E7EF2E57D47983
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/022103020108001/amp4ads-v0.mjs
Frame ID: 139FA72F03E7EA5B32D940C50D9862F5
Requests: 16 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/022103020108001/amp4ads-v0.mjs
Frame ID: 2A1458186A2F7A11CA92B011D58186CB
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 9FD67456255B0D72D57682139D4D7494
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: ACD1D0D388DDEAEB188DBAF0E6C1593F
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 98714988566C8D0D0ED4B36F68E7D196
Requests: 1 HTTP requests in this frame

Frame: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-120&buster=1619494342527&secure=true&version=9&mobile=false&title=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&url=https%3A%2F%2Fwww.newser.com%2F
Frame ID: 68D0AB731FD7B00903F9886E4B03ECB5
Requests: 5 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 4AAB6E5B886A674D51E797E1C794E2C0
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 5DF489B87590116CD6C7BD0F8546D51F
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.newser.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 4B59A1EB939378CE4890A4D3F082446C
Requests: 10 HTTP requests in this frame

Frame: https://pre.ads.justpremium.com/v/1.0/t/sync?_c=abugyvh1619494342793
Frame ID: 378AB99820EDE5F5361E6FCDAC1D4EDC
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 1183E72FC0A44D4DEF1FEC175D586018
Requests: 17 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 31DFEB2AD26DF6983DA4C4A5E657C62D
Requests: 3 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe?gdprIab=%7B%22status%22%3A12%7D
Frame ID: F113766C3A6C694BC42E3FADA7AD5715
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 45027C83AA76857214AE912E1DA7F9EB
Requests: 11 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: F322C50B2ABD1AE90DA40082FE798D8C
Requests: 1 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: ADBB2E160C161B9CAF4A745395DB74C6
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html
Frame ID: B39D0CCF4D5EAF7C48CA7558379F8FD2
Requests: 7 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifg=1&id=&gdpr=0&gc=&gce=1&us_privacy=1---
Frame ID: F45391F9A7629CC8650F9B7C52656A29
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 24813D385EA97EA50BD5FEE43C21C85F
Requests: 17 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Frame ID: BBE2254A7F8B4CFD612B83C8F8EA0AF8
Requests: 11 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=aAb9LgbZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: E3B46BB8BAA6372657BF9174EBE68BB2
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: B71B7506BF4857976A28F746614A985C
Requests: 3 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 5DCDAE88518D9C396BB830760F5095DB
Requests: 1 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: 562DD1260CEFDD00A842A3931F7C67AE
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=aQZNIebZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 2E9D7BC398F54043B5DB49DA7F3CD181
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=aYM3dqbZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 109C6167973EB663CBF12C8022428423
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=aVbmTmbZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 40B877173951186587E99C1321170768
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=auLbLMbZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 9629CFE1A44A61212CDEB26FEC41C3E5
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=aIsVNgbZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: B29B10469C6E5AD1D7BE89B8DE296319
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=aMI2rSbZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: F5DF03A2BB6DF219B3EBA96700695A99
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=aEhRN6bZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 0A2F250ACE4536DDB2637C7406B03A7D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.newser.com/ HTTP 301
    https://www.newser.com/ Page URL

Page Statistics

385
Requests

99 %
HTTPS

28 %
IPv6

80
Domains

125
Subdomains

91
IPs

9
Countries

6641 kB
Transfer

9837 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.newser.com/ HTTP 301
    https://www.newser.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 116
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D699b1db2-e77d-424d-98d7-091d4c6f621a%26uid%3D%24%7BBSW_UUID%7D?&callback=window.proper_97b9efe7_355918fd_1 HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D699b1db2-e77d-424d-98d7-091d4c6f621a%26uid%3D%24%7BBSW_UUID%7D?&callback=window.proper_97b9efe7_355918fd_1 HTTP 302
  • https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=699b1db2-e77d-424d-98d7-091d4c6f621a&uid=394c0077-63e1-443c-a271-99c34be98bcc
Request Chain 117
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_4b7f05c4_3edc92a2_2 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_4b7f05c4_3edc92a2_2&verify=true HTTP 302
  • https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-z6gjY0FE2uFq2Z78LnhvUrDjiZCBRTKI~A
Request Chain 149
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035830&ns__t=1619494342888&ns_c=UTF-8&cv=3.5&c8=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&c7=https%3A%2F%2Fwww.newser.com%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035830&ns__t=1619494342888&ns_c=UTF-8&cv=3.5&c8=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&c7=https%3A%2F%2Fwww.newser.com%2F&c9=
Request Chain 220
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 244
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 245
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 258
  • https://um.simpli.fi/telaria_p HTTP 302
  • https://simplifi.partners.tremorhub.com/sync?UISF=FA568737D7F04A39A9BA953054430ECC
Request Chain 259
  • https://um.simpli.fi/tapad HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=FA568737D7F04A39A9BA953054430ECC HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=FA568737D7F04A39A9BA953054430ECC
Request Chain 260
  • https://um.simpli.fi/ad_advisor HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=FA568737D7F04A39A9BA953054430ECC HTTP 302
  • https://d.agkn.com/pixel/10751/?che=1619494347&ip=37.120.211.132&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D164851003769000035736 HTTP 302
  • https://um.simpli.fi/aa_px?sk=164851003769000035736
Request Chain 262
  • https://um.simpli.fi/intentiq HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=FA568737D7F04A39A9BA953054430ECC
Request Chain 265
  • https://um.simpli.fi/dtnx HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=FA568737D7F04A39A9BA953054430ECC;mimetype=img; HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=FA568737D7F04A39A9BA953054430ECC;mimetype=img;sr HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=1783047598138805888
Request Chain 266
  • https://um.simpli.fi/exelatem HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=FA568737D7F04A39A9BA953054430ECC&j=0
Request Chain 268
  • https://um.simpli.fi/beachfront HTTP 302
  • https://sync.bfmio.com/sync?pid=141&uid=FA568737D7F04A39A9BA953054430ECC
Request Chain 269
  • https://um.simpli.fi/bluekai HTTP 302
  • https://stags.bluekai.com/site/29931?id=FA568737D7F04A39A9BA953054430ECC
Request Chain 270
  • https://um.simpli.fi/crwdcntrl HTTP 302
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=FA568737D7F04A39A9BA953054430ECC HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=FA568737D7F04A39A9BA953054430ECC
Request Chain 271
  • https://um.simpli.fi/lj_match HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=FA568737D7F04A39A9BA953054430ECC HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=FA568737D7F04A39A9BA953054430ECC&dnr=1
Request Chain 272
  • https://um.simpli.fi/liveramp_match HTTP 302
  • https://idsync.rlcdn.com/419566.gif?partner_uid=FA568737D7F04A39A9BA953054430ECC
Request Chain 273
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1619494347262&cv=7&fst=1619494347262&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=324453725&cv=7&fst=1619494347262&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=y4WHYJT9FZ6j7_UPmqWL4AQ&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=324453725&cv=7&fst=1619494347262&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=y4WHYJT9FZ6j7_UPmqWL4AQ&cid=CAQSKQCNIrLMwIp2qXiQjrdo_cVUZpAF8TsUAn-6zkN6GR2z5Uhem86FUsvW&random=1091364514 HTTP 302
  • https://www.google.de/pagead/1p-conversion/1026675585/?random=324453725&cv=7&fst=1619494347262&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=y4WHYJT9FZ6j7_UPmqWL4AQ&cid=CAQSKQCNIrLMwIp2qXiQjrdo_cVUZpAF8TsUAn-6zkN6GR2z5Uhem86FUsvW&random=1091364514&ipr=y
Request Chain 274
  • https://um.simpli.fi/spotx_match HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7797&uid=FA568737D7F04A39A9BA953054430ECC HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7797&uid=FA568737D7F04A39A9BA953054430ECC&__user_check__=1&sync_id=3094924e-a709-11eb-b0ad-155da6fd0106
Request Chain 275
  • https://um.simpli.fi/an HTTP 302
  • https://ib.adnxs.com/setuid?entity=66&code=FA568737D7F04A39A9BA953054430ECC
Request Chain 276
  • https://um.simpli.fi/rb_match HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=FA568737D7F04A39A9BA953054430ECC&expires=365
Request Chain 277
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=FA568737D7F04A39A9BA953054430ECC
Request Chain 278
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
  • https://um.simpli.fi/g_match?id=&google_gid=CAESEBp2Qo3XPD-N6RIUzDB6Rdc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FA568737D7F04A39A9BA953054430ECC HTTP 302
  • https://um.simpli.fi/g_match?id=
Request Chain 287
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.newser.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.newser.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 288
  • https://secure.adnxs.com/async_usersync?cbfn=AN_async_load HTTP 307
  • https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load
Request Chain 289
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YIeFzbHLhFuPJgdDdZtULQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL2ksIdCtBTwwTq2jItzN74&google_cver=1
Request Chain 291
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YIeFzbHLhFuPJgdDdZtULQAABLUAAAAB HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YIeFzbHLhFuPJgdDdZtULQAABLUAAAAB&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEKa8y7fJt8axwzx_OTbccHM&google_cver=1
Request Chain 292
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YIeFzbHLhFuPJgdDdZtULQAABLUAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YIeFzbHLhFuPJgdDdZtULQAABLUAAAAB&dcc=t
Request Chain 294
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YIeFzbHLhFuPJgdDdZtULQAA%261205 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YIeFzbHLhFuPJgdDdZtULQAA%261205
Request Chain 295
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=875739026286350479
Request Chain 296
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1622086349
Request Chain 299
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rjrqv8k&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=rjrqv8k&ttd_tpi=1 HTTP 302
  • https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=6a29a4ac-32c1-4184-a96e-95744166ca2c
Request Chain 306
  • https://ib.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 312
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DQcnBDw8TOarLBX3C7SEsA%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 314
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=0D072704-3C3C-4CE6-AB2C-15F70BB484B0&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=0D072704-3C3C-4CE6-AB2C-15F70BB484B0&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 315
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=0D072704-3C3C-4CE6-AB2C-15F70BB484B0&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=0D072704-3C3C-4CE6-AB2C-15F70BB484B0&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=0D072704-3C3C-4CE6-AB2C-15F70BB484B0&addseg=21
Request Chain 316
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MEQwNzI3MDQtM0MzQy00Q0U2LUFCMkMtMTVGNzBCQjQ4NEIw&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 317
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFYIb4P6drpkxWNYeGqKU4k&google_cver=1
Request Chain 319
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:22286087-85ce-4700-b23f-e537115f5715&gdpr=0&gdpr_consent=
Request Chain 320
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3996633480376740204
Request Chain 321
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=6a29a4ac-32c1-4184-a96e-95744166ca2c
Request Chain 322
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4362628138997400124&gdpr=0&gdpr_consent=
Request Chain 324
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0D072704-3C3C-4CE6-AB2C-15F70BB484B0&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0D072704-3C3C-4CE6-AB2C-15F70BB484B0&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-0SqzvnZE2uVr5aDH0DvxPqJ7nWQFTHQ-~A&gdpr=0&gdpr_consent=
Request Chain 325
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=c647e42d-1250-4631-8c5e-1e4fe110bed2&ssp=pubmatic&user_group=1 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=366&expires=14&user_id=c647e42d-1250-4631-8c5e-1e4fe110bed2&ssp=pubmatic&user_group=1 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ca99a85e-ff88-4b37-8e55-0f72b3c8a270&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 327
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJuNX0d-MRIw0UN4UlUuCO8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Request Chain 328
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjYyMTk3ODU4Mzc5NTY0NTE2MQ%3D%3D
Request Chain 330
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2621978583795645161?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-VF5gsZZE2oT99bkQGq4reW_BtO.mt_q5kf9JC6EnLA--~A&dongle=0883
Request Chain 331
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=4362628138997400124&dongle=4d58&gdpr=1&gdpr_consent=
Request Chain 332
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=2621978583795645161 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2621978583795645161&dcc=t
Request Chain 333
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 339
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1 HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Request Chain 343
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=QbXWE2Ps1LBesE5
Request Chain 344
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx HTTP 302
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=16122757-8bd9-4419-8bf2-3ed30e67139e&ssp=openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=ca99a85e-ff88-4b37-8e55-0f72b3c8a270
Request Chain 345
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHcEswN0JEd3dBQUNzcnRRSjF1dw&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
Request Chain 346
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=20986087-85cf-4a00-9f6f-84600926b913
Request Chain 347
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=tEQ_vrpBY7mvRDC-5xUq6uNHZuqvQWG45EUOK0x1
Request Chain 348
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3714429003386952436
Request Chain 350
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZWQyOTM2ZDAtZGNiYS02MWQ5LTY4N2QtYjg1N2VjMDE2NzY2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZWQyOTM2ZDAtZGNiYS02MWQ5LTY4N2QtYjg1N2VjMDE2NzY2&google_tc=
Request Chain 351
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOOf9tH0KWjchgP6QwHqOsU&google_cver=1
Request Chain 352
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 354
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=8a2b823d-1562-031e-1718-fd29d14f8954
Request Chain 355
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP33418bd1-a709-11eb-b653-0283ac77b496 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-RIhWlFtE2uEVPuENMoXOEmZVbgzHFu7b~A~UP33418bd1-a709-11eb-b653-0283ac77b496
Request Chain 356
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=ttd&uid=5ae81d0d-3d7e-4b6a-aeb7-93b50cf5becf&ttl=1622086352
Request Chain 358
  • https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=5651f3b5ad495670b9e8afea73c65f3ac93e884f
Request Chain 359
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOW5SQF5u2eg5wiRHJB7_gs&google_cver=1
Request Chain 362
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:8cbf6087-85cf-4300-85f2-0f86229f07b1&gdpr=0&gdpr_consent=
Request Chain 364
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3979682817167768895
Request Chain 365
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=69af026e-1af6-41a9-b4e0-8e7cf05e6fc1
Request Chain 366
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2983638079502412303&gdpr=0&gdpr_consent=
Request Chain 367
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4UxGyPZlQk-95_q9QBWbag%3D%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4UxGyPZlQk-95_q9QBWbag%3D%3D&google_tc= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 369
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=E14C46C8-F665-424F-BDE7-FABD40159B6A&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=E14C46C8-F665-424F-BDE7-FABD40159B6A&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 370
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=E14C46C8-F665-424F-BDE7-FABD40159B6A&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=E14C46C8-F665-424F-BDE7-FABD40159B6A&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=E14C46C8-F665-424F-BDE7-FABD40159B6A&addseg=21
Request Chain 371
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTE0QzQ2QzgtRjY2NS00MjRGLUJERTctRkFCRDQwMTU5QjZB&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTE0QzQ2QzgtRjY2NS00MjRGLUJERTctRkFCRDQwMTU5QjZB&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 373
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=E14C46C8-F665-424F-BDE7-FABD40159B6A&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-rf9hcGJE2uVYvudOCVEzZvC6uee44.M-~A&gdpr=0&gdpr_consent=
Request Chain 374
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ums.acuityplatform.com/bum?tpid=29&uid=ca99a85e-ff88-4b37-8e55-0f72b3c8a270&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=236&user_id=575301050043&expires=30&user_group=1&ssp=Pubmatic

385 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
www.newser.com/
Redirect Chain
  • http://www.newser.com/
  • https://www.newser.com/
245 KB
65 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.newser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.114.51.62 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8e6eb1b23f149d1fe11392b8d0bf97a03ba5b37e8c05362f51255f4fa07ad537

Request headers

Host
www.newser.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control
private, no-store
Pragma
no-cache
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
Tue, 27 Apr 2021 03:31:21 GMT
Vary
Accept-Encoding
Scheme
https
RawURL
/
Set-Cookie
ASP.NET_SessionId=0yjqj4kz5v3lzywm10dra5xj; path=/; HttpOnly; SameSite=Lax USERCREDENTIALS=EMAIL=&PASSWORD=&USERID=0&VISITORID=1454566181; expires=Fri, 25-Apr-2031 03:32:22 GMT; path=/; secure; SameSite=Lax USERSETTINGS=; expires=Mon, 26-Apr-2021 03:32:22 GMT; path=/; secure; SameSite=Lax
Date
Tue, 27 Apr 2021 03:32:22 GMT

Redirect headers

Location
https://www.newser.com/
Scheme
http
RawURL
/
Date
Tue, 27 Apr 2021 03:32:20 GMT
Content-Length
0
css
fonts.googleapis.com/ 		20 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,400italic,100,100italic,300,300italic,500,500italic,700,700italic
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
871a8f1084b6a27c4a67c854ba86e745d89be827f9bbc9057cbf3e535722cee1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 27 Apr 2021 02:28:03 GMT
server
ESF
date
Tue, 27 Apr 2021 03:32:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 27 Apr 2021 03:32:22 GMT
stylesheet.ashx
static1-azrcdn.newser.com/stylesheets/20210409_1520/ 		130 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static1-azrcdn.newser.com/stylesheets/20210409_1520/stylesheet.ashx?file=responsive.css
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1345fd31c871f1be80924e6020298e182023f420b49e740bed5903748fc27546

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
content-encoding
br
x-azure-ref-originshield
0eq6GYAAAAAAz7s6WfuF1SrFYJmCKLC81TE9OMjFFREdFMDExMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/stylesheets/20210409_1520/stylesheet.ashx?file=responsive.css
x-azure-ref
0xoWHYAAAAAA5iEZNQQSfR4YS7q/BFFiaRlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
text/css; charset=utf-8
cache-control
public, max-age=2592000
scheme
https
jquery-1.12.4.min.js
static1-azrcdn.newser.com/javascript/20210409_1520/ 		114 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1-azrcdn.newser.com/javascript/20210409_1520/jquery-1.12.4.min.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
996d298d6f8685a3ae28eace9249e3580bb8d13d91d424573fefb40d52980269

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
content-encoding
br
last-modified
Fri, 04 Dec 2020 19:36:38 GMT
x-azure-ref-originshield
0M+OAYAAAAACIf/B/SEmwTodkSQ5Z1nOrTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0xoWHYAAAAADhRBIqYPxiQbt7onXyN0FSRlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
text/javascript
cache-control
max-age=604800
accept-ranges
bytes
javascript.ashx
static1-azrcdn.newser.com/javascript/20210409_1520/ 		207 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1-azrcdn.newser.com/javascript/20210409_1520/javascript.ashx?file=newser.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6f94014e7f3634aaa24b7c42f84bbc32da785c6ad42fd229674be824922349e6

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
content-encoding
br
x-azure-ref-originshield
0mAWHYAAAAABzfHW0USoiSoJA9ugF/76RTE9OMjFFREdFMTUyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/javascript/20210409_1520/javascript.ashx?file=newser.js
x-azure-ref
0xoWHYAAAAAAvIbyQjwdmSoQSkJWdIcWWRlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=2592000
scheme
https
modernizr-custom.js
static2-azrcdn.newser.com/javascript/20210409_1520/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static2-azrcdn.newser.com/javascript/20210409_1520/modernizr-custom.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d6a2745332948716c2d3849e9b1d02451515f96ec7ab4749855794dea0272857

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
content-encoding
br
last-modified
Mon, 06 Jul 2020 18:04:17 GMT
x-azure-ref-originshield
0AHiGYAAAAABE/T2EkGmeRK6rosW/0NkgTE9OMjFFREdFMDIxMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0xoWHYAAAAADdfvYR5+d4T4l+bdU2b+GfRlJBRURHRTEwMTgAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
text/javascript
cache-control
max-age=604800
accept-ranges
bytes
jcarousel_min.js
static1-azrcdn.newser.com/javascript/20210409_1520/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1-azrcdn.newser.com/javascript/20210409_1520/jcarousel_min.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2b291810374483e61126df23f32490a6f8a629062a6f00f0d10d7b52ed2a2762

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
content-encoding
br
last-modified
Mon, 06 Jul 2020 18:04:17 GMT
x-azure-ref-originshield
0FXSFYAAAAAD0E5Q5fBmcRa+vxthSssQMTE9OMjFFREdFMTUxOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0xoWHYAAAAACxSwD897Y5Sp/oQ0z+g2c5RlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
text/javascript
cache-control
max-age=604800
accept-ranges
bytes
widgets.js
platform.twitter.com/ 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/javascript/20210409_1520/javascript.ashx?file=newser.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67AA) /
Resource Hash
501ed6f37588ea4083347c8c1b9fd9bfbc560f8f9977aa2847749e0977063f6c

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 03:32:22 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Apr 2021 22:47:45 GMT
Server
ECS (frb/67AA)
Age
104
Etag
"f8e2082c1f210ffae5a2de107bd73ffc+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
28769
/
api.ipify.org/ 		23 B
254 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/javascript/20210409_1520/jquery-1.12.4.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.249.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-249-42.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
751026cf2fbef8b1adfdd961cc9e16dd130a85036b3351c1e8ad3c39e957cb9f

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 03:32:22 GMT
Via
1.1 vegur
Server
Cowboy
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.newser.com
Connection
keep-alive
Content-Length
23
newser.min.js
global.proper.io/ 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.proper.io/newser.min.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53730a7fbcb3223f91059fe2cb0ed31fc1a9280048fea7f62cd0f047c4c2d3d2

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 23 Apr 2021 14:07:46 GMT
server
cloudflare
age
307380
etag
W/"6082d4b2-5e6b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
6464fbb77a072bf2-FRA
cf-request-id
09b2fba6af00002bf2e2abe000000001
expires
Tue, 27 Apr 2021 03:37:22 GMT
quant.js
secure.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8000d797097e74bfff377d2f3fca7e046ee4490ea4edb70c2c0b189575847629

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
content-encoding
gzip
etag
"9iaPKZLFg6XYoMRMhilE8g=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Tue, 04 May 2021 03:32:22 GMT
addthis_widget.js
s7.addthis.com/js/300/ 		353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.85.134 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-85-134.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
date
Tue, 27 Apr 2021 03:32:22 GMT
x-host
s7.addthis.com
content-length
116325
Back-Arrow-Button2.png
img2-azrcdn.newser.com/images/header/ 		271 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/images/header/Back-Arrow-Button2.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c0e2de1910c51b9146fec0cc847f64b28a62b86f030e1ea05a7d8b05c130dc9f

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield
03M6GYAAAAACqS2n3u4r0S589d7pWYW/sTE9OMjFFREdFMDIyMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0xoWHYAAAAAChlfpTN3mXT5lsnidirGVMRlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
271
logo_white_text4.png
img1-azrcdn.newser.com/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/images/logo_white_text4.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c00e4b444e4089660152f10bb0cf87d45be907756bf33150841afc2f8a69d791

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Sat, 08 Aug 2020 15:47:42 GMT
x-azure-ref-originshield
0u9SGYAAAAAC+hN7u3l4NQY73+Nz6OyTHTE9OMjFFREdFMTUxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0xoWHYAAAAADjRC+WZ+NSSYGRxpGDyJHkRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
5004
menu2.png
img1-azrcdn.newser.com/images/header/ 		265 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/images/header/menu2.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
31c724707624a3682770d54e8b216f04db44eff6fefb8313d9178ef0f69a694b

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield
0FAeHYAAAAADC4F52HijzQYFyzjIOahV4TE9OMjFFREdFMDIxNQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0xoWHYAAAAABJSvBMgZzjS7nZEVdrkiiKRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
265
next-active.png
img1-azrcdn.newser.com/images/header/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/images/header/next-active.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e4400f21afb8b0d177c8cc1d042db58cd67ab5f03bb076cc84d9fc19523aebca

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield
0ruaAYAAAAABW6XC3B/JFTK3TFfjgb8PiTE9OMjFFREdFMDIxMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0xoWHYAAAAADMgaL/ux3sQ7ZQbS1kHAYLRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
1304
next-inactive.png
img1-azrcdn.newser.com/images/header/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/images/header/next-inactive.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3c413d9ecb857ab839e9147e9a72b0967a80151bae1aec1b1771c623006f5bc

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield
0YgaBYAAAAACkGk40VgtTSIJnNlJpOg1NTE9OMjFFREdFMDEyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0xoWHYAAAAAB1DpwoHHX3TLECIlqUOhFGRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
1096
prev-active.png
img1-azrcdn.newser.com/images/header/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/images/header/prev-active.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
354cd674accaa26badff834bcbb7487aa7f99930f19cd864d71e6359b6b3f346

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield
0AWeGYAAAAAD/HwjhOkP5QZ2v5bX+N01eTE9OMjFFREdFMDIxNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0xoWHYAAAAABD0MpSw8m3TrkNHIuZcwIvRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
1295
prev-inactive.png
img1-azrcdn.newser.com/images/header/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/images/header/prev-inactive.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fce94e8d493fb1b0c5264ad0ca94f542ca10c39b95eca426ecc0ffbb88e25077

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield
0FAeHYAAAAACl/HauWshIT58Aj5IYSWeDTE9OMjFFREdFMDEwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0xoWHYAAAAAAEJeDL/0CcT7/ncv+//uvyRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
1071
spacer.gif
img1-azrcdn.newser.com/images/ 		43 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/images/spacer.gif
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 06 Jul 2020 18:04:09 GMT
x-azure-ref-originshield
00JaAYAAAAABOmD8e98lUQp1YduPg3iEBTE9OMjFFREdFMDExOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0xoWHYAAAAABosg4SkqmoTauPXw/y08uxRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/gif
cache-control
max-age=604800
accept-ranges
bytes
content-length
43
Suggest_Icon.png
img1-azrcdn.newser.com/images/ 		723 B
955 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/images/Suggest_Icon.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d1477d2bfda88c678c2deaffb53f18784ca00294d7318a2521f4b95baa375e3c

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 06 Jul 2020 18:04:10 GMT
x-azure-ref-originshield
0GQaBYAAAAAB0Wu5M+5bfSYETPIzx0a1vTE9OMjFFREdFMDExNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0xoWHYAAAAADpolpiQliSS7Qyfqfnp/FCRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
723
Apple.png
img1-azrcdn.newser.com/images/footer/ 		511 B
794 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/images/footer/Apple.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1126dae47147dee29ca9bffbbd45f3e609f7d38a2c17cd4f5c73283db4e6304a

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield
03M6GYAAAAAAy7Nz0f9a4Qbgpfrrh4nrYTE9OMjFFREdFMDExMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0xoWHYAAAAAAnFmIXFGIoSppMTntMF+lfRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
511
Android.png
img1-azrcdn.newser.com/images/footer/ 		647 B
858 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/images/footer/Android.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ef983d6dcfe16576a9be98a6fe4d2c99552c9e76fe46fefb29dc2ae2cc5082c3

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield
0HQmHYAAAAADdkED41Qw+T6OD6jNDjs+JTE9OMjFFREdFMDIyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0xoWHYAAAAADBn3HaAySYTYlX5dPDe8njRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
647
Windows.png
img1-azrcdn.newser.com/images/footer/ 		573 B
792 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/images/footer/Windows.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a9adbf9ff6cb67410da32776829c98497f78937808849c0c77c476ad5bf8c1a6

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield
0HyaHYAAAAABCDPwGTQAOQqYVKRbwgn8CTE9OMjFFREdFMDExOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0xoWHYAAAAADMnxSjZ2ZsRZfRf8Mx/QJSRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
573
icon-72r2.png
img2-azrcdn.newser.com/images/pwa/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/images/pwa/icon-72r2.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d8fe36a17aa5e4cd1a197c81235633a1e44ca292162a06b9b7dc1dc37981a211

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 06 Jul 2020 18:04:15 GMT
x-azure-ref-originshield
08QeHYAAAAAC/67Jt3UBhS7A7aVOSKIFJTE9OMjFFREdFMDExMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0xoWHYAAAAABWtUvgveeLRordtfc7Kim6RlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
2120
logo-newser-top.jpg
img2-azrcdn.newser.com/images/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/images/logo-newser-top.jpg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d8f64ca73c0faaf5d9d1e56252a2d89a23262ea516e7d731adaf5f255d4081a3

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 06 Jul 2020 18:04:08 GMT
x-azure-ref-originshield
0DGiGYAAAAAD6+kBQFJZ2TJWQSO/2pnGhTE9OMjFFREdFMDExOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0xoWHYAAAAADaJJ5mYRuwQ5F8FLjVaZVoRlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
28636
infinity.js.aspx
cdn.engine.4dsply.com/Scripts/ 		179 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=7f1a7287-2f7e-4f83-800d-06bd711ee14e
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9e11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
dbf17b9ee0457f6761fad5df3c49d061ed508a5b1b6980042a565c4c26bc7ad4

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
content-encoding
gzip
cf-cache-status
HIT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
age
17
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="CAO PSA OUR IND"
access-control-allow-origin
*
cache-control
public, no-transform, max-age=900
cf-ray
6464fbb7aaefdfbf-FRA
content-type
application/x-javascript; charset=utf-8
cf-request-id
09b2fba6c70000dfbf6bb6a000000001
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b141d1ed2adea27c209c5a4ac35ea4f98c138e38b182932b1e8357304d9a5615
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
sqrhHoKo5CEaCMaw3MdKZQ==
cross-origin-resource-policy
cross-origin
expires
Tue, 27 Apr 2021 03:42:36 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1779
x-fb-rlafr
0
x-fb-debug
dXj9Qqw1VPB7k1jZ8EjwfozwQitpIUqJZ7DccvJsZIi4by+4d81mTs5zgsz1Xc6+HHKhy8+GUOS3I2mHqCnfiA==
x-fb-trip-id
686109401
x-fb-content-md5
65ff2be0e7b93f65f3e4f6b75deb6956
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 27 Apr 2021 03:32:22 GMT
x-frame-options
DENY
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"34934055151c45ab77dc8252f3e29e34"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
newsern2.png
img2-azrcdn.newser.com/images/header/ 		782 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/images/header/newsern2.png
Requested by
Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20210409_1520/stylesheet.ashx?file=responsive.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3f9ebf128c9383c5fc8f3a73439f0e2dfb997f34318383e554b124e37c319c2e

Request headers

Referer
https://static1-azrcdn.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield
0DWiGYAAAAABC+rRTTPH0TrQos/rG2ENdTE9OMjFFREdFMDIxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0xoWHYAAAAAA+HErM1b5SRq3umIfxWNscRlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
782
triangle_white_down.svg
img1-azrcdn.newser.com/images/header/ 		618 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/images/header/triangle_white_down.svg
Requested by
Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20210409_1520/stylesheet.ashx?file=responsive.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
febc13d4fca620c0eda223b3febb844ecb01e4299569a936801b86ecc25609e8

Request headers

Referer
https://static1-azrcdn.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield
0jw6BYAAAAAAq6NCU6W5sQoEH4M/vUqL1TE9OMjFFREdFMDIwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0xoWHYAAAAADLz5QqxcZ5RohnJWOl+AYjRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/svg+xml
cache-control
max-age=604800
accept-ranges
bytes
content-length
618
user_white.svg
img2-azrcdn.newser.com/images/header/ 		1 KB
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/images/header/user_white.svg
Requested by
Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20210409_1520/stylesheet.ashx?file=responsive.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6d6d162a89e32c126f5019cbd4143ddf6cc9fbf19858a3272ad6ad5ac2beae14

Request headers

Referer
https://static1-azrcdn.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
content-encoding
br
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield
03c6GYAAAAADuNVEt8fThT55oSlVEDAYCTE9OMjFFREdFMTUxMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0xoWHYAAAAABo7W0BNCB4R7iw1ugCiIPgRlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/svg+xml
cache-control
max-age=604800
accept-ranges
bytes
search_white.svg
img2-azrcdn.newser.com/images/header/ 		916 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/images/header/search_white.svg
Requested by
Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20210409_1520/stylesheet.ashx?file=responsive.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
307c4cf0cec01251278a5201d04096f4b7afdb8ba2239801202adb1992c14ecb

Request headers

Referer
https://static1-azrcdn.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield
07w6HYAAAAACQ9pjJv/SASKFReC8p46uRTE9OMjFFREdFMDIyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0xoWHYAAAAACTbuPC0rWzQ7sjSEPbBCeqRlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/svg+xml
cache-control
max-age=604800
accept-ranges
bytes
content-length
916
info-white.png
img2-azrcdn.newser.com/images/header/ 		433 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/images/header/info-white.png
Requested by
Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20210409_1520/stylesheet.ashx?file=responsive.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a177a125d7384bd51ee15e3454c488ac0f2ba22a452f9bc3a96e29d2df4aef1b

Request headers

Referer
https://static1-azrcdn.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield
0g3iGYAAAAACJagalLg4lSIMQcIM1Rq7qTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0xoWHYAAAAAC0oIdDEwmSQpnKGhO2YQetRlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
433
settings2-white.jpg
img1-azrcdn.newser.com/images/header/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/images/header/settings2-white.jpg
Requested by
Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20210409_1520/stylesheet.ashx?file=responsive.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bbfcf92c6c94d918c51be1bdf1f14098db1c7454b2f025fb7d2eed08d8d84703

Request headers

Referer
https://static1-azrcdn.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield
0u9SGYAAAAABo0Ifj8mENT5G3xwf9KEfVTE9OMjFFREdFMDIxNABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0xoWHYAAAAAD2m3ffMgfeTJ3HZApdgSJuRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
1244
newsletter_white.svg
img2-azrcdn.newser.com/images/header/ 		912 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/images/header/newsletter_white.svg
Requested by
Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/stylesheets/20210409_1520/stylesheet.ashx?file=responsive.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
607ba5401803708cd7e7d54cb229467b42bcefa017c466d0290c2903989f9cec

Request headers

Referer
https://static1-azrcdn.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 06 Jul 2020 18:04:13 GMT
x-azure-ref-originshield
0qbaFYAAAAAClHZZqM142QK0jPg7PBARYTE9OMjFFREdFMTUxMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0xoWHYAAAAADOT5+blgVDS4cl+uzqfMFMRlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/svg+xml
cache-control
max-age=604800
accept-ranges
bytes
content-length
912
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,100,100italic,300,300italic,500,500italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.newser.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 15:35:29 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
age
388613
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
expires
Fri, 22 Apr 2022 15:35:29 GMT
calendar_close.png
img1-azrcdn.newser.com/images/ 		303 B
537 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/images/calendar_close.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a3942aea05f34d9aa17deb27766f216ce7bc0176e66b41518e5bdadb19400d67

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 06 Jul 2020 18:04:06 GMT
x-azure-ref-originshield
0r+aAYAAAAAAPW3KelqcMQa9iyFqF7bhiTE9OMjFFREdFMTUwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0xoWHYAAAAACZSZFR+KVgQ7aJuTAkTnSqRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
303
left_month.png
img1-azrcdn.newser.com/images/ 		274 B
507 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/images/left_month.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2f76122813dc216562d9a6c2d82279ff460696b28f8f66042399a02cf93732ba

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 06 Jul 2020 18:04:08 GMT
x-azure-ref-originshield
0HgmHYAAAAACqvkmho+dCTIkI1GX8Cll1TE9OMjFFREdFMDExMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0xoWHYAAAAACvEyj33NA3TrISWqIVtoMaRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
274
right_month.png
img2-azrcdn.newser.com/images/ 		259 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/images/right_month.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a0e3f7f11e3feb97a1b577675fcb17fb87538d414dc5342c96975b2bd2c94b86

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 06 Jul 2020 18:04:09 GMT
x-azure-ref-originshield
0HyaHYAAAAAB/jOBa4nvzQK5cRGL0IDOcTE9OMjFFREdFMTUyMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0xoWHYAAAAADZ8GoI5vbXTqGwZ4GrxXoJRlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
259
sdk.js
connect.facebook.net/en_US/ 		218 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=479d9fab0bac58c42eab5000d097a8ef&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
731224af03a86538e1bb908a3b7eccb1fc7d01cb2b48a5b85aaf0708f9618c5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.newser.com
Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
lgKVKAa5d2ISWcV9ZNNIAw==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
66008
x-fb-rlafr
0
x-fb-debug
OnVrtD0qmS8GPkKRlu9YhFW3O5tr4M/jPncyEiqFxafKlMivpTlAG6tpnvvHiKddnKecN+QNZS74Cb1XWMJvGg==
x-fb-content-md5
9682deecbe1c539ba94a36e5760d1826
x-frame-options
DENY
date
Tue, 27 Apr 2021 03:32:22 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"6ad715057964d23693f5dfa77064cc85"
timing-allow-origin
*
priority
u=3,i
expires
Wed, 27 Apr 2022 00:18:58 GMT
latest.js
global.proper.io/payloads/ 		319 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.proper.io/payloads/latest.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/newser.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35093baf103e71966e4a720b9f6785024df6ac9be544e6411c696b438957b74b

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Jan 2021 15:33:24 GMT
server
cloudflare
age
3047401
etag
W/"5fff12c4-4fbd6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
6464fbb7aa312bf2-FRA
cf-request-id
09b2fba6c600002bf2c73ca000000001
expires
Tue, 27 Apr 2021 03:37:22 GMT
Grid_Icon.png
img2-azrcdn.newser.com/images/ 		202 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/images/Grid_Icon.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3b556e6cee32c4b0c80ef893fd00eaea90330b3a127a8dffecabbedaf6aba7c5

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 06 Jul 2020 18:04:07 GMT
x-azure-ref-originshield
0g3iGYAAAAACS9tqsqL6yRLnVHjisVsf6TE9OMjFFREdFMDIxMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0xoWHYAAAAACOM/g+Eh7ER55w0sK+V5SKRlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
202
Popular_Icon.png
img1-azrcdn.newser.com/images/ 		1005 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/images/Popular_Icon.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
316f775333e0567a2ea23141b96349652855962025964f0ba097c64c06fb639a

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 06 Jul 2020 18:04:09 GMT
x-azure-ref-originshield
063eFYAAAAADOZHIul2eBSIFYowMOrebDTE9OMjFFREdFMTUxMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0xoWHYAAAAABw5dmcaeY1Qqtfonot6MVeRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
1005
guest-essay-replaces-op-ed-at-times.jpeg
img2-azrcdn.newser.com/square-image/305411-20210426195812-M/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/square-image/305411-20210426195812-M/guest-essay-replaces-op-ed-at-times.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
65ca91ddfe4f791727d10f3f0c5f5dd576b2b5692fc90f971c1ee37489647f24

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Tue, 27 Apr 2021 01:00:06 GMT
x-azure-ref-originshield
0mXeHYAAAAABQmgDE/qqeRpzKoBb5l6MRTE9OMjFFREdFMDEwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305411-20210426195812-M/guest-essay-replaces-op-ed-at-times.jpeg
x-azure-ref
0xoWHYAAAAAA65kTGUSJzSag5isXjKZQlRlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
51435
scheme
https
sailor-can-go-home-after-4-years-on-abandoned-ship.jpeg
img2-azrcdn.newser.com/square-image/305397-20210426193334-M/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/square-image/305397-20210426193334-M/sailor-can-go-home-after-4-years-on-abandoned-ship.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e56c2e86ab686acb146a8627145eade1273b973f9a0c60300cfc55ef9b12d000

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Tue, 27 Apr 2021 00:34:46 GMT
x-azure-ref-originshield
0v1+HYAAAAABvcCU/MVN+RbVzb+8L8ungTE9OMjFFREdFMTUyMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305397-20210426193334-M/sailor-can-go-home-after-4-years-on-abandoned-ship.jpeg
x-azure-ref
0xoWHYAAAAAAZH7f7p0/5Q66jD/WkRCSPRlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
42210
scheme
https
newsom-recall-heads-toward-the-ballot.jpeg
img1-azrcdn.newser.com/square-image/305412-20210426191313-M/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/square-image/305412-20210426191313-M/newsom-recall-heads-toward-the-ballot.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5c4d5240455912f3db70a530cca391ce041419baf9e63439056c136292d283da

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Tue, 27 Apr 2021 00:16:46 GMT
x-azure-ref-originshield
0e1uHYAAAAABxwhng6tCrQJVm9oPmyXXBTE9OMjFFREdFMDExNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305412-20210426191313-M/newsom-recall-heads-toward-the-ballot.jpeg
x-azure-ref
0xoWHYAAAAADFd9F2pPsQQbPWAJ/iLbzfRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
46180
scheme
https
erdogan-defiant-after-bidens-statement-on-genocide.jpeg
img1-azrcdn.newser.com/square-image/305410-20210426185458-M/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/square-image/305410-20210426185458-M/erdogan-defiant-after-bidens-statement-on-genocide.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
06a6d1879723de25acf7c21ffeccd6681848492b2a27fb74b4604b7013d791b9

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 26 Apr 2021 23:56:51 GMT
x-azure-ref-originshield
0e1uHYAAAAAAQ2HkdLVYFQYfeLLTVorpTTE9OMjFFREdFMDExMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305410-20210426185458-M/erdogan-defiant-after-bidens-statement-on-genocide.jpeg
x-azure-ref
0xoWHYAAAAAA0taOVlS11ToOZMrSrnnbBRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
55137
scheme
https
us-to-share-vaccine-stockpile-with-world.jpeg
img2-azrcdn.newser.com/square-image/305409-20210426182027-M/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/square-image/305409-20210426182027-M/us-to-share-vaccine-stockpile-with-world.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0ddfbb5f026dfa356e9a1d120238cc19a24357bfd0ea3e804dc4434e577b747b

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 26 Apr 2021 23:22:50 GMT
x-azure-ref-originshield
0T1GHYAAAAABygWr414uvQ4IQtFaCJ8jfTE9OMjFFREdFMDIyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305409-20210426182027-M/us-to-share-vaccine-stockpile-with-world.jpeg
x-azure-ref
0xoWHYAAAAABcjr2JfE3mRoNMWirno/GYRlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
42193
scheme
https
andrew-brown-jrs-family-sees-brief-bodycam-video.jpeg
img1-azrcdn.newser.com/square-image/305406-20210426175028-M/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/square-image/305406-20210426175028-M/andrew-brown-jrs-family-sees-brief-bodycam-video.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
98036e72abafeb029af5a7152de7e4208dfed9967376780233f308d8b56229fe

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 26 Apr 2021 22:51:28 GMT
x-azure-ref-originshield
0T1GHYAAAAAAysWlhw8RSQLICbILS90bhTE9OMjFFREdFMDExNQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305406-20210426175028-M/andrew-brown-jrs-family-sees-brief-bodycam-video.jpeg
x-azure-ref
0xoWHYAAAAABzr8cV1jmuRJM1bkuK1twJRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
63452
scheme
https
census-moves-house-seats-to-texas-florida.jpeg
img2-azrcdn.newser.com/square-image/305405-20210426171714-M/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/square-image/305405-20210426171714-M/census-moves-house-seats-to-texas-florida.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fa07a58956910a891d47f72975d81174117e7ac2305cd66ebee37dc846fe3f9b

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 26 Apr 2021 22:19:59 GMT
x-azure-ref-originshield
0Vz+HYAAAAABYGumaCzcGRZLzsV+8kvDcTE9OMjFFREdFMDIxNABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305405-20210426171714-M/census-moves-house-seats-to-texas-florida.jpeg
x-azure-ref
0xoWHYAAAAAAxCr+0aFDBRbk/eBS59oHERlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
57350
scheme
https
oscars-were-a-ratings-disaster.jpeg
img2-azrcdn.newser.com/square-image/305407-20210426165028-M/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/square-image/305407-20210426165028-M/oscars-were-a-ratings-disaster.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ba7a42fab7088ac9920a53854c26008e23e33a5a95103b316008a2e3b9120f3f

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 26 Apr 2021 21:53:08 GMT
x-azure-ref-originshield
0RDaHYAAAAACl05WYpL50T4OHH8ULzZ6FTE9OMjFFREdFMDIyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305407-20210426165028-M/oscars-were-a-ratings-disaster.jpeg
x-azure-ref
0xoWHYAAAAACTQVZB5MxVQrzs3E1E7tqLRlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
44172
scheme
https
philips-death-adds-pressure-for-charles-to-make-changes.jpeg
img1-azrcdn.newser.com/square-image/305402-20210426161812-M/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/square-image/305402-20210426161812-M/philips-death-adds-pressure-for-charles-to-make-changes.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
31138ee0585c7fac8d3d8d5e6ea7da58b2861faa99b5c158e5196d84ebf170ab

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 26 Apr 2021 21:20:45 GMT
x-azure-ref-originshield
0+i6HYAAAAAB9RLIGBJv7QZ4z4H5G4+fTTE9OMjFFREdFMDEwNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305402-20210426161812-M/philips-death-adds-pressure-for-charles-to-make-changes.jpeg
x-azure-ref
0xoWHYAAAAABDlGL8QqepQ77HubZTbtx3RlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
54521
scheme
https
indexes-hit-record-highs-as-corporate-profits-soar.jpeg
img1-azrcdn.newser.com/square-image/305408-20210426161243-M/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/square-image/305408-20210426161243-M/indexes-hit-record-highs-as-corporate-profits-soar.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3ef8a126b3e5919caca2a4d5d25a4536531bb088e8059372b48f1a8bb307dfd0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 26 Apr 2021 21:15:06 GMT
x-azure-ref-originshield
0Oi6HYAAAAAAjBY0MlAFPSLMOeSFukVUtTE9OMjFFREdFMTUwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305408-20210426161243-M/indexes-hit-record-highs-as-corporate-profits-soar.jpeg
x-azure-ref
0xoWHYAAAAABD0m8Zb5G9TYN5rponIz5HRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
59318
scheme
https
could-chernobyl-become-a-unesco-world-heritage-site.jpeg
img2-azrcdn.newser.com/square-image/305399-20210426154558-M/ 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/square-image/305399-20210426154558-M/could-chernobyl-become-a-unesco-world-heritage-site.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
16783388daf0273eb6bda42a99aae780c3fe81c6e8e61c6ae50cea216e1635de

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 26 Apr 2021 20:46:57 GMT
x-azure-ref-originshield
0Oy6HYAAAAABS4SMfYe65ToIxB52q+cC+TE9OMjFFREdFMDEwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305399-20210426154558-M/could-chernobyl-become-a-unesco-world-heritage-site.jpeg
x-azure-ref
0xoWHYAAAAACj/ocmR+GKTpWFhAW7uGnsRlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
50458
scheme
https
santorum-there-was-nothing-here-when-settlers-arrived.jpeg
img1-azrcdn.newser.com/square-image/305400-20210426150413-M/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/square-image/305400-20210426150413-M/santorum-there-was-nothing-here-when-settlers-arrived.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c0b673dcbefd798e8211d0e84e4c9a5dd69f9b8344b1b1967f54d5aa27e19ded

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 26 Apr 2021 20:05:15 GMT
x-azure-ref-originshield
0CiCHYAAAAAC6777ozk02RYTX1H6lVPKsTE9OMjFFREdFMDEyMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305400-20210426150413-M/santorum-there-was-nothing-here-when-settlers-arrived.jpeg
x-azure-ref
0xoWHYAAAAADIF73FCw4oRJ5DjM+2N1KyRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
50048
scheme
https
house_grid_morning.png
img1-azrcdn.newser.com/images/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/images/house_grid_morning.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
185b7539076b9f8d807c5740180aac4e2a4b3bc2912b4e9485950ccddb4cb39e

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 06 Jul 2020 18:04:07 GMT
x-azure-ref-originshield
0ZtSGYAAAAAA8NpOH+wX7QKcQl4bFiPKjTE9OMjFFREdFMTUxOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0xoWHYAAAAABZkw5TiaacTouI4SgA6g+vRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
34113
china-mutes-even-censors-reaction-to-chloe-zhao-win.jpeg
img2-azrcdn.newser.com/square-image/305393-20210426145058-M/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/square-image/305393-20210426145058-M/china-mutes-even-censors-reaction-to-chloe-zhao-win.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bf9bdce91631a7316f139083394cdf00eab956acb844cd593001e05fed86fcff

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 26 Apr 2021 19:51:21 GMT
x-azure-ref-originshield
0qBqHYAAAAACftYcVxjWSQLqgLVsznPHrTE9OMjFFREdFMTUxNABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305393-20210426145058-M/china-mutes-even-censors-reaction-to-chloe-zhao-win.jpeg
x-azure-ref
0xoWHYAAAAACa4ohpxkzSTqO1vVFNGOxnRlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
58006
scheme
https
ag-announces-probe-into-louisville-policing.jpeg
img2-azrcdn.newser.com/square-image/305403-20210426143658-M/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/square-image/305403-20210426143658-M/ag-announces-probe-into-louisville-policing.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0e4a39e51c9086a8c1269e62fa3009e8e7ccd9c7dae6cffb16c2ad043a7ffcd0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 26 Apr 2021 19:38:46 GMT
x-azure-ref-originshield
0wheHYAAAAABY/kJb0mfkT4iE2ZKPNWtSTE9OMjFFREdFMDIwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305403-20210426143658-M/ag-announces-probe-into-louisville-policing.jpeg
x-azure-ref
0xoWHYAAAAAB9UHWMGIktRr99wUTZYgzFRlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
69244
scheme
https
us-has-long-listed-8-major-food-allergens-now-there-are-9.jpeg
img1-azrcdn.newser.com/square-image/305404-20210426185545-M/ 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/square-image/305404-20210426185545-M/us-has-long-listed-8-major-food-allergens-now-there-are-9.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0c19d9507a5e950ae4e3115a08e5213ad6daf7952e54fc1d89c7a60e3b966c49

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 26 Apr 2021 23:56:50 GMT
x-azure-ref-originshield
0e1uHYAAAAADE8mShIK/fTpBZmG3rz4aXTE9OMjFFREdFMTUyMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305404-20210426185545-M/us-has-long-listed-8-major-food-allergens-now-there-are-9.jpeg
x-azure-ref
0xoWHYAAAAAC+pUb5eM0qRKvCMEvXd3e4RlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
69113
scheme
https
nc-city-declares-emergency-before-police-video-released.jpeg
img2-azrcdn.newser.com/square-image/305401-20210426140237-M/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/square-image/305401-20210426140237-M/nc-city-declares-emergency-before-police-video-released.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b6c7f8d94cedfa8e0406e096f4e89e79ba3b55ba517864bb47dab369959f8949

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 26 Apr 2021 19:05:34 GMT
x-azure-ref-originshield
0/Q6HYAAAAAD0z/glHO/dRbIgM6aRwQQ9TE9OMjFFREdFMTUxNABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305401-20210426140237-M/nc-city-declares-emergency-before-police-video-released.jpeg
x-azure-ref
0xoWHYAAAAABeqtaoXB3iRb2fAaMGASmXRlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
59296
scheme
https
u-hauls-suddenly-popular-in-hawaii-not-why-you-think.jpeg
img1-azrcdn.newser.com/square-image/305394-20210426133221-M/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/square-image/305394-20210426133221-M/u-hauls-suddenly-popular-in-hawaii-not-why-you-think.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
383c5b8801aa54de5b4aa1318f2d96d800534a617f5fc94e1705ac48284de464

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 26 Apr 2021 18:32:41 GMT
x-azure-ref-originshield
0SQeHYAAAAADSYvujxVeaQYeas1Oki2RoTE9OMjFFREdFMTUxNABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305394-20210426133221-M/u-hauls-suddenly-popular-in-hawaii-not-why-you-think.jpeg
x-azure-ref
0xoWHYAAAAADmtZ642+HpS7eXmzs6+ZPbRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
57206
scheme
https
anthony-hopkins-was-asleep-when-he-won-best-actor.jpeg
img1-azrcdn.newser.com/square-image/305398-20210426130128-M/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/square-image/305398-20210426130128-M/anthony-hopkins-was-asleep-when-he-won-best-actor.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6e7b0bd65549bb16cd8d50d6dee97b2ad2920be364b7f677b53050913bd98881

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 26 Apr 2021 18:02:23 GMT
x-azure-ref-originshield
0ywGHYAAAAADNUSWIAy0LSqe8mewqdkbSTE9OMjFFREdFMTUyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305398-20210426130128-M/anthony-hopkins-was-asleep-when-he-won-best-actor.jpeg
x-azure-ref
0xoWHYAAAAAAP5Bx0Zp+hSZmoVpp+4RTIRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
50319
scheme
https
islands-lone-resident-leaving-after-3-decades.jpeg
img1-azrcdn.newser.com/square-image/305392-20210426133120-M/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/square-image/305392-20210426133120-M/islands-lone-resident-leaving-after-3-decades.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
709fc1bd9711c9f0e3869006d61ebd264afd2fa4765eb2a26a8bd1e6ea617a68

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 26 Apr 2021 18:31:48 GMT
x-azure-ref-originshield
0FAeHYAAAAAAM/bZTj3SfQrmQDPpO3aIcTE9OMjFFREdFMTUxOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305392-20210426133120-M/islands-lone-resident-leaving-after-3-decades.jpeg
x-azure-ref
0xoWHYAAAAADtfdAFV0fFRaeEz81uy7kiRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
47632
scheme
https
gronk-breaks-world-record-with-600-foot-catch.jpeg
img1-azrcdn.newser.com/square-image/305396-20210426120813-M/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/square-image/305396-20210426120813-M/gronk-breaks-world-record-with-600-foot-catch.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
353f8e7ae070c63633823557b6e76affbf02c320490c2047bd64aa33cf258c13

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 26 Apr 2021 17:08:29 GMT
x-azure-ref-originshield
07PSGYAAAAABtbMAgrEZkRonYbuSrCWS/TE9OMjFFREdFMTUxNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305396-20210426120813-M/gronk-breaks-world-record-with-600-foot-catch.jpeg
x-azure-ref
0xoWHYAAAAACZ2e2RdqOuT5jr9IwuZxw0RlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
48939
scheme
https
new-1b-apple-campus-is-in-the-works.jpeg
img1-azrcdn.newser.com/square-image/305390-20210426113858-M/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/square-image/305390-20210426113858-M/new-1b-apple-campus-is-in-the-works.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cc7b852c3cac86973829f19cb4623fd8a11e4e0125b91e03bbc39061ea828a34

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 26 Apr 2021 16:40:35 GMT
x-azure-ref-originshield
0LSaHYAAAAABYNxKPzQPkRI/fusK5H0cvTE9OMjFFREdFMDIyMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305390-20210426113858-M/new-1b-apple-campus-is-in-the-works.jpeg
x-azure-ref
0xoWHYAAAAABfLj5ZUlixQKkms3ggSLAZRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
47581
scheme
https
behold-the-most-expensive-sneakers.jpeg
img1-azrcdn.newser.com/square-image/305386-20210426111543-M/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/square-image/305386-20210426111543-M/behold-the-most-expensive-sneakers.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3c479efa4ab1507f7909eacf9ef6ae4616b876f7ac1f968b9e0044cfcb92f88

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 26 Apr 2021 16:16:44 GMT
x-azure-ref-originshield
0tOeGYAAAAABsdPKnOsuwTqB4kpd585eETE9OMjFFREdFMTUxNABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305386-20210426111543-M/behold-the-most-expensive-sneakers.jpeg
x-azure-ref
0xoWHYAAAAAALgSSxKcTDQ6U5XYU1IIZuRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
41903
scheme
https
teen-cheerleaders-profanity-is-a-supreme-court-case.jpeg
img2-azrcdn.newser.com/square-image/305365-20210426104943-M/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/square-image/305365-20210426104943-M/teen-cheerleaders-profanity-is-a-supreme-court-case.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ee841ee7fbf298d92da848c0f7dee9d128b36f609621b0118100938de9f9dcd3

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 26 Apr 2021 15:50:47 GMT
x-azure-ref-originshield
0LSaHYAAAAAA4Awk1vaTpQaY/KlH+e4mlTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305365-20210426104943-M/teen-cheerleaders-profanity-is-a-supreme-court-case.jpeg
x-azure-ref
0xoWHYAAAAAA29o0WmOkUTrPCHT53D3iSRlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
52028
scheme
https
backlash-on-musk-hosting-snl-just-a-ratings-ploy.jpeg
img2-azrcdn.newser.com/square-image/305385-20210426103028-M/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/square-image/305385-20210426103028-M/backlash-on-musk-hosting-snl-just-a-ratings-ploy.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
029750e55d40a527dbad54f1549177179897188925979fe1ece2313a23367a1d

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 26 Apr 2021 15:31:57 GMT
x-azure-ref-originshield
0LSaHYAAAAAAfnSAWYgLkQK6CgeI/GOHWTE9OMjFFREdFMDIxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305385-20210426103028-M/backlash-on-musk-hosting-snl-just-a-ratings-ploy.jpeg
x-azure-ref
0xoWHYAAAAAD8hImI0/NmSJ5LUpFTNF7tRlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
47099
scheme
https
house_grid_iphone.png
img2-azrcdn.newser.com/images/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/images/house_grid_iphone.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44da54fd69c8966482bc49d3744fff0a7fd944dc2dd5732d9f710da7df4329bf

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 06 Jul 2020 18:04:07 GMT
x-azure-ref-originshield
01XeGYAAAAAAEGjWgi2IERo8XktpeqAV5TE9OMjFFREdFMDExNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0xoWHYAAAAADuv3brMW/9SaE9BRIIkltFRlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
16207
supreme-court-takes-first-case-on-gun-rights-with-barrett.jpeg
img2-azrcdn.newser.com/square-image/305387-20210426133202-M/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/square-image/305387-20210426133202-M/supreme-court-takes-first-case-on-gun-rights-with-barrett.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9b4fa2eb85693ec78e58c89aafe35e5bf6f836e2abff841af4f80218263704a9

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 26 Apr 2021 18:32:33 GMT
x-azure-ref-originshield
0SweHYAAAAAD/MuPFE1rWS4eTzXIagMB9TE9OMjFFREdFMDIxNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305387-20210426133202-M/supreme-court-takes-first-case-on-gun-rights-with-barrett.jpeg
x-azure-ref
0xoWHYAAAAAA0zn59KtdXRJS2qHHwfsG7RlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
51685
scheme
https
mccarthy-speaks-out-on-call-with-trump-during-capitol-riot.jpeg
img2-azrcdn.newser.com/square-image/305383-20210426093728-M/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/square-image/305383-20210426093728-M/mccarthy-speaks-out-on-call-with-trump-during-capitol-riot.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
aa6da1ba932113bdc544473ad650d8c40a0debab6bba568ee615fc314c44e28b

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 26 Apr 2021 14:38:19 GMT
x-azure-ref-originshield
04NaGYAAAAABwvPv/Ud0tSaK7Y/b2AoTiTE9OMjFFREdFMDIyMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305383-20210426093728-M/mccarthy-speaks-out-on-call-with-trump-during-capitol-riot.jpeg
x-azure-ref
0xoWHYAAAAAD4UusZniPeQq9YLgG0YAVNRlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
48480
scheme
https
scientists-stunned-by-severity-of-indias-2nd-wave.jpeg
img2-azrcdn.newser.com/square-image/305381-20210426091039-M/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/square-image/305381-20210426091039-M/scientists-stunned-by-severity-of-indias-2nd-wave.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a907722d1ef1d5e3abcb0d7f95a9979f68509c859bcda5d1057c15f94fc2a55a

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 26 Apr 2021 14:10:50 GMT
x-azure-ref-originshield
03c6GYAAAAABzE8iHeKWFSrSdYltHXmxnTE9OMjFFREdFMTUxNABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305381-20210426091039-M/scientists-stunned-by-severity-of-indias-2nd-wave.jpeg
x-azure-ref
0xoWHYAAAAADDk6A4spVgQYE5IWzN+b8PRlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
63533
scheme
https
court-man-can-sue-bar-after-racist-attack.jpeg
img2-azrcdn.newser.com/square-image/305369-20210426083743-M/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/square-image/305369-20210426083743-M/court-man-can-sue-bar-after-racist-attack.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e46451a1600dbc128741a8b6549c727024b909f6c4e1ccf97c11498056223ccb

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 26 Apr 2021 13:38:53 GMT
x-azure-ref-originshield
0HQmHYAAAAAB4SWyJu+wVSK1OW2f0YpfETE9OMjFFREdFMTUxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305369-20210426083743-M/court-man-can-sue-bar-after-racist-attack.jpeg
x-azure-ref
0xoWHYAAAAABTcmE8CF/qQanfIPXU9NOzRlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
55841
scheme
https
airline-bans-lawmaker-who-balked-at-wearing-mask.jpeg
img1-azrcdn.newser.com/square-image/305374-20210426080828-M/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/square-image/305374-20210426080828-M/airline-bans-lawmaker-who-balked-at-wearing-mask.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1a9e82fb3296a34675ecd884ac0553e91f7c15192d449a362b0589200a253922

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 26 Apr 2021 13:10:22 GMT
x-azure-ref-originshield
0M72GYAAAAAAihY9qNJ+mQIxvZUbBvt76TE9OMjFFREdFMDIwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305374-20210426080828-M/airline-bans-lawmaker-who-balked-at-wearing-mask.jpeg
x-azure-ref
0xoWHYAAAAACO2ShwYVS/TJ7+clE2YU0eRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
50200
scheme
https
police-in-spain-charge-man-with-22-covid-infections.jpeg
img1-azrcdn.newser.com/square-image/305380-20210426075258-M/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/square-image/305380-20210426075258-M/police-in-spain-charge-man-with-22-covid-infections.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0477aa148f76bfbc151ffc02256cf9fdf07062900a25f497367451a2826becd1

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 26 Apr 2021 12:54:56 GMT
x-azure-ref-originshield
0M72GYAAAAABwwMP0xyvGRIrUs6CphFEZTE9OMjFFREdFMTUwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305380-20210426075258-M/police-in-spain-charge-man-with-22-covid-infections.jpeg
x-azure-ref
0xoWHYAAAAABHjCp0ufMnSrvvYzJB8oEXRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
52513
scheme
https
unlikely-feud-land-surveyors-vs-drone-operators.jpeg
img2-azrcdn.newser.com/square-image/305379-20210426102340-M/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/square-image/305379-20210426102340-M/unlikely-feud-land-surveyors-vs-drone-operators.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
289369a25a6d90484adde55f7545ef7414dcc6ee72d9b0b97e297b5900f0dff9

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 26 Apr 2021 18:31:49 GMT
x-azure-ref-originshield
0HQmHYAAAAAAgMTBHWun3TIbhT9t+mTC1TE9OMjFFREdFMDIxNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305379-20210426102340-M/unlikely-feud-land-surveyors-vs-drone-operators.jpeg
x-azure-ref
0xoWHYAAAAAAy0TY/5S58Tp/g4iABI1NcRlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
48741
scheme
https
nypd-seeks-rock-throwing-vandal-in-attack-on-synagogues.jpeg
img1-azrcdn.newser.com/square-image/305372-20210426064228-M/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/square-image/305372-20210426064228-M/nypd-seeks-rock-throwing-vandal-in-attack-on-synagogues.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9b5e9c2eaadf06a925dd0d1b4359af54aab1f2b67469a75418b9a012862ee43c

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 26 Apr 2021 11:45:09 GMT
x-azure-ref-originshield
0xKeGYAAAAABFvqiX9+A+T5syOoI4CBiFTE9OMjFFREdFMDIxMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305372-20210426064228-M/nypd-seeks-rock-throwing-vandal-in-attack-on-synagogues.jpeg
x-azure-ref
0xoWHYAAAAACVIL1AtIX2TKf4HjAl60+iRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
38439
scheme
https
biggest-oscar-surprises.jpeg
img1-azrcdn.newser.com/square-image/305378-20210426091014-M/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/square-image/305378-20210426091014-M/biggest-oscar-surprises.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b02060f85d40d27d1e45d85293d66a1ebf101186d1528740ec493241ac0d7d74

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 26 Apr 2021 14:10:50 GMT
x-azure-ref-originshield
04NaGYAAAAABsBNHDzD3xSavlTlO7CAQrTE9OMjFFREdFMDIxMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305378-20210426091014-M/biggest-oscar-surprises.jpeg
x-azure-ref
0xoWHYAAAAACPwVRIz4tYQo+YHcg+CYjnRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
48652
scheme
https
think-youre-safe-from-ticks-at-the-beach-think-again.jpeg
img2-azrcdn.newser.com/square-image/305347-20210426055643-M/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/square-image/305347-20210426055643-M/think-youre-safe-from-ticks-at-the-beach-think-again.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f350da55ad21b0620e745dc85fbe2b1e73c5404bf4ecc1963f538d934039026a

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 26 Apr 2021 10:58:47 GMT
x-azure-ref-originshield
0n52GYAAAAABqTiFuWCHFQ69EQRpxr9+yTE9OMjFFREdFMTUxMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305347-20210426055643-M/think-youre-safe-from-ticks-at-the-beach-think-again.jpeg
x-azure-ref
0xoWHYAAAAADT9c3/1YaNR7glcH6c//9kRlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
40294
scheme
https
santa-finds-girls-christmas-list-650-miles-away.jpeg
img1-azrcdn.newser.com/square-image/305366-20210426061013-M/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/square-image/305366-20210426061013-M/santa-finds-girls-christmas-list-650-miles-away.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8d10dc2506db755b7b4745dd1529eb4a1d3441934de015b4152f8aa6900d6643

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 26 Apr 2021 11:12:07 GMT
x-azure-ref-originshield
0TKKGYAAAAACyLer2wZ1kR7tZRk5AyPA2TE9OMjFFREdFMTUwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305366-20210426061013-M/santa-finds-girls-christmas-list-650-miles-away.jpeg
x-azure-ref
0xoWHYAAAAAAL0mdjDaCETIjFr/T30PFERlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
39759
scheme
https
dc-cops-drag-race-total-their-patrol-cars.jpeg
img1-azrcdn.newser.com/square-image/305368-20210426055403-M/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/square-image/305368-20210426055403-M/dc-cops-drag-race-total-their-patrol-cars.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a08e0650554684721c60ca1f8b02a7b3827be0f1182587c2e2d5d2bfea46bcd2

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 26 Apr 2021 10:54:29 GMT
x-azure-ref-originshield
0n52GYAAAAAC3pxllVbySTbZxNlr1ecGmTE9OMjFFREdFMDExNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305368-20210426055403-M/dc-cops-drag-race-total-their-patrol-cars.jpeg
x-azure-ref
0xoWHYAAAAAChf4hfpSVOQKfvbwAoA5nKRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
47533
scheme
https
house_grid_rundown.png
img1-azrcdn.newser.com/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/images/house_grid_rundown.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
21349b60e999f29bb11fd1384e57ea43faf7bb39d7822e81c1e30de505663228

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 06 Jul 2020 18:04:07 GMT
x-azure-ref-originshield
0xwSBYAAAAAAK4ktx0Vg3ToVBpeaQ/FYeTE9OMjFFREdFMDIxNQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0xoWHYAAAAABZ667gaOW5TZ1zvFNQ9D6ARlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
5120
not-everyone-is-getting-vital-second-covid-vaccine-shot.jpeg
img2-azrcdn.newser.com/square-image/305361-20210426052641-M/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/square-image/305361-20210426052641-M/not-everyone-is-getting-vital-second-covid-vaccine-shot.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
47f3aa53726f114e819984f9d6586d99c9dd6f34bf4c0ddef49e520ca469d239

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 26 Apr 2021 10:31:51 GMT
x-azure-ref-originshield
0VbCGYAAAAABBzCBia7hxTrvDvlDMUUiETE9OMjFFREdFMDExMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305361-20210426052641-M/not-everyone-is-getting-vital-second-covid-vaccine-shot.jpeg
x-azure-ref
0xoWHYAAAAAA40g9PTM0vSKmLKUR3NcFgRlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
51839
scheme
https
internet-down-for-uniquely-canadian-reason.jpeg
img2-azrcdn.newser.com/square-image/305371-20210426054723-M/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/square-image/305371-20210426054723-M/internet-down-for-uniquely-canadian-reason.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dd6e00bfd40318e3b262b09fc0863969360267bf8399d23eceaf18510848c5a4

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 26 Apr 2021 10:48:37 GMT
x-azure-ref-originshield
0n52GYAAAAABBKkNMRcdCSofKgiA55ruBTE9OMjFFREdFMDExMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305371-20210426054723-M/internet-down-for-uniquely-canadian-reason.jpeg
x-azure-ref
0xoWHYAAAAAAQIflqYddgToQy+S7kJTH0RlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
57017
scheme
https
vaccinated-americans-europe-has-good-news.jpeg
img2-azrcdn.newser.com/square-image/305367-20210426052208-M/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/square-image/305367-20210426052208-M/vaccinated-americans-europe-has-good-news.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
75f74b9b770de072bc736a48409864455d2b540889ea0709e5cf39ec49cbec5e

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 26 Apr 2021 10:22:24 GMT
x-azure-ref-originshield
0lpaGYAAAAABberhIcbKWRrdfnHakofgiTE9OMjFFREdFMDExNQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305367-20210426052208-M/vaccinated-americans-europe-has-good-news.jpeg
x-azure-ref
0xoWHYAAAAAC3BtBcyyS4RqMoonXmQnuPRlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
53299
scheme
https
academy-awards-end-with-anticlimactic-surprise-winner.jpeg
img2-azrcdn.newser.com/square-image/305373-20210426054358-M/ 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/square-image/305373-20210426054358-M/academy-awards-end-with-anticlimactic-surprise-winner.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
43209f80b4b955403fc1545c6af3de7f585dbae64883ea77e23742a0104e77b8

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 26 Apr 2021 10:46:03 GMT
x-azure-ref-originshield
0VbCGYAAAAADVyzA3i7DSSoh1GubK7RiZTE9OMjFFREdFMDExOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305373-20210426054358-M/academy-awards-end-with-anticlimactic-surprise-winner.jpeg
x-azure-ref
0xoWHYAAAAAANZMBeAUm8QaQ5j2neLRItRlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
62922
scheme
https
family-behind-covid-cure-thats-really-bleach-is-indicted.jpeg
img1-azrcdn.newser.com/square-image/305362-20210425171513-M/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/square-image/305362-20210425171513-M/family-behind-covid-cure-thats-really-bleach-is-indicted.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d2be6ee52a644eebd1bd4ee232c40cd2b7afdabc045e3ec35aa64ab56588aad9

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Sun, 25 Apr 2021 22:17:06 GMT
x-azure-ref-originshield
0g3iGYAAAAACSEAxr3C2JQpBDGhsybq/nTE9OMjFFREdFMDIxOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305362-20210425171513-M/family-behind-covid-cure-thats-really-bleach-is-indicted.jpeg
x-azure-ref
0xoWHYAAAAADLxeTNWsJBRLWS/PLPqqb6RlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
43006
scheme
https
hundreds-gather-in-nebraska-to-battle-over-the-name-josh.jpeg
img2-azrcdn.newser.com/square-image/305363-20210426004116-M/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/square-image/305363-20210426004116-M/hundreds-gather-in-nebraska-to-battle-over-the-name-josh.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f4876af3aa949da819a369a0a605abcc5a0921292b5d39955aa35dacd420ffbf

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 26 Apr 2021 05:42:56 GMT
x-azure-ref-originshield
0LSaHYAAAAABN1HIPGEmOQZD+y7dvJO/MTE9OMjFFREdFMDEwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305363-20210426004116-M/hundreds-gather-in-nebraska-to-battle-over-the-name-josh.jpeg
x-azure-ref
0xoWHYAAAAABQ6Cvy1xVxSbFPiG7PyfJzRlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
70773
scheme
https
how-scammers-made-use-of-mackenzie-scotts-largesse.jpeg
img1-azrcdn.newser.com/square-image/305346-20210425162801-M/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/square-image/305346-20210425162801-M/how-scammers-made-use-of-mackenzie-scotts-largesse.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9efb83a33748dbaf580ec8fd537e73de9e430daa34ef4ab7acc4d00e385b3da2

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Sun, 25 Apr 2021 21:28:49 GMT
x-azure-ref-originshield
0suOFYAAAAADY5+kSMucnQr8fA4n02jzeTE9OMjFFREdFMDIxNABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305346-20210425162801-M/how-scammers-made-use-of-mackenzie-scotts-largesse.jpeg
x-azure-ref
0xoWHYAAAAAC7kt8PcsSXSoPjcPrnFy5iRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
44486
scheme
https
gymnasts-competition-outfit-causes-quite-a-stir.jpeg
img1-azrcdn.newser.com/square-image/305298-20210425154558-M/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/square-image/305298-20210425154558-M/gymnasts-competition-outfit-causes-quite-a-stir.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
064d8654685defd5adf0da7b8bf4e1adc8e618b6f0c659ff878637bf8f9d039a

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Sun, 25 Apr 2021 20:47:53 GMT
x-azure-ref-originshield
0g3iGYAAAAAA+ejT3oDylQKdKUUZ5NW+MTE9OMjFFREdFMDIxOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305298-20210425154558-M/gymnasts-competition-outfit-causes-quite-a-stir.jpeg
x-azure-ref
0xoWHYAAAAACVboAgFRHzR4rQL9Hc+iE+RlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
44224
scheme
https
man-accused-of-dating-35-women-for-the-birthday-gifts.jpeg
img1-azrcdn.newser.com/square-image/305344-20210425153928-M/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/square-image/305344-20210425153928-M/man-accused-of-dating-35-women-for-the-birthday-gifts.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e4cf78cc4dd6c3fc5fd045c3e7faf3fb3a110febff48aca4e05dcaad2e8ccac0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Sun, 25 Apr 2021 20:42:48 GMT
x-azure-ref-originshield
0u9SGYAAAAABFqokfj4Z2T5xw37I9PO4qTE9OMjFFREdFMDIxNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305344-20210425153928-M/man-accused-of-dating-35-women-for-the-birthday-gifts.jpeg
x-azure-ref
0xoWHYAAAAAD1fb3LLen0Q6pIDEOwOsuwRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
60414
scheme
https
mortal-kombat-demon-slayer-make-for-a-big-weekend.jpeg
img2-azrcdn.newser.com/square-image/305359-20210425152458-M/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/square-image/305359-20210425152458-M/mortal-kombat-demon-slayer-make-for-a-big-weekend.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2b1b006df6ed32ddde346ded031b193799b49756dca5592c010fcdf28fafd810

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Sun, 25 Apr 2021 20:26:19 GMT
x-azure-ref-originshield
0atCFYAAAAAAC9Zxgd1Y7RomdZJXrJ0sXTE9OMjFFREdFMDIwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305359-20210425152458-M/mortal-kombat-demon-slayer-make-for-a-big-weekend.jpeg
x-azure-ref
0xoWHYAAAAABlH8dHLLt8To4ByJS5cXe9RlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
51951
scheme
https
experiment-started-in-1879-isnt-done-yet.jpeg
img2-azrcdn.newser.com/square-image/305213-20210425152719-M/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/square-image/305213-20210425152719-M/experiment-started-in-1879-isnt-done-yet.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ab5230a4075b4634fe7797d78cb60efb4c435e292dcba5b3e0de8541eb37d817

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Sun, 25 Apr 2021 20:27:38 GMT
x-azure-ref-originshield
0g3iGYAAAAABZ5rupzQNpRKhNP+JbDdkRTE9OMjFFREdFMTUwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305213-20210425152719-M/experiment-started-in-1879-isnt-done-yet.jpeg
x-azure-ref
0xoWHYAAAAABOJ5SfCFJERaif4wUaLrMMRlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
53221
scheme
https
covid-kills-fashion-designer-alber-elbaz-59.jpeg
img1-azrcdn.newser.com/square-image/305360-20210425141528-M/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/square-image/305360-20210425141528-M/covid-kills-fashion-designer-alber-elbaz-59.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
04db9ba63e8b2e34313c88ec6fc98d6a9eee164ebe9f5eeb8c2825ca49aaada3

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Sun, 25 Apr 2021 19:18:50 GMT
x-azure-ref-originshield
0OsKFYAAAAAAWoQ4gOFdSS6dZA4qNSyFfTE9OMjFFREdFMDIxNQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305360-20210425141528-M/covid-kills-fashion-designer-alber-elbaz-59.jpeg
x-azure-ref
0xoWHYAAAAACpSf5Y/qFoQJ22nona+rYbRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
38609
scheme
https
/
loadus.exelator.com/load/ 		124 B
506 B 		Script
General
Check archive.org
Download Go to
Full URL
https://loadus.exelator.com/load/?p=320&g=001&c=700151&ctg=home&subctg=&ag=&gd=
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
1934199df51551755f77a59d6993a98e332ad57c09ab22d30fafb727d92e4eb0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
content-type
application/x-javascript;charset=UTF-8
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
dpx.js
i.simpli.fi/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.simpli.fi/dpx.js?cid=3056&m=1&referrer=http://www.newser.com
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.179 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b3.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
9831e5b4e79a7b80a69a4d83d86fafc4c8e80fad4d14d27796f7eef4b686ba66
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Tue, 27 Apr 2021 03:32:22 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
3095
x-request-id
FnmZhikNWgoUynYy22oh
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
abp.png
img2-azrcdn.newser.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/images/abp.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ad9e5210a13805edc2cc2874d7ffa326b907e9c6d0c212071798944a1dd9ffae

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 06 Jul 2020 18:04:06 GMT
x-azure-ref-originshield
0u9SGYAAAAAC5SKKLz8xLTo4C9EyJDiCETE9OMjFFREdFMDIxNABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0xoWHYAAAAADypxjuzOr4QK1uu29+JqPzRlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
1639
ubo.png
img2-azrcdn.newser.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/images/ubo.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7cec802828fd9d25efc4611219c8748745117f5a51d4f76e4f9cfd85a428ce95

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 06 Jul 2020 18:04:10 GMT
x-azure-ref-originshield
0+66GYAAAAAA8WIh1iOjmT4ha4mVzzxQnTE9OMjFFREdFMDIyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0xoWHYAAAAABg5G2RFI4GSYXNdQpsSgQJRlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
1613
ghostery.png
img1-azrcdn.newser.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/images/ghostery.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8baae135666cde471d16426b7387541d4b900559275813859e2d296eee039192

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:21 GMT
last-modified
Mon, 06 Jul 2020 18:04:07 GMT
x-azure-ref-originshield
0FQeHYAAAAABTKDLymG2NTpi7gAD6hrCeTE9OMjFFREdFMDExMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
x-azure-ref
0xoWHYAAAAAByuuhNxKwuRpZKs6siEI4kRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
1612
XQeeBy.js
www.newser.com/0K17/TkXmYZQb/eWyLsJ/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newser.com/0K17/TkXmYZQb/eWyLsJ/XQeeBy.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.114.51.62 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a8ee66c0c6f908e4e7401f360fabae31eb615d388110e7ac52ab400b706d13a4

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.newser.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.newser.com/
Cookie
ASP.NET_SessionId=0yjqj4kz5v3lzywm10dra5xj; USERCREDENTIALS=EMAIL=&PASSWORD=&USERID=0&VISITORID=1454566181
Connection
keep-alive
Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Apr 2021 03:32:22 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
X-Tornado
yes
Content-Length
5691
Tag.engine
engine.4dsply.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engine.4dsply.com/Tag.engine?time=-120&id=7f1a7287-2f7e-4f83-800d-06bd711ee14e&rand=57553&ver=async&referrerUrl=&fingerPrint=123&abr=false&stdTime=60&fpe=1&bw=1600&bh=1200&res=1600x1200&curl=https%3A%2F%2Fwww.newser.com%2F&kw=
Requested by
Host: cdn.engine.4dsply.com
URL: https://cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=7f1a7287-2f7e-4f83-800d-06bd711ee14e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9e11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3edf60a8deb752941a2130846b5b28efbcee2291cb158dc83cd0bef080204494

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
6464fbb83b5fdfbf-FRA
date
Tue, 27 Apr 2021 03:32:22 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-adscore-status
null
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="CAO PSA OUR IND"
access-control-allow-origin
*
cache-control
private, no-transform
content-type
application/json; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09b2fba71f0000dfbfa38ed000000001
Cookie set controlpage.aspx
www.newser.com/ 		84 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.newser.com/controlpage.aspx?control=storysquarecontainer&sectionid=1&SITEPAGENAME=Home&donotshowads=&gridrownum=49&squarewidth=320&squareheight=213&numgridrows=48&numgridcols=1&hardsoft=5&StartDate=&EndDate=&PickADate=&ShowPopular=N&PopularType=None&viewhardsoft=n&ajaxcall=y&autorefreshcall=n&lastrefreshdate=4/26/2021%2010:32:22%20PM&firststorypubdate=4/26/2021%207:40:57%20PM&siteid=0&tagid=0&userid=0&taggroupid=0&type=&linkstorytype=&scrollcount=1&displayadsection=home&categoryid=0&channelid=0&ShowGridLeaderboardAds=false&ShowGridMobileAds=false&RenderUserFormat=false&StoryView=G&ShowStats=false&StoryId=0&ShowSimpleListView=True&ShowRolloversOverride=False&IsHeadlineTest=true&URLSubfolder=&Website=D&showipadads=N&ShowGridRepeatingAds=C1,C2,C4&GridFirstAdLocation=0&GridSubsequentAdLocation=0&OnClickOverride=&GridPositioning=&IsMobile=false
Requested by
Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/javascript/20210409_1520/jquery-1.12.4.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.114.51.62 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8cbab7a7ca2f1f9862d729c22caa1552466d492590bc5aad9e959fb692f95f32

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.newser.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
text/html
Cache-Control
no-cache
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Cookie
ASP.NET_SessionId=0yjqj4kz5v3lzywm10dra5xj; USERCREDENTIALS=EMAIL=&PASSWORD=&USERID=0&VISITORID=1454566181; g36FastPopSessionRequestNumber=1
Connection
keep-alive
Referer
https://www.newser.com/
Accept
text/html
Referer
https://www.newser.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 03:32:22 GMT
Content-Encoding
gzip
max-age
0
RawURL
/controlpage.aspx?control=storysquarecontainer&sectionid=1&SITEPAGENAME=Home&donotshowads=&gridrownum=49&squarewidth=320&squareheight=213&numgridrows=48&numgridcols=1&hardsoft=5&StartDate=&EndDate=&PickADate=&ShowPopular=N&PopularType=None&viewhardsoft=n&ajaxcall=y&autorefreshcall=n&lastrefreshdate=4/26/2021%2010:32:22%20PM&firststorypubdate=4/26/2021%207:40:57%20PM&siteid=0&tagid=0&userid=0&taggroupid=0&type=&linkstorytype=&scrollcount=1&displayadsection=home&categoryid=0&channelid=0&ShowGridLeaderboardAds=false&ShowGridMobileAds=false&RenderUserFormat=false&StoryView=G&ShowStats=false&StoryId=0&ShowSimpleListView=True&ShowRolloversOverride=False&IsHeadlineTest=true&URLSubfolder=&Website=D&showipadads=N&ShowGridRepeatingAds=C1,C2,C4&GridFirstAdLocation=0&GridSubsequentAdLocation=0&OnClickOverride=&GridPositioning=&IsMobile=false
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Cache-Control
no-cache
Set-Cookie
USERCREDENTIALS=EMAIL=&PASSWORD=&USERID=0&VISITORID=1454566181; expires=Fri, 25-Apr-2031 03:32:23 GMT; path=/; secure; SameSite=Lax USERSETTINGS=; expires=Mon, 26-Apr-2021 03:32:23 GMT; path=/; secure; SameSite=Lax
Content-Length
12834
Scheme
https
rules-p-8dMeaPxgtnRKk.js
rules.quantcount.com/ 		3 B
438 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-8dMeaPxgtnRKk.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c8:2600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 07:08:10 GMT
via
1.1 e5774f09cc2ae0875c0445786827ad1b.cloudfront.net (CloudFront)
age
73453
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 20:13:40 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
MAD50-C1
accept-ranges
bytes
x-amz-cf-id
7h2dhi_DVsHV6YTofxNT3Ja0Ix1DbfIiRrK7tU3kxFgpONgjSvnNyQ==
pixel;r=2053486214;rf=3;a=p-8dMeaPxgtnRKk;url=https%3A%2F%2Fwww.newser.com%2F;uht=2;fpan=1;fpa=P0-1542396880-1619494342508;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=1558287b-20210421211215;cm=;gdpr=0;ref=;d=n...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=2053486214;rf=3;a=p-8dMeaPxgtnRKk;url=https%3A%2F%2Fwww.newser.com%2F;uht=2;fpan=1;fpa=P0-1542396880-1619494342508;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=1558287b-20210421211215;cm=;gdpr=0;ref=;d=newser.com;je=0;sr=1600x1200x24;dst=1;et=1619494342508;tzo=-120;ogl=
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:22 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.111.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-111-129.mad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:04:59 GMT
via
1.1 e5774f09cc2ae0875c0445786827ad1b.cloudfront.net (CloudFront)
etag
"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
1644
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
MAD50-C1
accept-ranges
bytes
content-length
1469
x-amz-cf-id
lMrFE2Vp9gJ_UTaLwu1kkW9o2olq7gV7PfKKLFVnAyVyQkthG6lJEw==
chartbeat.js
static.chartbeat.com/js/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c8:bc00:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ec93813683cccb74a7896a34a2ed1b2163288620f6959ae06de3ded30cf518b9

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 16:18:05 GMT
content-encoding
gzip
last-modified
Fri, 02 Apr 2021 00:04:46 GMT
server
nginx
age
40457
etag
W/"60665f9e-8e96"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 2ae7e0c53833032779e8c2554653673b.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
MAD50-C1
x-amz-cf-id
q8SeG2nQCA-n0ovaLQ-WqxQEyErd5gTS3kE4i7ClPUSiOhW9FRHyjg==
expires
Tue, 27 Apr 2021 16:18:05 GMT
rules-p-mEzuYq24VEJ-3.js
rules.quantcount.com/ 		3 B
427 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-mEzuYq24VEJ-3.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c8:2600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:17:50 GMT
via
1.1 e5774f09cc2ae0875c0445786827ad1b.cloudfront.net (CloudFront)
age
892
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 02:39:21 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
MAD50-C1
accept-ranges
bytes
x-amz-cf-id
e2teNBxnQvum3g-dtWh1tTLzmVA5wKaORKLCRH4gakGvkVVqbRHvZQ==
pixel;r=1565615609;rf=3;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fwww.newser.com%2F;uht=2;fpan=0;fpa=P0-1542396880-1619494342508;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=1558287b-20210421211215;cm=;gdpr=0;ref=;d=n...
pixel.quantserve.com/ 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1565615609;rf=3;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fwww.newser.com%2F;uht=2;fpan=0;fpa=P0-1542396880-1619494342508;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=1558287b-20210421211215;cm=;gdpr=0;ref=;d=newser.com;je=0;sr=1600x1200x24;dst=1;et=1619494342516;tzo=-120;ogl=
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:22 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
D5503D14AA2F06AA
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=29525
accept-ranges
bytes
content-length
948
x-amz-id-2
JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=
pixel.gif
load77.exelator.com/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://load77.exelator.com/pixel.gif
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt
AcO1rzJRTlvvRikGAA==
date
Tue, 27 Apr 2021 03:32:22 GMT
etag
"59f0c3fc-2b"
last-modified
Wed, 25 Oct 2017 17:03:56 GMT
server
CDN77-Turbo
x-77-nzt-ray
n5nWLf74k4Y=
x-77-cache
HIT
content-type
image/gif
access-control-allow-origin
*
x-cache
HIT
x-age
403782
accept-ranges
bytes
x-77-pop
frankfurtDE
content-length
43
expires
Tue, 04 May 2021 11:22:40 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		133 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/0K17/TkXmYZQb/eWyLsJ/XQeeBy.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b84b102eb26834d8a04db19b6422412ec1966d9771bffe48910b3f9cca280b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48190
x-xss-protection
0
server
cafe
etag
1944722452572810353
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 27 Apr 2021 03:32:22 GMT
advertising.js
rddywd.com/ 		9 B
695 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rddywd.com/advertising.js
Requested by
Host: www.newser.com
URL: https://www.newser.com/0K17/TkXmYZQb/eWyLsJ/XQeeBy.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
5793
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9
cf-request-id
09b2fba833000007423a28f000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dq7WNYIqD5P9QUvNMLN8iEJ%2FK%2FLuthKqvkFl0tCv1mVLYxkfMw999JmmLeS7XDouDVy0zvK4LpH4Scqo5YjcPEYuuHsHlkPeKmcnBbV6CfBvM1o6pVBr"}],"max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86401
accept-ranges
bytes
cf-ray
6464fbb9ec1f0742-FRA
adcode.png
rddywd.com/ 		43 B
747 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rddywd.com/adcode.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Origin
https://www.newser.com
Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
78994
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
cf-request-id
09b2fba833000017621a95e000000001
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bh6oP%2FGw5gc%2Fd7QacD%2F7eDi5bDq%2FqkKStgfJhcsxNT%2BDZhI87OStrboZ0pCn1mptxFegNO46kaSbXoF8KiAfgIcsJXhGsNa13BQCgi4YHFkPewBTR8cF"}],"max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86401
accept-ranges
bytes
cf-ray
6464fbb9eefd1762-FRA
generate_204
www.googleapis.com/ 		0
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googleapis.com/generate_204
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
widget_iframe.63899b173766ee6f8a729a72b542b0fb.html
platform.twitter.com/widgets/ Frame 786B 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.63899b173766ee6f8a729a72b542b0fb.html?origin=https%3A%2F%2Fwww.newser.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/674C) /
Resource Hash
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.newser.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
963617
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Tue, 27 Apr 2021 03:32:22 GMT
Etag
"dab7ee9ff99366614e06e117bab5e542+gzip"
Last-Modified
Thu, 15 Apr 2021 22:44:33 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/674C)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105298
_ate.track.config_resp
v1.addthisedge.com/live/boost/newser/ 		1005 B
556 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/newser/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.85.134 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-85-134.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
870c196156856ec66eb4e1d7b376eca50e218883c93775524484b4fe4603f5ed

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
content-encoding
gzip
etag
-1912583789--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=60, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
379
ping
ping.chartbeat.net/ 		43 B
169 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=newser.com&p=%2F&u=DQk-kTRci2MC7pUmB&d=newser.com&g=19359&g0=Home&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=2847&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1913&t=iGrB1BRWNicBnrZT6ggOICCZMjss&V=126&i=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&tz=-120&sn=1&sv=ZuPwKDDslXy6URyyBfrkOiBCisTc&sd=1&im=062b073f&_
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.67.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-67-161.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:23 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0
usersync
usync.proper.io/v1/
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D699b1db2-e77d-424d-98d7-091d4c6f621a%26uid%3D%24%7BBSW_UUID%7D?&callback=window....
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D699b1db2-e77d-424d-98d7-091d4c6f621a%26uid%3D%24%7BBSW_UUID%7D?&callback=w...
  • https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=699b1db2-e77d-424d-98d7-091d4c6f621a&uid=394c0077-63e1-443c-a271-99c34be98bcc
183 B
385 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=699b1db2-e77d-424d-98d7-091d4c6f621a&uid=394c0077-63e1-443c-a271-99c34be98bcc
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.11.196.81 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-11-196-81.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
a3e382c22c5c9e890e27e2a9541b0cc0b170fac7085b47a23dcbbe92e751c300

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 27 Apr 2021 03:32:23 GMT
server
nginx/1.18.0
content-length
183
content-type
text/javascript

Redirect headers

location
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=699b1db2-e77d-424d-98d7-091d4c6f621a&uid=394c0077-63e1-443c-a271-99c34be98bcc
date
Tue, 27 Apr 2021 03:32:23 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync
usync.proper.io/v1/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_4b7f05c4_3edc92a2_2
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_4b7f05c4_3edc92a2_2&verify=true
  • https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-z6gjY0FE2uFq2Z78LnhvUrDjiZCBRTKI~A
155 B
369 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-z6gjY0FE2uFq2Z78LnhvUrDjiZCBRTKI~A
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.11.196.81 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-11-196-81.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
0fb220ece242f54bf46bcb59a9602502dbd8ba1104723a442ff1d990d66a463a

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 27 Apr 2021 03:32:23 GMT
server
nginx/1.18.0
content-length
155
content-type
text/javascript

Redirect headers

Date
Tue, 27 Apr 2021 03:32:23 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-z6gjY0FE2uFq2Z78LnhvUrDjiZCBRTKI~A
Connection
keep-alive
Content-Length
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
49d2e25896e0c68d3052086de208da00190f5a34bf98ab90e4db9c53609a1458
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"854 / 992 of 1000 / last-modified: 1619475282"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21014
x-xss-protection
0
expires
Tue, 27 Apr 2021 03:32:22 GMT
bidding
bids.proper.io/api/ 		0
0
arj
propermedia-d.openx.net/w/1.0/ 		173 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://propermedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.newser.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&aus=728x90%7C728x90%2C300x250%7C300x250%7C160x600%2C300x250%2C300x600%7C160x600%2C300x250%2C300x600%7C728x90%7C728x90%2C300x250&auid=542378248%2C542378249%2C542378250%2C542378251%2C542378252%2C542378253%2C542378254&aumfs=100%2C100%2C100%2C100%2C100%2C100%2C100&dddid=314db7c1-31f5-4b55-a38d-d6f06d864df2%2Ccfed013e-50c7-4e68-9b13-504051b93608%2C50b09c17-67b2-41d5-801c-7d63407fb393%2C37f2b211-276e-42ff-94b5-bd120a1d9d56%2C0bd56e31-fa5f-42d2-b23f-d437b9fff832%2C215857e2-9015-4bbe-9928-00c2a739355a%2Cd2701f30-8e2c-41dc-bddc-fe23949e34c5&divIds=openx-a9f84940-9a33-4a87-9e06-3d43afc1a7e9%2Copenx-fb778fdc-166b-4df7-b506-86b5d9f84c81%2Copenx-07893a96-8f73-48b5-8f34-2de21baa9fdd%2Copenx-ec54389a-9292-46cb-986d-8829b31e271b%2Copenx-57ecd846-aba3-4251-880a-8da709e39d65%2Copenx-8d5fec18-1a3c-4cd5-9c3f-03e8985c08b2%2Copenx-101c5266-7c11-4908-951c-7ef90d3990a6&be=1&bc=hb_pb_3.0.1&nocache=1619494342853&schain=1.0%2C1!proper.io%2Ce5961d07-eb92-11e9-a488-69e3386c7506%2C1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
bf7301dbbfe3bde655298867a85e567635eca405fb7728f7668433e026c788b1

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:23 GMT
content-encoding
gzip
server
OXGW/16.205.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.newser.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
165
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
headertag
as-sec.casalemedia.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headertag?v=9&s=161112&r=%7B%22id%22%3A%22607963611%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.newser.com%2F%22%2C%22ref%22%3A%22%22%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22728x90-1-vqx3I%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-1-vqx3I%22%2C%22siteID%22%3A575335%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22728x90-2-HTFtp%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-2-HTFtp%22%2C%22siteID%22%3A575335%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22728x90-3-gR9ms%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-3-gR9ms%22%2C%22siteID%22%3A575335%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22728x90-4-TaO0p%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-4-TaO0p%22%2C%22siteID%22%3A575335%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22160x600-1-ZYIJN%22%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22160x600-1-ZYIJN%22%2C%22siteID%22%3A575335%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22160x600-2-cSl5t%22%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22160x600-2-cSl5t%22%2C%22siteID%22%3A575335%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22300x250-1-cAlCb%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-1-cAlCb%22%2C%22siteID%22%3A575335%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22300x250-2-YVMnw%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-2-YVMnw%22%2C%22siteID%22%3A575335%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22300x250-3-NPWYn%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-3-NPWYn%22%2C%22siteID%22%3A575335%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22300x250-4-G9PE0%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-4-G9PE0%22%2C%22siteID%22%3A575335%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22300x250-5-9cwWX%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-5-9cwWX%22%2C%22siteID%22%3A575335%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22300x600-1-GQiuW%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22300x600-1-GQiuW%22%2C%22siteID%22%3A575335%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22300x600-2-TmxC1%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22300x600-2-TmxC1%22%2C%22siteID%22%3A575335%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%7D&t=300&fn=window.proper_98c8fbf5_93024225_3
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c0d0c45aad6611f318a6184d40dd8766e79ef30b3ad719bf0c59f81741a1c8f3

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Apr 2021 03:32:23 GMT
Content-Encoding
gzip
Server
Apache
Vary
Is-Traffic-Invalid,Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1464
Expires
Tue, 27 Apr 2021 03:32:23 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		408 B
758 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?CanonicalUrl=https%3A%2F%2Fwww.newser.com%2F
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 Paris, France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
6c3f5d30be5d98820b0bd02e38b4cc1ff1baa4f73070bd7fdbfa5f40c3d67cd1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:23 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.newser.com
access-control-max-age
3600
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
54
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
408
expires
0
trinity.json
apex.go.sonobi.com/ 		30 B
614 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22ccc7fe6434fb66ae834a%22%3A%22ccc7fe6434fb66ae834a%7C728x90%7C0.1%22%2C%2264e595c20b879f62c834%22%3A%2264e595c20b879f62c834%7C728x90%7C0.1%22%2C%224329af1e77c12b95f021%22%3A%224329af1e77c12b95f021%7C728x90%7C0.1%22%2C%22b9b670b5118ecbbec418%22%3A%22b9b670b5118ecbbec418%7C728x90%7C0.1%22%2C%22bccd950d196af58b68c7%22%3A%22bccd950d196af58b68c7%7C160x600%7C0.1%22%2C%223e896bba6a9e433a67ba%22%3A%223e896bba6a9e433a67ba%7C160x600%7C0.1%22%2C%22359f4c73319943db4060%22%3A%22359f4c73319943db4060%7C300x250%7C0.1%22%2C%2270ecbdaffd649ade3db4%22%3A%2270ecbdaffd649ade3db4%7C300x250%7C0.1%22%2C%229b8c0615da0c258ca69d%22%3A%229b8c0615da0c258ca69d%7C300x250%7C0.1%22%2C%22dae9eb06db33234c452d%22%3A%22dae9eb06db33234c452d%7C300x250%7C0.1%22%2C%2264f2e150491fa490d736%22%3A%2264f2e150491fa490d736%7C300x250%7C0.1%22%2C%225b4b367abbd6bcd0d179%22%3A%225b4b367abbd6bcd0d179%7C300x600%7C0.1%22%2C%228e34e02f83137f40cfcd%22%3A%228e34e02f83137f40cfcd%7C300x600%7C0.1%22%7D&ref=https%3A%2F%2Fwww.newser.com%2F&s=253b88c5-f7da-490e-927e-81d4f717aa0a&pv=0628c163-6092-4785-af42-257b33c22461&vp=desktop&lib_name=prebid&lib_v=3.26.0&us=1&ius=1&userid=699b1db2-e77d-424d-98d7-091d4c6f621a&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
a117924f559cb8da7692dc5a758f590fff1a959d1908f7055f2ec7a3efd35332
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Apr 2021 03:32:23 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.newser.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
30
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		804 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
170816441d7272a04cf05b1b30e1e974eb37fe1e274c3e55cfce80f8fed26c63
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 27 Apr 2021 03:32:23 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
37.120.211.132; 37.120.211.132; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.105:80
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
5cbc351b-6400-4618-8725-715a595b94e0
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.newser.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
hb.emxdgt.com/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=1000&ts=1619494342863
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.69.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-69-169.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.newser.com
date
Tue, 27 Apr 2021 03:32:23 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
mvo
tag.1rx.io/rmp/214194/0/ 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/214194/0/mvo?z=1r&hbv=3.26,2.1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.newser.com
pragma
no-cache
date
Tue, 27 Apr 2021 03:32:23 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Ly7nxP2ukzmD5nd8HuLUqVcX&bidId=Ly7nxP2ukzmD5nd8HuLUqVcX&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.167.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-167-149.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.newser.com
date
Tue, 27 Apr 2021 03:32:23 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=ycvGc3j5nTHsKQaxwLTJaTJJ&bidId=ycvGc3j5nTHsKQaxwLTJaTJJ&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.167.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-167-149.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.newser.com
date
Tue, 27 Apr 2021 03:32:23 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=bRZAv3qG5YWguiCbD5FPfusN&bidId=bRZAv3qG5YWguiCbD5FPfusN&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.167.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-167-149.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.newser.com
date
Tue, 27 Apr 2021 03:32:23 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=8Ev8zBVFzzyUGKuGWacMJ2pu&bidId=8Ev8zBVFzzyUGKuGWacMJ2pu&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.167.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-167-149.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.newser.com
date
Tue, 27 Apr 2021 03:32:23 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=SEVLz4RC2oMeHtE7eRTrfno9&bidId=SEVLz4RC2oMeHtE7eRTrfno9&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.167.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-167-149.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.newser.com
date
Tue, 27 Apr 2021 03:32:23 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=4bi1St8Jm1Jrp5WDdLaP9DyP&bidId=4bi1St8Jm1Jrp5WDdLaP9DyP&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.167.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-167-149.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.newser.com
date
Tue, 27 Apr 2021 03:32:23 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=axXXn1LpFGmpAFGYBswnx4He&bidId=axXXn1LpFGmpAFGYBswnx4He&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.167.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-167-149.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.newser.com
date
Tue, 27 Apr 2021 03:32:23 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=TNtnrsKyouai7gheWgHJredz&bidId=TNtnrsKyouai7gheWgHJredz&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.167.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-167-149.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.newser.com
date
Tue, 27 Apr 2021 03:32:23 GMT
access-control-allow-credentials
true
vary
Origin
cdb
bidder.criteo.com/ 		0
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=29&wv=3.26.0&cb=16218159887&im=1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.newser.com
date
Tue, 27 Apr 2021 03:32:22 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
apstag.js
c.amazon-adsystem.com/aax2/ 		119 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.105.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-105-229.mad50.r.cloudfront.net
Software
Server /
Resource Hash
9e5a3984c873d9f7009795b85f0d9bfa38e8f9dddc2309d83556aea4d7ee41a0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
FUA623DCjlDRvcvJxerHmi4TRUp1BV44
content-encoding
gzip
server
Server
age
117
etag
433bd8b9aebf928ab8f51e43abc531d2
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 eae0fbb8e97278d435febe844db04b08.cloudfront.net (CloudFront)
cache-control
public, max-age=900
date
Tue, 27 Apr 2021 03:30:26 GMT
x-amz-cf-pop
MAD50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
_a8oYg66RYrqu8TiEWrmnVD0KVZiWi2z9OfmB7KERRe2AXVrB7o4rg==
hb
ssc.33across.com/api/v1/ 		87 B
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.78.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-78-134.compute-1.amazonaws.com
Software
/ 33Across
Resource Hash
11c5ae7818c4eef3cccc717044c2df12970161821533f840ead4b6830c703619

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 27 Apr 2021 03:32:23 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.newser.com
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		87 B
662 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.78.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-78-134.compute-1.amazonaws.com
Software
/ 33Across
Resource Hash
e1f9f8ae900970d349ac91231c90e101e4eae3136d8497a6b06a8c7b4ac06181

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 27 Apr 2021 03:32:23 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.newser.com
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		87 B
661 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.78.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-78-134.compute-1.amazonaws.com
Software
/ 33Across
Resource Hash
33160f98cb94e69d42da9bd45304a5a1c6794ea508f78583da6d43357e4f3a9b

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 27 Apr 2021 03:32:23 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.newser.com
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		87 B
665 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.78.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-78-134.compute-1.amazonaws.com
Software
/ 33Across
Resource Hash
fa2606fbe32c3bae99acb96df6f57f2357fd21efcd16e7a33f7d7d4536c349fa

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 27 Apr 2021 03:32:23 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.newser.com
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		87 B
667 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.78.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-78-134.compute-1.amazonaws.com
Software
/ 33Across
Resource Hash
1ecf3f8d16e52e14d04ec472ecfe6c19ef00cae69e3c6c88b886167ce5da18a4

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 27 Apr 2021 03:32:23 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.newser.com
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		87 B
659 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.78.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-78-134.compute-1.amazonaws.com
Software
/ 33Across
Resource Hash
309a404bed5b8f17ac61db5521315c644e665032d7455a8fe1257dea7d4ed161

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 27 Apr 2021 03:32:23 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.newser.com
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		87 B
663 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.78.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-78-134.compute-1.amazonaws.com
Software
/ 33Across
Resource Hash
97713bdf5d28e0a59afcd938da9709cd6a208dd4247c3d8586a8273b5f8e7ec3

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 27 Apr 2021 03:32:23 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.newser.com
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		87 B
652 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.78.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-78-134.compute-1.amazonaws.com
Software
/ 33Across
Resource Hash
49973d587bb6599fb515c7a66e51d5768b27aea54c5d88f9cf7cc05f05038224

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 27 Apr 2021 03:32:23 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.newser.com
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.newser.com
date
Tue, 27 Apr 2021 03:32:22 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
dmx.districtm.io/b/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
Cookie set utility.aspx
www.newser.com/ 		0
554 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.newser.com/utility.aspx?function=metricsab&b=false&platform=D&visitorid=1454566181&visitorclassification=P
Requested by
Host: static1-azrcdn.newser.com
URL: https://static1-azrcdn.newser.com/javascript/20210409_1520/jquery-1.12.4.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.114.51.62 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.newser.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Cookie
ASP.NET_SessionId=0yjqj4kz5v3lzywm10dra5xj; USERCREDENTIALS=EMAIL=&PASSWORD=&USERID=0&VISITORID=1454566181; g36FastPopSessionRequestNumber=1; _pubcid=699b1db2-e77d-424d-98d7-091d4c6f621a; __qca=P0-1542396880-1619494342508; __atuvc=1%7C17; __atuvs=608785c664e9c7f9000; _cb_ls=1; _cb=DQk-kTRci2MC7pUmB; _chartbeat2=.1619494342737.1619494342737.1.ZuPwKDDslXy6URyyBfrkOiBCisTc.1; _cb_svref=null; properSessionData=eyJ1dWlkIjoiNmQyMWU2YjEtMDMzZS00YTM1LTljODAtZmIwOWYxZGUwZGU2IiwiZGVwdGgiOjEsInJlZmVycmVyIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fdGVybSI6IiIsInV0bV9jb250ZW50IjoiIiwicmV2ZW51ZSI6MH0=
Connection
keep-alive
Referer
https://www.newser.com/
Accept
*/*
Referer
https://www.newser.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Apr 2021 03:32:23 GMT
RawURL
/utility.aspx?function=metricsab&b=false&platform=D&visitorid=1454566181&visitorclassification=P
Content-Type
text/html
Scheme
https
Cache-Control
private, no-store
Set-Cookie
USERCREDENTIALS=EMAIL=&PASSWORD=&USERID=0&VISITORID=1454566181; expires=Fri, 25-Apr-2031 03:32:23 GMT; path=/; secure; SameSite=Lax USERSETTINGS=; expires=Mon, 26-Apr-2021 03:32:23 GMT; path=/; secure; SameSite=Lax
Content-Length
0
Expires
Tue, 27 Apr 2021 03:31:23 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035830&ns__t=1619494342888&ns_c=UTF-8&cv=3.5&c8=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&c7=https%3A%2F%2F...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035830&ns__t=1619494342888&ns_c=UTF-8&cv=3.5&c8=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&c7=https%3A%2F%2...
64 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6035830&ns__t=1619494342888&ns_c=UTF-8&cv=3.5&c8=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&c7=https%3A%2F%2Fwww.newser.com%2F&c9=
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.111.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-111-129.mad50.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:23 GMT
via
1.1 e5774f09cc2ae0875c0445786827ad1b.cloudfront.net (CloudFront)
x-amz-cf-pop
MAD50-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
3kmKpCz7h87-BYfRSRGKl6d7A51IRIacIBCAG3LgT7dMEikctzy8sw==

Redirect headers

date
Tue, 27 Apr 2021 03:32:22 GMT
via
1.1 e5774f09cc2ae0875c0445786827ad1b.cloudfront.net (CloudFront)
x-amz-cf-pop
MAD50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=6035830&ns__t=1619494342888&ns_c=UTF-8&cv=3.5&c8=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&c7=https%3A%2F%2Fwww.newser.com%2F&c9=
content-length
241
x-amz-cf-id
1xr2DgCW2YvNSQN9i3bXFK4tXhcPqLPBZpJqMvpSats4KqqwRSfi9w==
the-whole-reason-we-know-van-gogh-his-sister-in-law.jpeg
img2-azrcdn.newser.com/square-image/305011-20210425134614-M/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/square-image/305011-20210425134614-M/the-whole-reason-we-know-van-gogh-his-sister-in-law.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
416c3cfe091f8651f25273e266d375cbf5043b98402d2f1e70812647b7c4922c

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
last-modified
Sun, 25 Apr 2021 18:47:54 GMT
x-azure-ref-originshield
0FAeHYAAAAACtSlNjRPgvQopp56HlRpaRTE9OMjFFREdFMDExNQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305011-20210425134614-M/the-whole-reason-we-know-van-gogh-his-sister-in-law.jpeg
x-azure-ref
0xoWHYAAAAABF05BBexjqTpmnKlg9m49tRlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
54807
scheme
https
couple-plans-lavish-wedding-at-someone-elses-mansion.jpeg
img1-azrcdn.newser.com/square-image/305228-20210425130058-M/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/square-image/305228-20210425130058-M/couple-plans-lavish-wedding-at-someone-elses-mansion.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8ab9927032ea182992233db8ffaf6884a8bd2c1e82c562ea897a6e999fe516e8

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
last-modified
Sun, 25 Apr 2021 18:03:07 GMT
x-azure-ref-originshield
03c6GYAAAAAC9sEFCDV2CTZzVstFjGbmpTE9OMjFFREdFMDIwNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305228-20210425130058-M/couple-plans-lavish-wedding-at-someone-elses-mansion.jpeg
x-azure-ref
0xoWHYAAAAACKD7ada7sKSYzw6BJQ7Hv1RlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
49176
scheme
https
oldest-survivor-of-pearl-harbor-shot-back-at-planes.jpeg
img2-azrcdn.newser.com/square-image/305357-20210425132043-M/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/square-image/305357-20210425132043-M/oldest-survivor-of-pearl-harbor-shot-back-at-planes.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7fd516123bfc916ccb481369f2197baa283dfd4f7b9cd315c82689df2794bc3d

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
last-modified
Sun, 25 Apr 2021 18:22:28 GMT
x-azure-ref-originshield
0LSaHYAAAAAAh8ZmR70WnSZGvo2Ud7fApTE9OMjFFREdFMDEwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305357-20210425132043-M/oldest-survivor-of-pearl-harbor-shot-back-at-planes.jpeg
x-azure-ref
0xoWHYAAAAAA5sIJwMHb1SKUVTDSaJGeARlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
49693
scheme
https
protesters-want-trial-in-slaying-of-jewish-woman.jpeg
img1-azrcdn.newser.com/square-image/305356-20210425122758-M/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/square-image/305356-20210425122758-M/protesters-want-trial-in-slaying-of-jewish-woman.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dec000872742c8a53d760926c796e0474d12cd175942beea77641bf27406091f

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
last-modified
Sun, 25 Apr 2021 17:30:00 GMT
x-azure-ref-originshield
0WrmFYAAAAAC7Kym6qaN4RIfeq7pQSVy+TE9OMjFFREdFMDEyMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305356-20210425122758-M/protesters-want-trial-in-slaying-of-jewish-woman.jpeg
x-azure-ref
0xoWHYAAAAAAxt2hZ1a0ZSJ9wlPQeE6+ERlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
61874
scheme
https
seth-rogens-life-formula-has-3-pillars.jpeg
img1-azrcdn.newser.com/square-image/305294-20210425114543-M/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/square-image/305294-20210425114543-M/seth-rogens-life-formula-has-3-pillars.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bcf518d2c7ee87a0a0885243f3eb453cd15507b7e724670c2a0bef6775ece0a4

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
last-modified
Sun, 25 Apr 2021 16:47:12 GMT
x-azure-ref-originshield
0FQeHYAAAAACCVTOJp3yLSbBNNNnVTtlATE9OMjFFREdFMDIxNABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305294-20210425114543-M/seth-rogens-life-formula-has-3-pillars.jpeg
x-azure-ref
0xoWHYAAAAABgSPVaxno6SbEIT13qdiokRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
47047
scheme
https
submarine-found-in-3-pieces-on-sea-floor-the-crew-lost.jpeg
img1-azrcdn.newser.com/square-image/305354-20210425124647-M/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/square-image/305354-20210425124647-M/submarine-found-in-3-pieces-on-sea-floor-the-crew-lost.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
31e2f8aab73e5ee6bc2d55665f92a5925a18250b023c5be1ade6db40eb9d7c95

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
last-modified
Sun, 25 Apr 2021 17:46:54 GMT
x-azure-ref-originshield
0lXSGYAAAAAAcn+sjKMjgRr9v2TuUDLTyTE9OMjFFREdFMDIwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305354-20210425124647-M/submarine-found-in-3-pieces-on-sea-floor-the-crew-lost.jpeg
x-azure-ref
0xoWHYAAAAAC1QW0XZTgmSJ8dq0lBFVreRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
42792
scheme
https
utah-discovery-a-tipping-point-on-t-rexes.jpeg
img1-azrcdn.newser.com/square-image/305146-20210425103058-M/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/square-image/305146-20210425103058-M/utah-discovery-a-tipping-point-on-t-rexes.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ee8163b46eb81bd00972b26b74fe22870d91d8911720757f0fb4983f11411cfb

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
last-modified
Sun, 25 Apr 2021 15:31:38 GMT
x-azure-ref-originshield
0WYuFYAAAAACRWKJGlM/jT4QJK1UpzyjrTE9OMjFFREdFMDExOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305146-20210425103058-M/utah-discovery-a-tipping-point-on-t-rexes.jpeg
x-azure-ref
0xoWHYAAAAAC6XJPi982SSJfrX5jUKbCsRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
65317
scheme
https
oxygen-tank-blast-fire-kill-82-in-hospital.jpeg
img2-azrcdn.newser.com/square-image/305355-20210425101813-M/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/square-image/305355-20210425101813-M/oxygen-tank-blast-fire-kill-82-in-hospital.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dbb99fbd69185738e614fbbc92b5bace8ce70e1b000fc5930a84de1d79cbd188

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
last-modified
Sun, 25 Apr 2021 15:19:52 GMT
x-azure-ref-originshield
0lXSGYAAAAABa1v6qhEnHRahxySNRKjlFTE9OMjFFREdFMDIxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305355-20210425101813-M/oxygen-tank-blast-fire-kill-82-in-hospital.jpeg
x-azure-ref
0xoWHYAAAAABSLFMlEMeDRbBQ4/O2MIp3RlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
64137
scheme
https
bloody-finger-leads-police-to-suspect.jpeg
img1-azrcdn.newser.com/square-image/305348-20210425124756-M/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/square-image/305348-20210425124756-M/bloody-finger-leads-police-to-suspect.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
26ee9a9c236e86e70c68334d39f1f97885852d2164f1d78547058bc201a61a17

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
last-modified
Sun, 25 Apr 2021 17:48:53 GMT
x-azure-ref-originshield
0VbCGYAAAAADHjoMlbEuVR7fYTZnX7QZ4TE9OMjFFREdFMDIxOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305348-20210425124756-M/bloody-finger-leads-police-to-suspect.jpeg
x-azure-ref
0xoWHYAAAAACPQOZ5IajBSYnZCpsCDrI4RlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
54898
scheme
https
elon-musk-to-host-saturday-night-live.jpeg
img1-azrcdn.newser.com/square-image/305352-20210426092629-M/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/square-image/305352-20210426092629-M/elon-musk-to-host-saturday-night-live.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f8a1886ef6ca6ef33237a32dd6f34426d9ed8281da31cf5de1e75ae47e72becc

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
last-modified
Mon, 26 Apr 2021 14:27:02 GMT
x-azure-ref-originshield
0FQeHYAAAAAAVPFKuQYUNQoP4xfm0sgYDTE9OMjFFREdFMDExNABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305352-20210426092629-M/elon-musk-to-host-saturday-night-live.jpeg
x-azure-ref
0xoWHYAAAAADmPPn7A+UkSZtdo5RBR93mRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
53698
scheme
https
treasure-hunter-finds-46k-hidden-in-home-since-1950s.jpeg
img2-azrcdn.newser.com/square-image/305333-20210425124719-M/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/square-image/305333-20210425124719-M/treasure-hunter-finds-46k-hidden-in-home-since-1950s.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d60b33b136750bb14f1c1488c72ff50d02846e94d2aca327f5bba24509ca321e

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
last-modified
Sun, 25 Apr 2021 17:48:53 GMT
x-azure-ref-originshield
0i7CFYAAAAACKELJkcDGVQYFLvSYF4TDZTE9OMjFFREdFMDIwNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305333-20210425124719-M/treasure-hunter-finds-46k-hidden-in-home-since-1950s.jpeg
x-azure-ref
0xoWHYAAAAAAo5QdeZ5sSRYAnnPt4ZnZIRlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
56878
scheme
https
us-wrongly-thought-diplomat-staged-his-own-kidnapping.jpeg
img1-azrcdn.newser.com/square-image/305100-20210425073458-M/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/square-image/305100-20210425073458-M/us-wrongly-thought-diplomat-staged-his-own-kidnapping.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
feae28beedc8dc85ed19e5a32948e9f225a40246c25c108e811f540ea1fbd403

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
last-modified
Mon, 26 Apr 2021 06:00:11 GMT
x-azure-ref-originshield
0AWeGYAAAAABZoj8fdYVDQYKJeANqFY7UTE9OMjFFREdFMTUxMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305100-20210425073458-M/us-wrongly-thought-diplomat-staged-his-own-kidnapping.jpeg
x-azure-ref
0xoWHYAAAAABtfvXbJc3uS5NnFtmDdRHJRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
57790
scheme
https
woman-charged-with-felony-over-22-years-late-vhs-tape.jpeg
img2-azrcdn.newser.com/square-image/305343-20210426003954-M/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/square-image/305343-20210426003954-M/woman-charged-with-felony-over-22-years-late-vhs-tape.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b3881f9d6871daa8f824a01fbe2c98801069d74239ca90646d6fd380fbc89263

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
last-modified
Mon, 26 Apr 2021 05:40:17 GMT
x-azure-ref-originshield
0jFOGYAAAAAAaaIEf/znUSIlHSlT8YjWPTE9OMjFFREdFMDExNQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305343-20210426003954-M/woman-charged-with-felony-over-22-years-late-vhs-tape.jpeg
x-azure-ref
0xoWHYAAAAACsCO8jkq1BSIPcF5aqwO3wRlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
44900
scheme
https
deputy-who-shot-isaiah-brown-mistook-phone-for-gun.jpeg
img2-azrcdn.newser.com/square-image/305349-20210425070658-M/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/square-image/305349-20210425070658-M/deputy-who-shot-isaiah-brown-mistook-phone-for-gun.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c9b67e7b156abc521bc007dbe84dbf474e63aa630a157d150eb6c33806df3317

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
last-modified
Sun, 25 Apr 2021 12:08:53 GMT
x-azure-ref-originshield
0VbCGYAAAAAAuGA2gY/9RS5IppClqcIvoTE9OMjFFREdFMTUxNABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305349-20210425070658-M/deputy-who-shot-isaiah-brown-mistook-phone-for-gun.jpeg
x-azure-ref
0xoWHYAAAAABFwokzQuTdTKUXIfkjcxBRRlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
52363
scheme
https
dodgers-giants-change-rules-for-vaccinated-fans.jpeg
img2-azrcdn.newser.com/square-image/305327-20210424175558-M/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/square-image/305327-20210424175558-M/dodgers-giants-change-rules-for-vaccinated-fans.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
475f1aa383cebeb0633dfd593febd323b24d6b807cf4faf3f0b2964cc3ec1217

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
last-modified
Sat, 24 Apr 2021 22:56:24 GMT
x-azure-ref-originshield
0lXSGYAAAAAD2n5Lz8h/aRr3TQLkh6b6NTE9OMjFFREdFMDIxOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305327-20210424175558-M/dodgers-giants-change-rules-for-vaccinated-fans.jpeg
x-azure-ref
0x4WHYAAAAADMf0pfj+VXRbzSbKGzR8a7RlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
58761
scheme
https
armenian-americans-worked-for-this-for-decades.jpeg
img1-azrcdn.newser.com/square-image/305342-20210424170813-M/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/square-image/305342-20210424170813-M/armenian-americans-worked-for-this-for-decades.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b049d25f231e1d60f65462b791028506d5185d20eadcf9e3c0741dad6760aff7

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
last-modified
Sat, 24 Apr 2021 22:09:20 GMT
x-azure-ref-originshield
045iEYAAAAACr5VzzAcMLTYS6O/RlqMSETE9OMjFFREdFMDEwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305342-20210424170813-M/armenian-americans-worked-for-this-for-decades.jpeg
x-azure-ref
0x4WHYAAAAAAuikeA0MQVQaX+0eOLOxnJRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
54010
scheme
https
pets-eat-a-staggering-amount-of-meat-now-a-new-wrinkle.jpeg
img2-azrcdn.newser.com/square-image/305103-20210424215257-M/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/square-image/305103-20210424215257-M/pets-eat-a-staggering-amount-of-meat-now-a-new-wrinkle.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
167024cf618ce2102d66614f681c7ea9bff2282aa1e884f5a67a52b0ebbc5e34

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
last-modified
Sun, 25 Apr 2021 02:58:43 GMT
x-azure-ref-originshield
04tqEYAAAAADx4zB6/iu5TKZU4J4OG4WKTE9OMjFFREdFMDIwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305103-20210424215257-M/pets-eat-a-staggering-amount-of-meat-now-a-new-wrinkle.jpeg
x-azure-ref
0x4WHYAAAAAD2cij3hOGCTZwqiCs/eWGxRlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
42997
scheme
https
bolsonaro-i-might-send-army-into-the-streets.jpeg
img2-azrcdn.newser.com/square-image/305341-20210424220818-M/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/square-image/305341-20210424220818-M/bolsonaro-i-might-send-army-into-the-streets.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d817f36fcb5c986f68b3b8627108f8c564ce1e7f6e2b92c95722a59a4f7a34ed

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
last-modified
Sun, 25 Apr 2021 09:28:18 GMT
x-azure-ref-originshield
0LSaHYAAAAAAK5A8VlzvqSK3oZlf3+FYATE9OMjFFREdFMDIwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305341-20210424220818-M/bolsonaro-i-might-send-army-into-the-streets.jpeg
x-azure-ref
0x4WHYAAAAABTmAXgrsX+Q7blj6Zuj7l0RlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
64531
scheme
https
many-with-mild-covid-cases-develop-new-issues-later.jpeg
img2-azrcdn.newser.com/square-image/305335-20210424152359-M/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/square-image/305335-20210424152359-M/many-with-mild-covid-cases-develop-new-issues-later.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
732c0eb58decb9ef12ccca85c18edd0a38d53ddcc347887605f596f575616f88

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
last-modified
Sat, 24 Apr 2021 20:24:39 GMT
x-azure-ref-originshield
0I4CEYAAAAAAXhTZ0X/HnR5qI695ioWB5TE9OMjFFREdFMDIxMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305335-20210424152359-M/many-with-mild-covid-cases-develop-new-issues-later.jpeg
x-azure-ref
0x4WHYAAAAAC04IrsdkVQQoZnrfi8YRyZRlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
54157
scheme
https
that-picture-hijacked-my-life.jpeg
img1-azrcdn.newser.com/square-image/305156-20210424142926-M/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/square-image/305156-20210424142926-M/that-picture-hijacked-my-life.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
718946526b87f61a2162d72d8ea19465df9c3b534dc862c43e4495d4d9a0151e

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
last-modified
Sat, 24 Apr 2021 20:20:18 GMT
x-azure-ref-originshield
0g3iGYAAAAAD5hpSQghnZQ6XE6zvj9H3pTE9OMjFFREdFMTUxMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305156-20210424142926-M/that-picture-hijacked-my-life.jpeg
x-azure-ref
0x4WHYAAAAAD7ZfTkm+8DRJRRgbc6EmlPRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
47026
scheme
https
testimony-for-chauvin-puts-experts-work-in-doubt-doctors.jpeg
img2-azrcdn.newser.com/square-image/305337-20210424220839-M/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/square-image/305337-20210424220839-M/testimony-for-chauvin-puts-experts-work-in-doubt-doctors.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d267a8d0d060e7cc876d9d70ae2d6246fdc8b69cfbd854f488a2a7c12fd5e821

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
last-modified
Sun, 25 Apr 2021 03:11:05 GMT
x-azure-ref-originshield
0AWeGYAAAAABN5gS//bl5Q7f8qi2ei27QTE9OMjFFREdFMTUxNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305337-20210424220839-M/testimony-for-chauvin-puts-experts-work-in-doubt-doctors.jpeg
x-azure-ref
0x4WHYAAAAAB7+oVAN1hlQqLHXMSQ3ZN6RlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
46746
scheme
https
some-states-resume-use-of-jj-vaccine.jpeg
img1-azrcdn.newser.com/square-image/305340-20210424140213-M/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/square-image/305340-20210424140213-M/some-states-resume-use-of-jj-vaccine.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
34235953596d4b6051210ee6bc406e9124a5453700f38c6af31bd3dc4142e538

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
last-modified
Sat, 24 Apr 2021 19:03:19 GMT
x-azure-ref-originshield
0lXSGYAAAAADWMBwLg3slSIQKhTmMm+8BTE9OMjFFREdFMDExNABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305340-20210424140213-M/some-states-resume-use-of-jj-vaccine.jpeg
x-azure-ref
0x4WHYAAAAABjlGm34vxRQ4jThZFLBsyKRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
43078
scheme
https
nypd-seeks-suspect-in-horrific-attack-on-asian-man.jpeg
img2-azrcdn.newser.com/square-image/305339-20210424131643-M/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/square-image/305339-20210424131643-M/nypd-seeks-suspect-in-horrific-attack-on-asian-man.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dbe10f27507dbecd91351ff8eb8213dc13c2aab2eb10500e52fd42444558f42a

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
last-modified
Sun, 25 Apr 2021 16:28:08 GMT
x-azure-ref-originshield
0FQeHYAAAAAClveW8gkWFRJMz+JmFVt9STE9OMjFFREdFMTUxMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305339-20210424131643-M/nypd-seeks-suspect-in-horrific-attack-on-asian-man.jpeg
x-azure-ref
0x4WHYAAAAACM6pZ3WZdISqh9JFpPtEWjRlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
42451
scheme
https
worst-year-ever-gets-a-razzie-award.jpeg
img2-azrcdn.newser.com/square-image/305331-20210424131757-M/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/square-image/305331-20210424131757-M/worst-year-ever-gets-a-razzie-award.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
606702c39482af62ec0c8321f1a2e7e2f46288767e685a2f37aeffae78bd5aa0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
last-modified
Sat, 24 Apr 2021 20:44:36 GMT
x-azure-ref-originshield
0g3iGYAAAAADL0EnF1ezpQJG8dJLVH3H3TE9OMjFFREdFMTUxOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305331-20210424131757-M/worst-year-ever-gets-a-razzie-award.jpeg
x-azure-ref
0x4WHYAAAAABnsVqwRTaGQa/BoxBkh8AuRlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
42767
scheme
https
cops-suspect-killed-himself-2-others-in-intentional-crash.jpeg
img2-azrcdn.newser.com/square-image/305329-20210424121713-M/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/square-image/305329-20210424121713-M/cops-suspect-killed-himself-2-others-in-intentional-crash.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
287166cc33e02a62658f54cd6b8819c634038528f494e4b207398afa4dd6dc84

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
last-modified
Sat, 24 Apr 2021 17:29:34 GMT
x-azure-ref-originshield
0E1eEYAAAAAB3OQakm8P2TIQp4v8pQU1/TE9OMjFFREdFMDEwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305329-20210424121713-M/cops-suspect-killed-himself-2-others-in-intentional-crash.jpeg
x-azure-ref
0x4WHYAAAAABXhw9ORnmvTphKNvzpx1NkRlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
43362
scheme
https
biden-formally-recognizes-armenian-genocide.jpeg
img1-azrcdn.newser.com/square-image/305338-20210424220908-M/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/square-image/305338-20210424220908-M/biden-formally-recognizes-armenian-genocide.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1b0e64c0414d24d858093359df28f0aed5b479d81ddb895023030235e8b106e8

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
last-modified
Sun, 25 Apr 2021 03:11:05 GMT
x-azure-ref-originshield
0LSaHYAAAAACc5yCFvb0CTaI+nTlSJcbuTE9OMjFFREdFMTUxNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305338-20210424220908-M/biden-formally-recognizes-armenian-genocide.jpeg
x-azure-ref
0x4WHYAAAAABdEnp9xZNhRpGTfjlWsfy/RlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
45190
scheme
https
in-italy-a-culture-war-over-espresso.jpeg
img1-azrcdn.newser.com/square-image/305248-20210424142424-M/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/square-image/305248-20210424142424-M/in-italy-a-culture-war-over-espresso.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
72986aa124ed922154919ff3eaf2e4cff2787b847cad1efd94c0c9e60a67782a

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
last-modified
Sun, 25 Apr 2021 17:29:10 GMT
x-azure-ref-originshield
0LSaHYAAAAAAJPEc6nW1lSIS73c8tmvsNTE9OMjFFREdFMDIxMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305248-20210424142424-M/in-italy-a-culture-war-over-espresso.jpeg
x-azure-ref
0x4WHYAAAAACsS7zc47ZwT6yqEd8300TgRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
36049
scheme
https
cryptic-writing-found-in-home-of-ex-nfl-player-who-killed-6.jpeg
img1-azrcdn.newser.com/square-image/305334-20210424105427-M/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/square-image/305334-20210424105427-M/cryptic-writing-found-in-home-of-ex-nfl-player-who-killed-6.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
db428922c72c3ef3c821aea62551754070d6d0a282391b209d25574b01a8b059

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
last-modified
Sat, 24 Apr 2021 15:56:35 GMT
x-azure-ref-originshield
0g3iGYAAAAAC/ab/OXBZwTZh1Ij3Qee6XTE9OMjFFREdFMDIxNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305334-20210424105427-M/cryptic-writing-found-in-home-of-ex-nfl-player-who-killed-6.jpeg
x-azure-ref
0x4WHYAAAAABuEZJsx7rXTY7lPdVGUJh7RlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
55787
scheme
https
iss-now-has-highest-population-in-years.jpeg
img1-azrcdn.newser.com/square-image/305336-20210424103558-M/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/square-image/305336-20210424103558-M/iss-now-has-highest-population-in-years.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dff3ab12802f9486fdee669bc36c86962497106ecc8c9d0d399649efd0912a10

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
last-modified
Sun, 25 Apr 2021 13:19:16 GMT
x-azure-ref-originshield
063eFYAAAAABdvQr6tV9TTqQFQ28nIb09TE9OMjFFREdFMDIyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305336-20210424103558-M/iss-now-has-highest-population-in-years.jpeg
x-azure-ref
0x4WHYAAAAABI/YGIxV+uSbKUewKr3C7eRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
58050
scheme
https
carlson-other-journalists-are-cringing-animals.jpeg
img1-azrcdn.newser.com/square-image/305332-20210424190216-M/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/square-image/305332-20210424190216-M/carlson-other-journalists-are-cringing-animals.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bafefa2743a428a26fcda668f87197498ca166c6eabe4ae443ef0d627c3dd8e1

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
last-modified
Sun, 25 Apr 2021 01:39:44 GMT
x-azure-ref-originshield
0VbCGYAAAAAD6pUomHdCQS5Z59hOu6HSyTE9OMjFFREdFMDExNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305332-20210424190216-M/carlson-other-journalists-are-cringing-animals.jpeg
x-azure-ref
0x4WHYAAAAAB9HWOtvwfQQ4m4EGUxbqHjRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
51293
scheme
https
they-spent-40-days-in-a-dark-cave-for-science-some-want-to-go-back.jpeg
img1-azrcdn.newser.com/square-image/305330-20210424105504-M/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/square-image/305330-20210424105504-M/they-spent-40-days-in-a-dark-cave-for-science-some-want-to-go-back.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4cbfdce0cb7fd1d77cd70c79569237936bbe07c8a9e3ed5ec602c156956cce4d

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
last-modified
Sat, 24 Apr 2021 15:56:35 GMT
x-azure-ref-originshield
08UaEYAAAAABqb4s0S9/sR5ZyXOYyNQMNTE9OMjFFREdFMDIwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305330-20210424105504-M/they-spent-40-days-in-a-dark-cave-for-science-some-want-to-go-back.jpeg
x-azure-ref
0x4WHYAAAAAA+HMckTSITT55UXj19ta9/RlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
60189
scheme
https
stolen-160k-big-bird-returned-with-note-we-had-a-great-time.jpeg
img1-azrcdn.newser.com/square-image/305328-20210424092229-M/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/square-image/305328-20210424092229-M/stolen-160k-big-bird-returned-with-note-we-had-a-great-time.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c0fbe2fb9302f6a0e568b9aa5563ed8cdec6cafc822cb4c222ea8579b08e953c

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
last-modified
Sun, 25 Apr 2021 06:05:23 GMT
x-azure-ref-originshield
03s6GYAAAAABO2XRxbZTIQb2KChdGO+QATE9OMjFFREdFMDExNQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305328-20210424092229-M/stolen-160k-big-bird-returned-with-note-we-had-a-great-time.jpeg
x-azure-ref
0x4WHYAAAAABvx5FkwZhCTJ7VyQ7VvSWzRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
50271
scheme
https
spock-got-things-wrong-more-than-youd-think.jpeg
img1-azrcdn.newser.com/square-image/305140-20210424083327-M/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/square-image/305140-20210424083327-M/spock-got-things-wrong-more-than-youd-think.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1d2f3e07f8f041675ea8aede8d4921e835bd3f5a4b29346382278a778c19edce

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
last-modified
Sat, 24 Apr 2021 19:34:21 GMT
x-azure-ref-originshield
0VrCGYAAAAAB4UBUPAzUwTLx9zL8BC6KhTE9OMjFFREdFMDIwNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305140-20210424083327-M/spock-got-things-wrong-more-than-youd-think.jpeg
x-azure-ref
0x4WHYAAAAAC3dzx+RVFLS48wQw7l0Ib2RlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
48574
scheme
https
alabama-is-latest-state-to-ok-ban-on-transgender-athletes.jpeg
img2-azrcdn.newser.com/square-image/305321-20210424082043-M/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/square-image/305321-20210424082043-M/alabama-is-latest-state-to-ok-ban-on-transgender-athletes.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b0c7916138a9a0e57dfb6d01f0e83d6afb87ab8def5f862259164fea4f0aebd3

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
last-modified
Sat, 24 Apr 2021 13:21:17 GMT
x-azure-ref-originshield
0fhyEYAAAAAAFtPSTssPyS6enjYFt2LlqTE9OMjFFREdFMDIxNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305321-20210424082043-M/alabama-is-latest-state-to-ok-ban-on-transgender-athletes.jpeg
x-azure-ref
0x4WHYAAAAABqXlLWbIkdS4P4dkNfGcvhRlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
49138
scheme
https
neighbors-help-crack-3-year-long-coffee-cup-caper.jpeg
img1-azrcdn.newser.com/square-image/305074-20210424070148-M/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/square-image/305074-20210424070148-M/neighbors-help-crack-3-year-long-coffee-cup-caper.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5fea439b0d9f0bc1e58b8f90721c6951a196abb1303ef966ce507a59e8789dc9

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
last-modified
Sat, 24 Apr 2021 21:28:55 GMT
x-azure-ref-originshield
0g3iGYAAAAADpu1TTVf3nRbwjF+dKy+vyTE9OMjFFREdFMTUxNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305074-20210424070148-M/neighbors-help-crack-3-year-long-coffee-cup-caper.jpeg
x-azure-ref
0x4WHYAAAAACJRvjuWJIQT5azl5v3RnvsRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
49276
scheme
https
first-pic-of-tiger-woods-since-feb-crash-emerges.jpeg
img1-azrcdn.newser.com/square-image/305322-20210424072959-M/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/square-image/305322-20210424072959-M/first-pic-of-tiger-woods-since-feb-crash-emerges.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8120c088cfc96df36a25b94981c27737c5f2cebcf6b8b84c354ae56f3747c5f9

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
last-modified
Sat, 24 Apr 2021 12:31:16 GMT
x-azure-ref-originshield
0uA+EYAAAAABHyOvwWczSSbmmZ0bAMtKaTE9OMjFFREdFMDIwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305322-20210424072959-M/first-pic-of-tiger-woods-since-feb-crash-emerges.jpeg
x-azure-ref
0x4WHYAAAAAB48QCqKi9kRou44yCRUHUwRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
66246
scheme
https
ghislaine-maxwell-enters-plea-on-2-new-charges.jpeg
img2-azrcdn.newser.com/square-image/305323-20210424085355-M/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/square-image/305323-20210424085355-M/ghislaine-maxwell-enters-plea-on-2-new-charges.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e2b29dda3ecc2c9ca63e22a28d2f16efac098f1a3199f7bd916a436d2467057f

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
last-modified
Sun, 25 Apr 2021 19:52:07 GMT
x-azure-ref-originshield
0VrCGYAAAAAAYV005Kiw4QYRu3gey14WKTE9OMjFFREdFMDEyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305323-20210424085355-M/ghislaine-maxwell-enters-plea-on-2-new-charges.jpeg
x-azure-ref
0x4WHYAAAAACwVT1dewLiS5KIoqxVit5CRlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
47446
scheme
https
missing-submarine-declared-sunk-after-items-emerge.jpeg
img2-azrcdn.newser.com/square-image/305325-20210424084149-M/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/square-image/305325-20210424084149-M/missing-submarine-declared-sunk-after-items-emerge.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0192d287075be6b22531c8e15d8e3ca3a303396518536557a09f40e84e5d584f

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
last-modified
Sat, 24 Apr 2021 21:28:55 GMT
x-azure-ref-originshield
0WrmFYAAAAAC5vLjbkpTtSJLvrNjGkmUYTE9OMjFFREdFMDIxMwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305325-20210424084149-M/missing-submarine-declared-sunk-after-items-emerge.jpeg
x-azure-ref
0x4WHYAAAAAA80dA0YmC1SLgDZvjAWS0sRlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
46602
scheme
https
cdc-panel-votes-to-end-johnson-johnson-pause.jpeg
img2-azrcdn.newser.com/square-image/305317-20210423180059-M/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/square-image/305317-20210423180059-M/cdc-panel-votes-to-end-johnson-johnson-pause.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4a1bcd9ccf66456d219727651e7b718f762e016e0187fb29471c6a2b4a0adba0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
last-modified
Sat, 24 Apr 2021 22:43:06 GMT
x-azure-ref-originshield
0LSaHYAAAAACuofiEnAGdTbvS749yZvHaTE9OMjFFREdFMDIxNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305317-20210423180059-M/cdc-panel-votes-to-end-johnson-johnson-pause.jpeg
x-azure-ref
0x4WHYAAAAADqjrErGSIMQoIrAxLUALknRlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
48901
scheme
https
first-democrat-faces-metal-detector-fine.jpeg
img2-azrcdn.newser.com/square-image/305315-20210423171629-M/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/square-image/305315-20210423171629-M/first-democrat-faces-metal-detector-fine.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2b216ae0773d96f6149615501f6e4ceef7e0b8b958b81441b4d7d28347def4c6

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
last-modified
Sun, 25 Apr 2021 00:54:56 GMT
x-azure-ref-originshield
0AWeGYAAAAADxLRcUoxcOQ41usuNlMJlWTE9OMjFFREdFMDEyMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305315-20210423171629-M/first-democrat-faces-metal-detector-fine.jpeg
x-azure-ref
0x4WHYAAAAAABU/aEc/h8ToQrswoGUpeGRlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
47454
scheme
https
film-about-celebrity-chef-on-the-way.jpeg
img2-azrcdn.newser.com/square-image/305311-20210423165914-M/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/square-image/305311-20210423165914-M/film-about-celebrity-chef-on-the-way.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
83ebdc08a5acf19b6fae442cb84fc623e43b4733590200c7c60313e25f5d3570

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
last-modified
Sun, 25 Apr 2021 07:42:19 GMT
x-azure-ref-originshield
0g3iGYAAAAADAZXQkLO+yS4XvmxRe6HJvTE9OMjFFREdFMDExMABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305311-20210423165914-M/film-about-celebrity-chef-on-the-way.jpeg
x-azure-ref
0x4WHYAAAAACWgG6nsesaTqMtxDdmmJZbRlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
45898
scheme
https
bones-of-black-children-killed-by-police-are-used-in-class.jpeg
img2-azrcdn.newser.com/square-image/305289-20210423162631-M/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/square-image/305289-20210423162631-M/bones-of-black-children-killed-by-police-are-used-in-class.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4c100ba9f5980456a5269f689d0fd87674ca2f7918cec8db9e669ccab621da64

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
last-modified
Fri, 23 Apr 2021 21:30:01 GMT
x-azure-ref-originshield
050KDYAAAAAA/7IzPMW7dSqyHO/8M0VMPTE9OMjFFREdFMDExNgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305289-20210423162631-M/bones-of-black-children-killed-by-police-are-used-in-class.jpeg
x-azure-ref
0x4WHYAAAAADhY27+xJCpQ612gJV8jRC+RlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
56386
scheme
https
georgia-gop-waits-waits-on-herschel-walker.jpeg
img1-azrcdn.newser.com/square-image/305308-20210423155129-M/ 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/square-image/305308-20210423155129-M/georgia-gop-waits-waits-on-herschel-walker.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e9fbecfc8ff2be3cd7c5fd4c35f58d46058a37089813434d6c15efe06aa8da4a

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
last-modified
Sat, 24 Apr 2021 22:43:06 GMT
x-azure-ref-originshield
0LSaHYAAAAACYzGAn4wVqQbjW1wNm1aO8TE9OMjFFREdFMDIxNwBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305308-20210423155129-M/georgia-gop-waits-waits-on-herschel-walker.jpeg
x-azure-ref
0x4WHYAAAAAA0U4R1TG9/TI89xu6BPFTzRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
59731
scheme
https
an-up-and-down-week-ends-on-the-up-side.jpeg
img1-azrcdn.newser.com/square-image/305312-20210423150905-M/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/square-image/305312-20210423150905-M/an-up-and-down-week-ends-on-the-up-side.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f10e7c88a107c32c5a99a31b5f6df3c7d92742b0ef6438cba64f029394018e0a

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
last-modified
Sat, 24 Apr 2021 09:06:14 GMT
x-azure-ref-originshield
0g3iGYAAAAABxWdmCn51wTbEBdcjvilZLTE9OMjFFREdFMDIxMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305312-20210423150905-M/an-up-and-down-week-ends-on-the-up-side.jpeg
x-azure-ref
0x4WHYAAAAADpNFAx4/llRK3mC2mLduOKRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
60685
scheme
https
rapper-humpty-hump-aka-shock-g-is-dead.jpeg
img1-azrcdn.newser.com/square-image/305310-20210423145244-M/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/square-image/305310-20210423145244-M/rapper-humpty-hump-aka-shock-g-is-dead.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2060fd30e616b177eeeb39b585f797859762b09d30211e17f18a2c17ca7ae0b9

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
last-modified
Fri, 23 Apr 2021 19:55:45 GMT
x-azure-ref-originshield
0QSaDYAAAAABeuMtsHsIDQ4eV0Pwc3w06TE9OMjFFREdFMDEyMgBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305310-20210423145244-M/rapper-humpty-hump-aka-shock-g-is-dead.jpeg
x-azure-ref
0x4WHYAAAAAD55aHlEWcoR4g5aQkIplu/RlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
46163
scheme
https
indias-covid-catastrophe-is-only-getting-worse.jpeg
img2-azrcdn.newser.com/square-image/305309-20210423142929-M/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2-azrcdn.newser.com/square-image/305309-20210423142929-M/indias-covid-catastrophe-is-only-getting-worse.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d7a72b814c5699dd7ce0131e32ab39f3bc8ddec3ef158f6070d9a424f6128c30

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
last-modified
Sat, 24 Apr 2021 02:37:46 GMT
x-azure-ref-originshield
0g3iGYAAAAAC3HIybGtW5S5yhpvOPq04DTE9OMjFFREdFMDIyMQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305309-20210423142929-M/indias-covid-catastrophe-is-only-getting-worse.jpeg
x-azure-ref
0x4WHYAAAAADI/JIkA/DYQZyry7I/ZgVfRlJBRURHRTEwMTUAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
52030
scheme
https
ron-johnson-highly-suspicious-of-big-push-on-vaccination.jpeg
img1-azrcdn.newser.com/square-image/305306-20210423135044-M/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/square-image/305306-20210423135044-M/ron-johnson-highly-suspicious-of-big-push-on-vaccination.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bf47c2b0df8af6ce9861a05807ed35fa6948f2e0c849c91cf05f7275c1fd915e

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
last-modified
Sat, 24 Apr 2021 01:21:55 GMT
x-azure-ref-originshield
063eFYAAAAABAe9KC1dfXQYNXR1JIjyzhTE9OMjFFREdFMDIwOQBkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305306-20210423135044-M/ron-johnson-highly-suspicious-of-big-push-on-vaccination.jpeg
x-azure-ref
0x4WHYAAAAADOAinSHZJAS4d8gE0LzX/nRlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
44898
scheme
https
they-went-to-a-closed-dennys-at-2am-just-to-make-eggs.jpeg
img1-azrcdn.newser.com/square-image/305300-20210423132959-M/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1-azrcdn.newser.com/square-image/305300-20210423132959-M/they-went-to-a-closed-dennys-at-2am-just-to-make-eggs.jpeg
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4f1b62b82b0828282cbc88d5f5d25a908ddbac873971969c6816d0b933825268

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
last-modified
Fri, 23 Apr 2021 18:31:55 GMT
x-azure-ref-originshield
0mxKDYAAAAAAOE2p1F3GHTrM8FnbE1QJMTE9OMjFFREdFMDEwOABkMzMwMWVjMS03ZTI2LTRmMmEtODYyMS04ZGVmY2ZkYmU1ZDk=
rawurl
/square-image/305300-20210423132959-M/they-went-to-a-closed-dennys-at-2am-just-to-make-eggs.jpeg
x-azure-ref
0x4WHYAAAAAANnvc7b1SeSYKAdXsbqnw0RlJBRURHRTEwMTMAZDMzMDFlYzEtN2UyNi00ZjJhLTg2MjEtOGRlZmNmZGJlNWQ5
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=2592000
content-length
60879
scheme
https
settings
syndication.twitter.com/ Frame 786B 		183 B
420 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=68fc7e51d2fd5e34c47785fa410e86a5fc22623a
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.63899b173766ee6f8a729a72b542b0fb.html?origin=https%3A%2F%2Fwww.newser.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_devel /
Resource Hash
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:22 GMT
content-encoding
gzip
last-modified
Tue, 27 Apr 2021 03:32:23 GMT
server
tsa_devel
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
00b71053b80229905d66695458b83f96137751d32deebedb45c8ea3c5c43864b
content-length
152
layers.fa6cd1947ce26e890d3d.js
s7.addthis.com/static/ 		263 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.109.85.134 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-85-134.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-41cf5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
date
Tue, 27 Apr 2021 03:32:23 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77617
pubads_impl_2021042201.js
securepubads.g.doubleclick.net/gpt/ 		301 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
f9f40e5aa6d80e385e5c15593748db7bfb50fd07cc45c8239a6fad053f63affe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 22 Apr 2021 08:39:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108299
x-xss-protection
0
expires
Tue, 27 Apr 2021 03:32:23 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.105.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-105-229.mad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 09:37:11 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
64513
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 07 Apr 2021 05:49:36 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
eEYYOb32LZFr6yGAi8hXG4401uAIPew2
via
1.1 0645caa18be2b3be5e4612d40f45a0ba.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
MAD50-C1
content-type
application/javascript
x-amz-cf-id
-ohvf1fBkdoWzI6DzTRtTGtsQ2bVez2bPAh_T2JdILZyv1Y04ukv-w==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.newser.com%2F&pid=iuHLKbOsaCT71&cb=0&ws=1600x1200&v=7.61.00&t=2000&slots=%5B%7B%22sd%22%3A%22desktop-1%22%2C%22s%22%3A%5B%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22desktop-2%22%2C%22s%22%3A%5B%22728x90%22%2C%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22desktop-6%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22desktop-7%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22desktop-4%22%2C%22s%22%3A%5B%22160x600%22%2C%22300x250%22%2C%22300x600%22%5D%7D%2C%7B%22sd%22%3A%22desktop-5%22%2C%22s%22%3A%5B%22160x600%22%2C%22300x250%22%2C%22300x600%22%5D%7D%2C%7B%22sd%22%3A%22desktop-3%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%5D&cfgv=0&pubid=cb3b5777-430d-4622-b7fc-358cfa27d518&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.105.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-105-229.mad50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:23 GMT
via
1.1 eae0fbb8e97278d435febe844db04b08.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MAD50-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.newser.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
QP6oyMEreBBMprh0HZEVPhqh31_kpNM_Nz0WjgcEuFefe2rBEivCyQ==
s2s
eb.proper.io/ 		267 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eb.proper.io/s2s?proper_uid=699b1db2-e77d-424d-98d7-091d4c6f621a
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03ba788d90135720bb3de988a36b9b3daa6faa95f468f5479aebee777521bfac

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:23 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.newser.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6464fbc0dbc62bf2-FRA
cf-request-id
09b2fbac8600002bf293b8a000000001
expires
-1
integrator.js
adservice.google.pl/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.pl/adsid/integrator.js?domain=www.newser.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400f:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 27 Apr 2021 03:32:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.newser.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 27 Apr 2021 03:32:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		83 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=984185828549369&correlator=3992571970788379&output=ldjh&impl=fifs&eid=31060783%2C31060789%2C31060825&vrg=2021042201&ptt=17&tfcd=0&sc=1&sfv=1-0-38&ecs=20210427&iu_parts=5376056%2Cnewser_leaderboard%2Cdynamic_1%2Cnewser_gridwide&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F3%2F2&prev_iu_szs=1x1%7C728x90%2C1x1%7C728x90&prev_scp=post_id%3Dunknown%26member%3Dno%26split_version%3D5471%26proper_site%3Dnewser%26proper_slot%3D1.01%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0%7Cpost_id%3Dunknown%26member%3Dno%26split_version%3D5471%26proper_site%3Dnewser%26proper_slot%3D12.01%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1619494344&dt=1619494344052&dlt=1619494342161&idt=1120&frm=20&biw=1600&bih=1200&oid=3&adxs=561%2C315&adys=55%2C684&adks=1569744204%2C1045808715&ucis=1%7C2&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.newser.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x0%7C728x0&msz=728x0%7C728x0&ga_vid=1047085257.1619494344&ga_sid=1619494344&ga_hid=672438547&ga_fc=false&fws=4%2C0&ohw=728%2C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
d389be35d900204b36fc6e6a7133faf723a23d22568be9af78f8a65996a26471
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12906
x-xss-protection
0
google-lineitem-id
-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.newser.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
6116d3d949bda88a13307fdab1f05e8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://6116d3d949bda88a13307fdab1f05e8d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ 		43 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=984185828549369&correlator=3274904740317193&output=ldjh&impl=fifs&eid=31060783%2C31060789%2C31060825&vrg=2021042201&ptt=17&tfcd=0&sc=1&sfv=1-0-38&ecs=20210427&iu_parts=5376056%2Cnewser_gridwide%2Cdynamic_2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1%7C728x90&prev_scp=post_id%3Dunknown%26member%3Dno%26split_version%3D5471%26proper_site%3Dnewser%26proper_slot%3D12.02%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1619494344&dt=1619494344088&dlt=1619494342161&idt=1120&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=1311&adks=935732023&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.newser.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x0&msz=728x0&ga_vid=1047085257.1619494344&ga_sid=1619494344&ga_hid=672438547&ga_fc=false&fws=0&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
be2aa46348ea8eb574a41cb094305c11e1be6f865ef6bd01df07aad4bd9610b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10895
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.newser.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/032104130153000/ Frame 5E26 		192 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032104130153000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83860ee17d1e1cdbf26eeb3d0fd3a99f253fc29e6ef7db46eefe7c1694f361ed
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
171188
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55476
x-xss-protection
0
server
sffe
date
Sun, 25 Apr 2021 03:59:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"9bc265c4d5adfa7f"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 25 Apr 2022 03:59:17 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/032104130153000/v0/ Frame 5E26 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032104130153000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3d84be67c0c5be9cfca5550b4bcc0947d40d62806652b81f7c296bfbc427357
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
534345
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4561
x-xss-protection
0
server
sffe
date
Tue, 20 Apr 2021 23:06:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f7d3159bb96ed225"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Apr 2022 23:06:40 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/032104130153000/v0/ Frame 5E26 		88 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032104130153000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb759faf67697ba0b5359e9574f85b1fe60574b6d96fce3df6eaf102501b107c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
388616
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27392
x-xss-protection
0
server
sffe
date
Thu, 22 Apr 2021 15:35:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"025b1bcedb95d6d9"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Apr 2022 15:35:29 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/032104130153000/v0/ Frame 5E26 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032104130153000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7139c86828ab90555f59fbccbf0209ed8da1f5498ba5d78f80c3b189f38e705
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
534345
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
sffe
date
Tue, 20 Apr 2021 23:06:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"26e8fee94434f5d6"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Apr 2022 23:06:40 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/032104130153000/v0/ Frame 5E26 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032104130153000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bc29500273c93c58829591b68df2cd5b8885409f82654d852b5b9b65d18f7be
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
132689
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12750
x-xss-protection
0
server
sffe
date
Sun, 25 Apr 2021 14:40:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"73bdf441b447cfc6"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 25 Apr 2022 14:40:56 GMT
truncated
/ Frame 5E26 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95298221666b8d605144ff0806a1320fd6b62d8156732823f6dfad5e43d08bbc

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
4231368867473694915
tpc.googlesyndication.com/simgad/ Frame 5E26 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4231368867473694915?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlxMO0hq-jpzw107_h3xLjrO6iU3g
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bdcb1081fe2c34558a32943d3c269d8e60eb28a2b25469d6d2c7b6b76bd70316
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 00:12:52 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Feb 2021 12:14:25 GMT
server
sffe
age
530373
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23911
x-xss-protection
0
expires
Thu, 21 Apr 2022 00:12:52 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5E26 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Apr 2021 03:59:16 GMT
x-content-type-options
nosniff
server
cafe
age
84789
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 27 Apr 2021 03:59:16 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5E26 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Apr 2021 05:03:57 GMT
x-content-type-options
nosniff
server
cafe
age
80908
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 27 Apr 2021 05:03:57 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 5E26 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CmU4JyYWHYK6jJsTYgAfZ7LpQgYTH51uvw_GakQ3Gw-zovhYQASDY6rYgYOnkyYXYGqABoIGzwwPIAQKpAoG9O9s7R7Q-4AIAqAMByAMIqgTmAU_Qm25GvoDS6WDw4yfFdlzKG5gTw-2NaAy1dPq10N3f6HFfzIReikT4C7EHiNXo5WtfgxYE3lLNXTjRdwtdACtWNPwKXhsztWoLoeXpkJ98sIDKIStYfKDEoyDhQGAtamHq9lPXnZmw2kKffwqeCyyGSWGUpG3b_K70-lW6e_2wapVRfwsJAmq9WzHFplV_zLDgQu5ecU-Yb5lDoj_npqEg568HhFIKuGmGUzf2mmvOdyHh9CzG-On8jS1otjNjQ_Xydur0OJ8xB7u5W6mKjBCHlrwRpYUZ51GMyEKKC-EoyE_uDD6PwAT8p-Oh0AHgBAGSBQQIBBgBkgUECAUYBKAGAoAHoPbYPagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCAiwnSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTgxMzU4OTkxNTk0OTc2NDaACgPICwHYEw2yFxoKGAgAEhRwdWItNjg5NzkwMjE5MTcxNDgzMw&sigh=FDm2qV5jGL4
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
si
googleads.g.doubleclick.net/pagead/drt/ Frame 5E26
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Tue, 27 Apr 2021 03:32:25 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/022103020108001/ Frame 139F 		190 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022103020108001/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66e5ac641a594d3e75dafa96f0ef3ce4cac642ecb3311698461beefc164e0f81
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
541209
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55149
x-xss-protection
0
server
sffe
date
Tue, 20 Apr 2021 21:12:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"28692e13adbc87cf"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Apr 2022 21:12:17 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/022103020108001/v0/ Frame 139F 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022103020108001/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
403949
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4548
x-xss-protection
0
server
sffe
date
Thu, 22 Apr 2021 11:19:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4eb73d471ab4cb2c"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Apr 2022 11:19:57 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/022103020108001/v0/ Frame 139F 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022103020108001/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
363095
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27208
x-xss-protection
0
server
sffe
date
Thu, 22 Apr 2021 22:40:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"22950e05e749846e"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Apr 2022 22:40:51 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/022103020108001/v0/ Frame 139F 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022103020108001/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
388615
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9587
x-xss-protection
0
server
sffe
date
Thu, 22 Apr 2021 15:35:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"739644f32ad1483f"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Apr 2022 15:35:31 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/022103020108001/v0/ Frame 139F 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022103020108001/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
538454
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12827
x-xss-protection
0
server
sffe
date
Tue, 20 Apr 2021 21:58:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5cc8dcc2368726c7"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Apr 2022 21:58:12 GMT
4231368867473694915
tpc.googlesyndication.com/simgad/ Frame 139F 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4231368867473694915?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlxMO0hq-jpzw107_h3xLjrO6iU3g
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bdcb1081fe2c34558a32943d3c269d8e60eb28a2b25469d6d2c7b6b76bd70316
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 00:12:52 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Feb 2021 12:14:25 GMT
server
sffe
age
530374
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23911
x-xss-protection
0
expires
Thu, 21 Apr 2022 00:12:52 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 139F 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Apr 2021 03:59:16 GMT
x-content-type-options
nosniff
server
cafe
age
84790
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 27 Apr 2021 03:59:16 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 139F 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Apr 2021 05:03:57 GMT
x-content-type-options
nosniff
server
cafe
age
80909
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 27 Apr 2021 05:03:57 GMT
truncated
/ Frame 139F 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5c78153d848c5cf5a168ee4b734d06a65f73ce06ca8089eff396dddb25987d0b

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
l
www.google.com/ads/measurement/ Frame 139F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ9kkOdwdSnNANtct0AB_AtLakr-X5OuwR-ZS48GkVG094f6pQsKNz2bBtq0iKCWoF4QaCkKPLEfNnrX2y094Mvsgz1XA
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 139F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CrbFcyYWHYNbgJa3Z-gaJqYngBIGEx-dbr8PxmpENxsPs6L4WEAEg2Oq2IGDp5MmF2BqgAaCBs8MDyAECqQKBvTvbO0e0PuACAKgDAcgDCKoE5gFP0Es2pCLgWOzP7Ch0v6H9D0u8iR15Dgs38EEzJzthOuoa80sb9tn_u6D5ElwYQRO9ivQp5t9FYiUQ2u2M57BkJMDydxbGY918160LcRWZF1aRMLr_vw4wDWPQBGDi1x8NgH_C0ias3BifE-pmXDwNvfR3PXOw1JIjupfZSR_2MXojE49rfNLKhyqLhGyCW4w5TdykD8Q6cbVwsOC2y_zMYtEVsSRXsksAo2wpV0i-qpaMSWeDEuMrMeZFnwe7fsJYw1rwEFJfsJqNY0wmV1zUo9fU1SbUlF9wsMbv5ujPDD0zempb9MAE_KfjodAB4AQBkgUECAQYAZIFBAgFGASgBgKAB6D22D2oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ-aMK0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi04MTM1ODk5MTU5NDk3NjQ2gAoDyAsB2BMNshcaChgIABIUcHViLTY4OTc5MDIxOTE3MTQ4MzM&sigh=Rl5i3KvMMNI
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
amp4ads-v0.mjs
cdn.ampproject.org/rtv/022103020108001/ Frame 2A14 		190 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022103020108001/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66e5ac641a594d3e75dafa96f0ef3ce4cac642ecb3311698461beefc164e0f81
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
541209
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55149
x-xss-protection
0
server
sffe
date
Tue, 20 Apr 2021 21:12:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"28692e13adbc87cf"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Apr 2022 21:12:17 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/022103020108001/v0/ Frame 2A14 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022103020108001/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
403949
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4548
x-xss-protection
0
server
sffe
date
Thu, 22 Apr 2021 11:19:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4eb73d471ab4cb2c"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Apr 2022 11:19:57 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/022103020108001/v0/ Frame 2A14 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022103020108001/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
363095
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27208
x-xss-protection
0
server
sffe
date
Thu, 22 Apr 2021 22:40:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"22950e05e749846e"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Apr 2022 22:40:51 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/022103020108001/v0/ Frame 2A14 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022103020108001/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
388615
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9587
x-xss-protection
0
server
sffe
date
Thu, 22 Apr 2021 15:35:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"739644f32ad1483f"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Apr 2022 15:35:31 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/022103020108001/v0/ Frame 2A14 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022103020108001/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
538454
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12827
x-xss-protection
0
server
sffe
date
Tue, 20 Apr 2021 21:58:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5cc8dcc2368726c7"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Apr 2022 21:58:12 GMT
4231368867473694915
tpc.googlesyndication.com/simgad/ Frame 2A14 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4231368867473694915?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlxMO0hq-jpzw107_h3xLjrO6iU3g
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bdcb1081fe2c34558a32943d3c269d8e60eb28a2b25469d6d2c7b6b76bd70316
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 00:12:52 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Feb 2021 12:14:25 GMT
server
sffe
age
530374
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23911
x-xss-protection
0
expires
Thu, 21 Apr 2022 00:12:52 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2A14 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Apr 2021 03:59:16 GMT
x-content-type-options
nosniff
server
cafe
age
84790
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 27 Apr 2021 03:59:16 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2A14 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Apr 2021 05:03:57 GMT
x-content-type-options
nosniff
server
cafe
age
80909
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 27 Apr 2021 05:03:57 GMT
truncated
/ Frame 2A14 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ab407228533fb5b1037f4a497f4e6acf6a91196df97dc1dcb70a19d44bc55c1c

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
l
www.google.com/ads/measurement/ Frame 2A14 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRyKrLuAShzgq0NTkjPs9Z6IsBf_hnjneyAgv1wBInuxRr91CSf3tqoGfoJwNeytXT0mzFORjMN80nBA6XGcKYCttq2Zw
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 2A14 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CRgHmyYWHYNfgJa3Z-gaJqYngBIGEx-dbr8PxmpENxsPs6L4WEAEg2Oq2IGDp5MmF2BqgAaCBs8MDyAECqQKBvTvbO0e0PuACAKgDAcgDCKoE6QFP0K_Gfl-HVGwd_hmuq-Z0Jb5QJsH4MFHQv2GBmcGbSvxdYNJ8DG_vW97lhVvkIoMnUXfpFOyMvn504sfK2EQ66sOK2OJfmOzEadaAi3q8MqEjNKh3FFuXYx2DRzjPOMqv4R7h_6gwk3m7rF2YHfew86li98Y8i8Ry1k7u_JZZjOXY7pK9u-vI10td0_jEha_J-_WaGBcpD4cO9JdWwWVJ2TQ12A9lVpXHumeQLO9aonAyZY72ERbAwqgo7-IcclgYtVfgzDxC9JN_iwFBwtlfMafy33ehAYt_RBSruj0JW1M09RcZia3LXsAE_KfjodAB4AQBkgUECAQYAZIFBAgFGASgBgKAB6D22D2oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ_YkO0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi04MTM1ODk5MTU5NDk3NjQ2gAoDyAsB2BMNshcaChgIABIUcHViLTY4OTc5MDIxOTE3MTQ4MzM&sigh=tIDc5Xykxy0
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
csi
csi.gstatic.com/ Frame 5E26 		0
331 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?s=ampad&ctx=2&puid=1~1619494346036&qqid=CO6rv8m-nfACFUQs4AodWbYOCg&rt=any.link.3.16.d.7.j.1.16wu.16t0~any.script.3.t.1.6.0.0.481.3ip~any.script.3.15.2.h.0.0.l88.l4w~any.script.3.13.1.h.0.0.197.16y~any.script.3.15.1.j.0.0.9xa.9u6~any.img.6.q.5.7.e.0.igx.ig7~any.img.6.r.0.b.0.0.1y6.1xi~any.img.6.l.1.6.0.0.8v.87~any.img.6.1h.1n.0.0.0.0.0&met.a4a=dcl.1~ol.~nvs.1619494345902~ini.1619494346037
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032104130153000/v0/amp-analytics-0.1.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4008:c07::78 New Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:26 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 139F
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Tue, 27 Apr 2021 03:32:26 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 2A14
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: www.newser.com
URL: https://www.newser.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Tue, 27 Apr 2021 03:32:26 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
4231368867473694915
tpc.googlesyndication.com/simgad/ Frame 139F 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4231368867473694915?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlxMO0hq-jpzw107_h3xLjrO6iU3g
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022103020108001/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bdcb1081fe2c34558a32943d3c269d8e60eb28a2b25469d6d2c7b6b76bd70316
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 00:12:52 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Feb 2021 12:14:25 GMT
server
sffe
age
530374
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23911
x-xss-protection
0
expires
Thu, 21 Apr 2022 00:12:52 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 139F 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022103020108001/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Apr 2021 03:59:16 GMT
x-content-type-options
nosniff
server
cafe
age
84790
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 27 Apr 2021 03:59:16 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 139F 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022103020108001/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Apr 2021 05:03:57 GMT
x-content-type-options
nosniff
server
cafe
age
80909
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 27 Apr 2021 05:03:57 GMT
4231368867473694915
tpc.googlesyndication.com/simgad/ Frame 2A14 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4231368867473694915?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlxMO0hq-jpzw107_h3xLjrO6iU3g
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022103020108001/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bdcb1081fe2c34558a32943d3c269d8e60eb28a2b25469d6d2c7b6b76bd70316
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 00:12:52 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Feb 2021 12:14:25 GMT
server
sffe
age
530374
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23911
x-xss-protection
0
expires
Thu, 21 Apr 2022 00:12:52 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2A14 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022103020108001/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Apr 2021 03:59:16 GMT
x-content-type-options
nosniff
server
cafe
age
84790
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 27 Apr 2021 03:59:16 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2A14 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022103020108001/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Apr 2021 05:03:57 GMT
x-content-type-options
nosniff
server
cafe
age
80909
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 27 Apr 2021 05:03:57 GMT
bidding
bids.proper.io/api/ 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bids.proper.io/api/bidding
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.238.170.237 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-170-237.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 27 Apr 2021 03:32:26 GMT
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
p
i.simpli.fi/ 		746 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.simpli.fi/p?cid=&cb=sifi_att_42656._hp
Requested by
Host: i.simpli.fi
URL: https://i.simpli.fi/dpx.js?cid=3056&m=1&referrer=http://www.newser.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.179 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b3.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
03c7384b672af507615984849c1eb2bcdb1546d839f5b86516ace34cb0aa2119
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache, no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
date
Tue, 27 Apr 2021 03:32:27 GMT
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="http://www.simplifi.com/w3c/Policies.xml", CP="ADMa DEVa PSAa PSDa OUR IND DSP NON COR"
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
application/javascript; charset=UTF-8
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021042201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3d4989e4d0cc241d9764dc77ed47c2d1e28da1e9c6335e37a3ca87f49334ce33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 27 Apr 2021 03:32:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6956
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 139F 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssUx9IyjhK47Rl26YsHOf-j_XfxlCJt2XWZlE8CDpfIIWbLB88NmjvHixtLE-HYxZylHbIC3lgF9DozmzMqXRqwGhzLlXjTZhpJVr-g931uW458oKEcgplIkNATOw&sai=AMfl-YRXXmw5nQ4JjTcZd_O9XttGxaR4wuX5OkEmusUd0wBAtwO1iszVOtWHmJoLEGzjEGS_K7idc_0nCL1wo0hZYN6jWv4vdxHcwLym_GfamWGl5fpdkcVSxKbgflI&sig=Cg0ArKJSzNQmBZUFpq6NEAE&cid=CAASF-Ro6bqa0AVCsmSObLMX2sbEIq9tCG-i&id=ampim&o=561,55&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=160&tls=1160&g=100&h=100&tt=1160&r=v&avms=ampa&adk=1569744204
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Tue, 27 Apr 2021 03:32:27 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2A14 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv4Yr3GV5Am232C5a6FPvQuBr7Oppre_fU70MhD-DSQLH11kKqpEfIQFpp22mx3XPQ9GjKz-rBxmLZ7Ga7Iu0sm9iblRObzmudF1vyPmtZXEXJHxY0513UP1IbzPg&sai=AMfl-YRfM3xYUIiJTjl79id86OXK4qNtQ52P3BFViEXF9s6qVLwzYt9Q2ESkRJq_5Y4UkESOsMiinsrgecKl3Db_ftrIr44E2mFgcV2-Am7OqKk71q96bBMZw8kK90g&sig=Cg0ArKJSzCreYOyYLupHEAE&cid=CAASF-RoWUmFKILati25KcdflOPoU70QL55b&id=ampim&o=315,684&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=131&tls=1131&g=100&h=100&tt=1131&r=v&avms=ampa&adk=1045808715
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
simplifi.partners.tremorhub.com/
Redirect Chain
  • https://um.simpli.fi/telaria_p
  • https://simplifi.partners.tremorhub.com/sync?UISF=FA568737D7F04A39A9BA953054430ECC
43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simplifi.partners.tremorhub.com/sync?UISF=FA568737D7F04A39A9BA953054430ECC
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:7659:1bf:d736:fba9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:27 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

date
Tue, 27 Apr 2021 03:32:27 GMT
x-content-type-options
nosniff
server
nginx
location
https://simplifi.partners.tremorhub.com/sync?UISF=FA568737D7F04A39A9BA953054430ECC
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Mon, 26 Apr 2021 03:32:27 GMT
check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain
  • https://um.simpli.fi/tapad
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=FA568737D7F04A39A9BA953054430ECC
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=FA568737D7F04A39A9BA953054430ECC
95 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=FA568737D7F04A39A9BA953054430ECC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:27 GMT
via
1.1 google
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/png
alt-svc
clear
content-length
95

Redirect headers

date
Tue, 27 Apr 2021 03:32:27 GMT
via
1.1 google
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=FA568737D7F04A39A9BA953054430ECC
alt-svc
clear
content-length
0
aa_px
um.simpli.fi/
Redirect Chain
  • https://um.simpli.fi/ad_advisor
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=FA568737D7F04A39A9BA953054430ECC
  • https://d.agkn.com/pixel/10751/?che=1619494347&ip=37.120.211.132&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D164851003769000035736
  • https://um.simpli.fi/aa_px?sk=164851003769000035736
43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/aa_px?sk=164851003769000035736
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:27 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 26 Apr 2021 03:32:27 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 27 Apr 2021 03:32:27 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://um.simpli.fi/aa_px?sk=164851003769000035736
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
nexage
um.simpli.fi/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/nexage
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:27 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 26 Apr 2021 03:32:27 GMT
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain
  • https://um.simpli.fi/intentiq
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=FA568737D7F04A39A9BA953054430ECC
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=FA568737D7F04A39A9BA953054430ECC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.111.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-111-41.mad50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Tue, 27 Apr 2021 03:32:27 GMT
x-content-type-options
nosniff
server
nginx
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=FA568737D7F04A39A9BA953054430ECC
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Mon, 26 Apr 2021 03:32:27 GMT
pubmatic
um.simpli.fi/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:27 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 26 Apr 2021 03:32:27 GMT
freewheel
um.simpli.fi/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/freewheel
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:27 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 26 Apr 2021 03:32:27 GMT
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain
  • https://um.simpli.fi/dtnx
  • https://fei.pro-market.net/engine?du=24;csync=FA568737D7F04A39A9BA953054430ECC;mimetype=img;
  • https://fei.pro-market.net/engine?du=24;csync=FA568737D7F04A39A9BA953054430ECC;mimetype=img;sr
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=1783047598138805888
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=1783047598138805888
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.111.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-111-41.mad50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:27 GMT
via
1.1 google
server
Apache-Coyote/1.1
access-control-allow-origin
*
anserver
gapp-eu-5.c.datonics-gcp-01.internal
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=1783047598138805888
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
clear
content-length
0
expires
Mon, 1 Jan 1990 0:0:0 GMT
/
loadm.exelator.com/load/
Redirect Chain
  • https://um.simpli.fi/exelatem
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=FA568737D7F04A39A9BA953054430ECC&j=0
0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=2191&simid=FA568737D7F04A39A9BA953054430ECC&j=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:27 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Tue, 27 Apr 2021 03:32:27 GMT
x-content-type-options
nosniff
server
nginx
location
https://loadm.exelator.com/load/?p=204&g=2191&simid=FA568737D7F04A39A9BA953054430ECC&j=0
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Mon, 26 Apr 2021 03:32:27 GMT
yahoo
um.simpli.fi/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/yahoo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:27 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 26 Apr 2021 03:32:27 GMT
sync
sync.bfmio.com/
Redirect Chain
  • https://um.simpli.fi/beachfront
  • https://sync.bfmio.com/sync?pid=141&uid=FA568737D7F04A39A9BA953054430ECC
0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=141&uid=FA568737D7F04A39A9BA953054430ECC
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.41.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-41-235.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 27 Apr 2021 03:32:27 GMT

Redirect headers

date
Tue, 27 Apr 2021 03:32:27 GMT
x-content-type-options
nosniff
server
nginx
location
https://sync.bfmio.com/sync?pid=141&uid=FA568737D7F04A39A9BA953054430ECC
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Mon, 26 Apr 2021 03:32:27 GMT
29931
stags.bluekai.com/site/
Redirect Chain
  • https://um.simpli.fi/bluekai
  • https://stags.bluekai.com/site/29931?id=FA568737D7F04A39A9BA953054430ECC
62 B
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/29931?id=FA568737D7F04A39A9BA953054430ECC
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.45.99.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-99-241.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 03:32:27 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
BK-Server
7d7f
Content-Type
image/gif

Redirect headers

date
Tue, 27 Apr 2021 03:32:27 GMT
x-content-type-options
nosniff
server
nginx
location
https://stags.bluekai.com/site/29931?id=FA568737D7F04A39A9BA953054430ECC
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Mon, 26 Apr 2021 03:32:27 GMT
tpid=FA568737D7F04A39A9BA953054430ECC
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/
Redirect Chain
  • https://um.simpli.fi/crwdcntrl
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=FA568737D7F04A39A9BA953054430ECC
  • https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=FA568737D7F04A39A9BA953054430ECC
49 B
712 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=FA568737D7F04A39A9BA953054430ECC
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.130.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:33 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.25.106
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:29 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=FA568737D7F04A39A9BA953054430ECC
cache-control
no-cache
x-server
10.45.25.106
content-length
0
expires
0
merge
ce.lijit.com/
Redirect Chain
  • https://um.simpli.fi/lj_match
  • https://ce.lijit.com/merge?pid=2&3pid=FA568737D7F04A39A9BA953054430ECC
  • https://ce.lijit.com/merge?pid=2&3pid=FA568737D7F04A39A9BA953054430ECC&dnr=1
0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=FA568737D7F04A39A9BA953054430ECC&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Apr 2021 03:32:27 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 27 Apr 2021 03:32:27 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=2&3pid=FA568737D7F04A39A9BA953054430ECC&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
419566.gif
idsync.rlcdn.com/
Redirect Chain
  • https://um.simpli.fi/liveramp_match
  • https://idsync.rlcdn.com/419566.gif?partner_uid=FA568737D7F04A39A9BA953054430ECC
0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/419566.gif?partner_uid=FA568737D7F04A39A9BA953054430ECC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:27 GMT
via
1.1 google
alt-svc
clear
content-length
0

Redirect headers

date
Tue, 27 Apr 2021 03:32:27 GMT
x-content-type-options
nosniff
server
nginx
location
https://idsync.rlcdn.com/419566.gif?partner_uid=FA568737D7F04A39A9BA953054430ECC
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Mon, 26 Apr 2021 03:32:27 GMT
/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1619494347262&cv=7&fst=1619494347262&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=324453725&cv=7&fst=1619494347262&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cooki...
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=324453725&cv=7&fst=1619494347262&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte...
  • https://www.google.de/pagead/1p-conversion/1026675585/?random=324453725&cv=7&fst=1619494347262&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/1026675585/?random=324453725&cv=7&fst=1619494347262&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=y4WHYJT9FZ6j7_UPmqWL4AQ&cid=CAQSKQCNIrLMwIp2qXiQjrdo_cVUZpAF8TsUAn-6zkN6GR2z5Uhem86FUsvW&random=1091364514&ipr=y
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:27 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/1026675585/?random=324453725&cv=7&fst=1619494347262&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=y4WHYJT9FZ6j7_UPmqWL4AQ&cid=CAQSKQCNIrLMwIp2qXiQjrdo_cVUZpAF8TsUAn-6zkN6GR2z5Uhem86FUsvW&random=1091364514&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
partner
sync.search.spotxchange.com/
Redirect Chain
  • https://um.simpli.fi/spotx_match
  • https://sync.search.spotxchange.com/partner?adv_id=7797&uid=FA568737D7F04A39A9BA953054430ECC
  • https://sync.search.spotxchange.com/partner?adv_id=7797&uid=FA568737D7F04A39A9BA953054430ECC&__user_check__=1&sync_id=3094924e-a709-11eb-b0ad-155da6fd0106
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=FA568737D7F04A39A9BA953054430ECC&__user_check__=1&sync_id=3094924e-a709-11eb-b0ad-155da6fd0106
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.125 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 03:32:27 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
70
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Tue, 27 Apr 2021 03:32:27 GMT
Server
nginx
Location
/partner?adv_id=7797&uid=FA568737D7F04A39A9BA953054430ECC&__user_check__=1&sync_id=3094924e-a709-11eb-b0ad-155da6fd0106
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
91
Connection
keep-alive
Content-Length
0
setuid
ib.adnxs.com/
Redirect Chain
  • https://um.simpli.fi/an
  • https://ib.adnxs.com/setuid?entity=66&code=FA568737D7F04A39A9BA953054430ECC
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=66&code=FA568737D7F04A39A9BA953054430ECC
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Apr 2021 03:32:27 GMT
X-Proxy-Origin
37.120.211.132; 37.120.211.132; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.233:80
AN-X-Request-Uuid
77ddfeb0-ae7c-4bb9-b479-1e049f4ecc25
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

date
Tue, 27 Apr 2021 03:32:27 GMT
x-content-type-options
nosniff
server
nginx
location
https://ib.adnxs.com/setuid?entity=66&code=FA568737D7F04A39A9BA953054430ECC
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Mon, 26 Apr 2021 03:32:27 GMT
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://um.simpli.fi/rb_match
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=FA568737D7F04A39A9BA953054430ECC&expires=365
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=FA568737D7F04A39A9BA953054430ECC&expires=365
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/gif

Redirect headers

date
Tue, 27 Apr 2021 03:32:27 GMT
x-content-type-options
nosniff
server
nginx
location
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=FA568737D7F04A39A9BA953054430ECC&expires=365
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Mon, 26 Apr 2021 03:32:27 GMT
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=FA568737D7F04A39A9BA953054430ECC
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=FA568737D7F04A39A9BA953054430ECC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:27 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Tue, 27 Apr 2021 03:32:27 GMT
x-content-type-options
nosniff
server
nginx
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=FA568737D7F04A39A9BA953054430ECC
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Mon, 26 Apr 2021 03:32:27 GMT
g_match
um.simpli.fi/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
  • https://um.simpli.fi/g_match?id=&google_gid=CAESEBp2Qo3XPD-N6RIUzDB6Rdc&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FA568737D7F04A39A9BA953054430ECC
  • https://um.simpli.fi/g_match?id=
0
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/g_match?id=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:27 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Mon, 26 Apr 2021 03:32:27 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:27 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://um.simpli.fi/g_match?id=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
229
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 9FD6 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.newser.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Mon, 26 Apr 2021 22:16:43 GMT
expires
Tue, 26 Apr 2022 22:16:43 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
18944
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js
pagead2.googlesyndication.com/bg/ Frame 9FD6 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c24a517cf3dc453e6046e54ec1f6944bd762da6fc68447fcfa84c374723bbb09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 20:36:28 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
24959
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5710
x-xss-protection
0
expires
Tue, 26 Apr 2022 20:36:28 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021042201&jk=984185828549369&bg=!V1SlVBDNAAZUuIlwVLg7ACkAdvg8WqG5lQivD8XiV8ldb65WdDYEfGXpzRQJkuTPtNHbcmWhzbClQgIAAABkUgAAAAloAQcKACCat9Am3L8akgsBmKkOmCJRD9qHl1m3PwpLcbwMEbLBJZkCFPxVczEML3nvB9b5ef4AlvX8yrCYHXqfiVsxyNefo7pxW35wx3lv7HuBNmINn42La3VGqBrpKvaxk6FX0Pa_htlkWXSJ7lLDar06CzJEVOCY4rU5PqNSls_Sz7CzH_zssz8SHF4_-OOZU604QRbkh7n2xVHAW3xwSWcl3j1rodll47uExfKbrH0LeLk1fC94ERsLw4pse7PgKK8oHmsIaFJoDhixuXiIUesG44gjAm5T1Lqaf6nRcjIQoHM3Mos7myLrF0Aroa3S6XCSTkDCY6gijggtPCZgIqp0bAgQ_AdrsA91iLyef9o9bIIKxj1dqVXS-6A_nzb5D6mlmDbcy__QMmojX6QPL5usF8NmscN7O6RnaLOEGreWXasdn9xDvCXrc1QKPrnbVOUUKuJL7L3XEipvid-8MibWaiT5e7BSV4brFLeIhjt7VJs4TAPMbh0tNOEHODwxd7U9bjD3bw08FUiIiPTf1XfSaw0Bt70sqcaWYKaw93Q6kgjhK6OHimSnw94IYNKdgACTyH8VGjIqugCf3J_MBCezUMqkkDoHtqS2X0iPNy3M9VrDp1HpVGA1dIew0oN40nIDUnyWkfs9p6GmoJUBQ-X2Yetjl11d9--IiZnEm-UucfsGumxO_wW32i_gWMnzEjXFwJStHq90nbxeyBT1aKROYo0X7zXSFQCMX4fohAnHHWRIZTbs67Zpfnc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame ACD1 		995 B
875 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.newser.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/

Response headers

Server
nginx/1.13.10
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
"573e714d-3e3"
Access-Control-Allow-Origin
*
Content-Type
text/html
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
506
Cache-Control
max-age=31536000
Expires
Wed, 27 Apr 2022 03:32:29 GMT
Date
Tue, 27 Apr 2021 03:32:29 GMT
Connection
keep-alive
ixmatch.html
js-sec.indexww.com/um/ Frame 9871 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.newser.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Tue, 27 Apr 2021 03:32:29 GMT
Connection
keep-alive
iframe
mantodea.mantisadnetwork.com/prebid/ Frame 68D0 		332 B
570 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-120&buster=1619494342527&secure=true&version=9&mobile=false&title=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&url=https%3A%2F%2Fwww.newser.com%2F
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.15.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ Express
Resource Hash
dcdd298c3cc61adb49700ead4da02f60b10cab0a1df4888019d121a02e3b275c

Request headers

:method
GET
:authority
mantodea.mantisadnetwork.com
:scheme
https
:path
/prebid/iframe?tz=-120&buster=1619494342527&secure=true&version=9&mobile=false&title=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&url=https%3A%2F%2Fwww.newser.com%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.newser.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/

Response headers

date
Tue, 27 Apr 2021 03:32:29 GMT
content-type
text/html; charset=utf-8
content-length
332
x-powered-by
Express
vary
Origin
access-control-allow-credentials
true
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
expires
-1
etag
W/"14c-ox8oPFrHKR2sNnUKayj3lhejm5I"
index.html
cdn.districtm.io/ids/ Frame 4AAB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.newser.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/

Response headers

date
Tue, 27 Apr 2021 03:32:29 GMT
set-cookie
__cfduid=df465f324dd028230bfd510b49a8ee00f1619494349; expires=Thu, 27-May-21 03:32:29 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
cf-request-id
09b2fbc10600004c0db12f2000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6464fbe1a9b34c0d-AMS
Cookie set check.html
biddr.brealtime.com/ Frame 5DF4 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Host
biddr.brealtime.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.newser.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/

Response headers

Date
Tue, 27 Apr 2021 03:32:29 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=dd2c83cd8abfaa533d6800beb543fe60b1619494349; expires=Thu, 27-May-21 03:32:29 GMT; path=/; domain=.brealtime.com; HttpOnly; SameSite=Lax
x-amz-id-2
TbU7+yzfDH91yM7VEhnmJ9E9h3lSNIMTdpc6Bvd6SS2kV+U2BANWAwb92QDmUbs8n2XpkbFT7eo=
x-amz-request-id
6ABKPVGKJW10GS23
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
2495
Expires
Tue, 27 Apr 2021 03:33:29 GMT
Cache-Control
public, max-age=60
cf-request-id
09b2fbc10800000b3fe83c4000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6464fbe1ab9b0b3f-AMS
Content-Encoding
gzip
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 4B59
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.newser.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.newser.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.newser.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c2c11fc3b53a5def31091b52939877d6051161be65f7c614d2a57b9c73355974

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YIeFzbHLhFuPJgdDdZtULQAA; CMPS=1178
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
45|39|230|241|188|221|57|64
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1603
Expires
Tue, 27 Apr 2021 03:32:29 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 27 Apr 2021 03:32:29 GMT
Connection
keep-alive
Set-Cookie
CMID=YIeFzbHLhFuPJgdDdZtULQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 27 Apr 2022 03:32:29 GMT CMPS=1178;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 26 Jul 2021 03:32:29 GMT CMPRO=1205;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 26 Jul 2021 03:32:29 GMT CMST=YIeFzWCHhc0A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 28 Apr 2021 03:32:29 GMT CMRUM3=40608785cd05a0&e6608785cd27600&f1608785cd05a0&bc608785cd05a00&27608785cd0b40&dd608785cd27600&2d608785cd05a0&39608785cd05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 27 Apr 2022 03:32:29 GMT

Redirect headers

Server
Apache
Content-Length
337
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://www.newser.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Tue, 27 Apr 2021 03:32:29 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 27 Apr 2021 03:32:29 GMT
Connection
keep-alive
Set-Cookie
CMID=YIeFzbHLhFuPJgdDdZtULQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 27 Apr 2022 03:32:29 GMT CMPS=1178;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 26 Jul 2021 03:32:29 GMT
bounce
secure.adnxs.com/ Frame ACD1
Redirect Chain
  • https://secure.adnxs.com/async_usersync?cbfn=AN_async_load
  • https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load
0
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Apr 2021 03:32:29 GMT
X-Proxy-Origin
37.120.211.132; 37.120.211.132; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.8:80
AN-X-Request-Uuid
d53f30da-da48-4378-ba7f-cfc0129560d8
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 27 Apr 2021 03:32:29 GMT
X-Proxy-Origin
37.120.211.132; 37.120.211.132; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.51:80
AN-X-Request-Uuid
3ebcbbcb-4c9a-420b-9ebe-b0f1e4ce5644
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 4B59
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YIeFzbHLhFuPJgdDdZtULQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL2ksIdCtBTwwTq2jItzN74&google_cver=1
43 B
1002 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL2ksIdCtBTwwTq2jItzN74&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.newser.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Apr 2021 03:32:29 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 27 Apr 2021 03:32:29 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL2ksIdCtBTwwTq2jItzN74&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 4B59 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YIeFzbHLhFuPJgdDdZtULQAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.newser.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.11.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:29 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame 4B59
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YIeFzbHLhFuPJgdDdZtULQAABLUAAAAB
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YIeFzbHLhFuPJgdDdZtULQAABLUAAAAB&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEKa8y7fJt8axwzx_OTbccHM&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEKa8y7fJt8axwzx_OTbccHM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.newser.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Apr 2021 03:32:29 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 27 Apr 2021 03:32:29 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEKa8y7fJt8axwzx_OTbccHM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 4B59
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YIeFzbHLhFuPJgdDdZtULQAABLUAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YIeFzbHLhFuPJgdDdZtULQAABLUAAAAB&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YIeFzbHLhFuPJgdDdZtULQAABLUAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.newser.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Apr 2021 03:32:29 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 27 Apr 2021 03:32:29 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YIeFzbHLhFuPJgdDdZtULQAABLUAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
CookieIndex
rtb.adentifi.com/ Frame 4B59 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.newser.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.163.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
tpid=YIeFzbHLhFuPJgdDdZtULQAA%261205
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame 4B59
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YIeFzbHLhFuPJgdDdZtULQAA%261205
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YIeFzbHLhFuPJgdDdZtULQAA%261205
0
0
crum
dsum-sec.casalemedia.com/ Frame 4B59
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=875739026286350479
43 B
993 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=875739026286350479
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.newser.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Apr 2021 03:32:29 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 27 Apr 2021 03:32:29 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=875739026286350479
Date
Tue, 27 Apr 2021 03:32:29 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rum
dsum-sec.casalemedia.com/ Frame 4B59
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1622086349
43 B
985 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1622086349
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.newser.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Apr 2021 03:32:29 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 27 Apr 2021 03:32:29 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:28 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1622086349
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 4B59 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YIeFzbHLhFuPJgdDdZtULQAA%261205
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.newser.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 03:32:29 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1414
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 27 Apr 2021 03:56:03 GMT
quant.js
secure.quantserve.com/ Frame 68D0 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-120&buster=1619494342527&secure=true&version=9&mobile=false&title=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&url=https%3A%2F%2Fwww.newser.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8000d797097e74bfff377d2f3fca7e046ee4490ea4edb70c2c0b189575847629

Request headers

Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:29 GMT
content-encoding
gzip
etag
"9iaPKZLFg6XYoMRMhilE8g=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Tue, 04 May 2021 03:32:29 GMT
query
ecs.mantisadnetwork.com/sync/pixel/ Frame 68D0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rjrqv8k&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=rjrqv8k&ttd_tpi=1
  • https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=6a29a4ac-32c1-4184-a96e-95744166ca2c
35 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=6a29a4ac-32c1-4184-a96e-95744166ca2c
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-120&buster=1619494342527&secure=true&version=9&mobile=false&title=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&url=https%3A%2F%2Fwww.newser.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.15.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:29 GMT
x-powered-by
Express
etag
W/"23-X71HIiL+uKIs9biqXcW44Tr4jis"
content-length
35
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:29 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=6a29a4ac-32c1-4184-a96e-95744166ca2c
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
241
rules-p-8p-p7hkcWNjJm.js
rules.quantcount.com/ Frame 68D0 		3 B
429 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-8p-p7hkcWNjJm.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c8:2600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 12:53:40 GMT
via
1.1 e5774f09cc2ae0875c0445786827ad1b.cloudfront.net (CloudFront)
age
52730
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 20:14:17 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
MAD50-C1
accept-ranges
bytes
x-amz-cf-id
sPOfXFuE5Z_ssyajoFdzLUlzOtVunD82qWX3St27TVAy4J6UHpKI8A==
pixel;r=659584416;labels=property.5f4e89f15abbca000788396e;rf=0;a=p-8p-p7hkcWNjJm;url=https%3A%2F%2Fmantodea.mantisadnetwork.com%2Fprebid%2Fiframe%3Ftz%3D-120%26buster%3D1619494342527%26secure%3Dtr...
pixel.quantserve.com/ Frame 68D0 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=659584416;labels=property.5f4e89f15abbca000788396e;rf=0;a=p-8p-p7hkcWNjJm;url=https%3A%2F%2Fmantodea.mantisadnetwork.com%2Fprebid%2Fiframe%3Ftz%3D-120%26buster%3D1619494342527%26secure%3Dtrue%26version%3D9%26mobile%3Dfalse%26title%3DNewser%2520%257C%2520Headline%2520News%2520Summaries%252C%2520World%2520News%252C%2520and%2520Breaking%2520News%26url%3Dhttps%253A%252F%252Fwww.newser.com%252F;ref=https%3A%2F%2Fwww.newser.com%2F;uht=2;fpan=1;fpa=P0-942319548-1619494349377;pbcn=u;pbc=;ns=1;ce=1;qjs=1;qv=1558287b-20210421211215;cm=;gdpr=0;d=mantodea.mantisadnetwork.com;je=0;sr=1600x1200x24;dst=1;et=1619494349377;tzo=-120;ogl=
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-120&buster=1619494342527&secure=true&version=9&mobile=false&title=Newser%20%7C%20Headline%20News%20Summaries%2C%20World%20News%2C%20and%20Breaking%20News&url=https%3A%2F%2Fwww.newser.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:29 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
sync
pre.ads.justpremium.com/v/1.0/t/ Frame 378A 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pre.ads.justpremium.com/v/1.0/t/sync?_c=abugyvh1619494342793
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.127.188 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0d8bcd89148e12d3d09e89da17fb6349af8c4bbee7427f91fd56a59d5e72a872

Request headers

:method
GET
:authority
pre.ads.justpremium.com
:scheme
https
:path
/v/1.0/t/sync?_c=abugyvh1619494342793
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.newser.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/

Response headers

date
Tue, 27 Apr 2021 03:32:30 GMT
content-type
text/html; charset=utf-8
cache-control
public, no-cache, no-store, must-revalidate
showad.js
ads.pubmatic.com/AdServer/js/ Frame 1183 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.newser.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=158558
Expires
Wed, 28 Apr 2021 23:35:08 GMT
Date
Tue, 27 Apr 2021 03:32:30 GMT
Connection
keep-alive
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 31DF 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.newser.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 27 Apr 2021 03:32:30 GMT
Connection
keep-alive
Vary
Accept-Encoding
iframe
sync.teads.tv/ Frame F113 		153 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.teads.tv/iframe?gdprIab=%7B%22status%22%3A12%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.3 /
Resource Hash
716a727e47216ad28191f60fb09d59015b1bcb3df8cc32b5bb94f73d534a5732

Request headers

:method
GET
:authority
sync.teads.tv
:scheme
https
:path
/iframe?gdprIab=%7B%22status%22%3A12%7D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.newser.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/

Response headers

content-type
text/html; charset=UTF-8
server
akka-http/10.2.3
content-length
153
expires
Tue, 27 Apr 2021 03:32:30 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Tue, 27 Apr 2021 03:32:30 GMT
set-cookie
tt_bluekai=; Expires=Wed, 28 Apr 2021 03:32:30 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_exelate=; Expires=Wed, 28 Apr 2021 03:32:30 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_emetriq=; Expires=Wed, 28 Apr 2021 03:32:30 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_liveramp=; Expires=Wed, 28 Apr 2021 03:32:30 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_neustar=; Expires=Wed, 28 Apr 2021 03:32:30 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_salesforce=; Expires=Wed, 28 Apr 2021 03:32:30 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_dar=; Expires=Wed, 28 Apr 2021 03:32:30 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_skp=; Expires=Wed, 28 Apr 2021 03:32:30 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_retargetly=; Expires=Wed, 28 Apr 2021 03:32:30 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None
sync
eb2.3lift.com/ Frame 4502
Redirect Chain
  • https://ib.3lift.com/sync?
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.65.205 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-65-205.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
1672a0f3dfa1dbbaaeac0f999d849556f4074500ddfde1e20ad9640d6c41b04d

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?&ld=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.newser.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
tluid=2621978583795645161
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/

Response headers

date
Tue, 27 Apr 2021 03:32:30 GMT
content-type
text/html; charset=utf-8
content-length
476
set-cookie
sync=CgoIgQIQwN-Ki5EvCgoIkQIQwN-Ki5EvCgoI4gEQwN-Ki5EvCgoIkgIQwN-Ki5EvCgoI5gEQwN-Ki5EvCgoIhwIQwN-Ki5EvCgkIOhDA34qLkS8KCQgLEMDfiouRLwoJCF8QwN-Ki5EvCgkIHxDA34qLkS8=; Max-Age=7776000; Expires=Mon, 26 Jul 2021 03:32:30 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=2621978583795645161; Max-Age=7776000; Expires=Mon, 26 Jul 2021 03:32:30 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

date
Tue, 27 Apr 2021 03:32:30 GMT
content-length
0
set-cookie
tluid=2621978583795645161; Max-Age=7776000; Expires=Mon, 26 Jul 2021 03:32:30 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
location
/sync?&ld=1
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usync.js
eus.rubiconproject.com/ Frame 31DF 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ed2d993c35cd51826ee304739d91e554bd9faa1b120602fc4b3baa15941a9e35

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 03:32:30 GMT
Content-Encoding
gzip
Last-Modified
Mon, 19 Apr 2021 20:34:13 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=9806
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9242
Expires
Tue, 27 Apr 2021 06:15:56 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 1183 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=2059282&p=109126&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1&async=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
579748b8db43302d9a159abfebf41bf6f9e17d1ae5819412c120b5922af4ae1b

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 03:32:29 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
khaos.jpg
token.rubiconproject.com/ Frame 31DF 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/jpg
usersync.aspx
dis.criteo.com/dis/ Frame F322 		43 B
304 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Tue, 27 Apr 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
1283
date
Tue, 27 Apr 2021 03:32:30 GMT
content-length
43
pubmatic
d5p.de17a.com/getuid/ Frame ADBB 		35 B
134 B 		Document
General
Check archive.org
Download Go to
Full URL
https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.155.156.169 , Sweden, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
213-155-156-169.teliacarrier-cust.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

:method
GET
:authority
d5p.de17a.com
:scheme
https
:path
/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
35
content-type
image/gif
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1183
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DQcnBDw8TOarLBX3C7SEsA%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 03:32:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=77819
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Wed, 28 Apr 2021 01:09:29 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 1183 		95 B
596 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=0D072704-3C3C-4CE6-AB2C-15F70BB484B0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:30 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6464fbecacb1d6cd-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09b2fbc7ec0000d6cda0346000000001
info2
uipglob.semasio.net/pubmatic/1/ Frame 1183
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=0D072704-3C3C-4CE6-AB2C-15F70BB484B0&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=0D072704-3C3C-4CE6-AB2C-15F70BB484B0&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=0D072704-3C3C-4CE6-AB2C-15F70BB484B0&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:30 GMT
frontend-id
4
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:30 GMT
frontend-id
6
location
/pubmatic/1/info2?sType=sync&sExtCookieId=0D072704-3C3C-4CE6-AB2C-15F70BB484B0&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 1183
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=0D072704-3C3C-4CE6-AB2C-15F70BB484B0&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=0D072704-3C3C-4CE6-AB2C-15F70BB484B0&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=0D072704-3C3C-4CE6-AB2C-15F70BB484B0&addseg=21
7 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=0D072704-3C3C-4CE6-AB2C-15F70BB484B0&addseg=21
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.190.106 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 03:32:31 GMT
Connection
keep-alive
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Tue, 27 Apr 2021 03:32:30 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=0D072704-3C3C-4CE6-AB2C-15F70BB484B0&addseg=21
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
135
Pug
image2.pubmatic.com/AdServer/ Frame 1183
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MEQwNzI3MDQtM0MzQy00Q0U2LUFCMkMtMTVGNzBCQjQ4NEIw&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 03:32:31 GMT
X-lat
lhrpug008:0:300
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 1183
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFYIb4P6drpkxWNYeGqKU4k&google_cver=1
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFYIb4P6drpkxWNYeGqKU4k&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 03:32:31 GMT
X-lat
lhrpug011:0:435
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFYIb4P6drpkxWNYeGqKU4k&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 1183 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:30 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 26 Apr 2021 03:32:30 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1183
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:22286087-85ce-4700-b23f-e537115f5715&gdpr=0&gdpr_consent=
42 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:22286087-85ce-4700-b23f-e537115f5715&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 03:32:31 GMT
X-lat
lhrpug002:0:475
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Tue, 27 Apr 2021 03:32:30 GMT
Server
MT3 3660 495c301 master zrh-pixel-x2
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:22286087-85ce-4700-b23f-e537115f5715&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 27 Apr 2021 03:32:29 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1183
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3996633480376740204
42 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3996633480376740204
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 03:32:31 GMT
X-lat
lhrpug014:0:374
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:30 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3996633480376740204
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 1183
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=6a29a4ac-32c1-4184-a96e-95744166ca2c
42 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=6a29a4ac-32c1-4184-a96e-95744166ca2c
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 03:32:31 GMT
X-lat
lhrpug017:0:479
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:30 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=6a29a4ac-32c1-4184-a96e-95744166ca2c
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 1183
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4362628138997400124&gdpr=0&gdpr_consent=
42 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4362628138997400124&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 03:32:31 GMT
X-lat
lhrpug006:0:421
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Tue, 27 Apr 2021 03:32:30 GMT
X-Proxy-Origin
37.120.211.132; 37.120.211.132; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.7:80
AN-X-Request-Uuid
b37d6b79-3fac-406e-85e3-8ee54c897112
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4362628138997400124&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
0D072704-3C3C-4CE6-AB2C-15F70BB484B0
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 1183 		43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/0D072704-3C3C-4CE6-AB2C-15F70BB484B0?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:30 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 1183
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0D072704-3C3C-4CE6-AB2C-15F70BB484B0&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0D072704-3C3C-4CE6-AB2C-15F70BB484B0&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-0SqzvnZE2uVr5aDH0DvxPqJ7nWQFTHQ-~A&gdpr=0&gdpr_consent=
0
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-0SqzvnZE2uVr5aDH0DvxPqJ7nWQFTHQ-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 03:32:29 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 27 Apr 2021 03:32:30 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-0SqzvnZE2uVr5aDH0DvxPqJ7nWQFTHQ-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 1183
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=c647e42d-1250-4631-8c5e-1e4fe110bed2&ssp=pubmatic&user_group=1
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=366&expires=14&user_id=c647e42d-1250-4631-8c5e-1e4fe110bed2&ssp=pubmatic&user_group=1
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ca99a85e-ff88-4b37-8e55-0f72b3c8a270&gdpr=&gdpr_consent=&gdpr_pd=
1 B
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ca99a85e-ff88-4b37-8e55-0f72b3c8a270&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 03:32:31 GMT
X-lat
lhrpug004:0:463
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ca99a85e-ff88-4b37-8e55-0f72b3c8a270&gdpr=&gdpr_consent=&gdpr_pd=
date
Tue, 27 Apr 2021 03:32:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
generic
match.adsrvr.org/track/cmf/ Frame 4502 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.11.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:30 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuid
eb2.3lift.com/ Frame 4502
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJuNX0d-MRIw0UN4UlUuCO8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJuNX0d-MRIw0UN4UlUuCO8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.65.205 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-65-205.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:30 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJuNX0d-MRIw0UN4UlUuCO8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4502
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjYyMTk3ODU4Mzc5NTY0NTE2MQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjYyMTk3ODU4Mzc5NTY0NTE2MQ%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjYyMTk3ODU4Mzc5NTY0NTE2MQ%3D%3D
date
Tue, 27 Apr 2021 03:32:30 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
c.gif
c.bing.com/ Frame 4502 		42 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=2621978583795645161&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:30 GMT
etag
"506f5bd17ad71:0"
last-modified
Tue, 23 Feb 2021 19:11:50 GMT
x-msedge-ref
Ref A: F486678CC6DA4BAEBB7143533314CF08 Ref B: FRAEDGE1417 Ref C: 2021-04-27T03:32:30Z
x-powered-by
ASP.NET
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
xuid
eb2.3lift.com/ Frame 4502
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2621978583795645161?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-VF5gsZZE2oT99bkQGq4reW_BtO.mt_q5kf9JC6EnLA--~A&dongle=0883
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-VF5gsZZE2oT99bkQGq4reW_BtO.mt_q5kf9JC6EnLA--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.65.205 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-65-205.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:30 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Tue, 27 Apr 2021 03:32:30 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-VF5gsZZE2oT99bkQGq4reW_BtO.mt_q5kf9JC6EnLA--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 4502
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=4362628138997400124&dongle=4d58&gdpr=1&gdpr_consent=
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=4362628138997400124&dongle=4d58&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.65.205 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-65-205.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:30 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Tue, 27 Apr 2021 03:32:30 GMT
X-Proxy-Origin
37.120.211.132; 37.120.211.132; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.55:80
AN-X-Request-Uuid
35b959cc-5fbb-43a5-9029-e6ccc1bf8a2f
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=4362628138997400124&dongle=4d58&gdpr=1&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
iu3
s.amazon-adsystem.com/ Frame 4502
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=2621978583795645161
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2621978583795645161&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2621978583795645161&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Tue, 27 Apr 2021 03:32:30 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2621978583795645161&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 4502
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.65.205 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-65-205.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Tue, 27 Apr 2021 03:32:31 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
setuid
ib.adnxs.com/prebid/ Frame 4502 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=2621978583795645161
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
setuid
ib.adnxs.com/prebid/ Frame 4502 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=2621978583795645161
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
usersync.html
cdn.undertone.com/js/ Frame B39D 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c8:5600:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
21d46bb0a238b8c1b0ab5ea12b5fa6cab58b90e30ca08727321e1e40e2970046

Request headers

:method
GET
:authority
cdn.undertone.com
:scheme
https
:path
/js/usersync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.newser.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/

Response headers

content-type
text/html
last-modified
Wed, 16 Dec 2020 12:35:23 GMT
server
AmazonS3
content-encoding
gzip
date
Tue, 27 Apr 2021 02:12:05 GMT
etag
W/"8ee422394c26ec0371c4676b43dd838d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 52523006e1ee5c08eea6e9267e18fabf.cloudfront.net (CloudFront)
x-amz-cf-pop
MAD50-C1
x-amz-cf-id
18fJftILlag4RK28rfwxXeQiUR9TxqL3hY4RG3A3Ms884Ro0DSOYzA==
age
4828
sync_iframe
sync.bfmio.com/ Frame F453 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.bfmio.com/sync_iframe?ifg=1&id=&gdpr=0&gc=&gce=1&us_privacy=1---
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.41.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-41-235.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Host
sync.bfmio.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.newser.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/

Response headers

Date
Tue, 27 Apr 2021 03:32:32 GMT
Connection
keep-alive
showad.js
ads.pubmatic.com/AdServer/js/ Frame 2481 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.newser.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_466=16530-ca99a85e-ff88-4b37-8e55-0f72b3c8a270; PugT=1619494351; PUBMDCID=3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=158557
Expires
Wed, 28 Apr 2021 23:35:08 GMT
Date
Tue, 27 Apr 2021 03:32:31 GMT
Connection
keep-alive
Vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame BBE2
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
1007 B
865 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
6d155e5eff7fc3cfd3e3707287c42586133a71d101fd32477752f271db348523

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.newser.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=12eada43-bc4a-008a-274b-2a0642c49afb|1619494351
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=12eada43-bc4a-008a-274b-2a0642c49afb|1619494351; Version=1; Expires=Wed, 27-Apr-2022 03:32:31 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1619494351|mOgegqnskin0vNomiygu; Version=1; Expires=Wed, 12-May-2021 03:32:31 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.205.4
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 27 Apr 2021 03:32:31 GMT
content-type
text/html
content-length
547
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

set-cookie
i=12eada43-bc4a-008a-274b-2a0642c49afb|1619494351; Version=1; Expires=Wed, 27-Apr-2022 03:32:31 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.205.4
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
date
Tue, 27 Apr 2021 03:32:31 GMT
content-length
0
via
1.1 google
alt-svc
clear
v2
de.tynt.com/deb/ Frame E3B4 		75 B
289 B 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=aAb9LgbZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.187 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

:method
GET
:authority
de.tynt.com
:scheme
https
:path
/deb/v2?m=xch&rt=html&id=aAb9LgbZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.newser.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/

Response headers

cache-control
max-age=86400
expires
Wed, 28 Apr 2021 03:32:32 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
75
date
Tue, 27 Apr 2021 03:32:31 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
PugMaster
image6.pubmatic.com/AdServer/ Frame 2481 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=18305995&p=109126&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1&async=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
8aee0c6c1b1d062d607cf441f7b6b1287e66e2f9c71e951be9c41a041a7503a9

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 03:32:32 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
5581835e-8561-ad34-4c4a-f41bd9b4644f
pr-bh.ybp.yahoo.com/sync/openx/ Frame BBE2 		43 B
574 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/5581835e-8561-ad34-4c4a-f41bd9b4644f?gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:32 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame BBE2
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=QbXWE2Ps1LBesE5
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=QbXWE2Ps1LBesE5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:32 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 27 Apr 2021 03:32:31 GMT
Server
PingMatch/v2.0.30-645-g00be234#rel-ec2-master i-0836db39755ba9113@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=QbXWE2Ps1LBesE5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame BBE2
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=16122757-8bd9-4419-8bf2-3ed30e67139e&ssp=openx
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=ca99a85e-ff88-4b37-8e55-0f72b3c8a270
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=ca99a85e-ff88-4b37-8e55-0f72b3c8a270
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:32 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//us-u.openx.net/w/1.0/sd?id=537072968&val=ca99a85e-ff88-4b37-8e55-0f72b3c8a270
date
Tue, 27 Apr 2021 03:32:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
adx
match.prod.bidr.io/cookie-sync/ Frame BBE2
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHcEswN0JEd3dBQUNzcnRRSjF1dw&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.106.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 27 Apr 2021 03:32:32 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
360
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame BBE2
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=20986087-85cf-4a00-9f6f-84600926b913
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=20986087-85cf-4a00-9f6f-84600926b913
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:32 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 27 Apr 2021 03:32:31 GMT
Server
MT3 3660 495c301 master zrh-pixel-x31
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=20986087-85cf-4a00-9f6f-84600926b913
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 27 Apr 2021 03:32:30 GMT
sd
us-u.openx.net/w/1.0/ Frame BBE2
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=tEQ_vrpBY7mvRDC-5xUq6uNHZuqvQWG45EUOK0x1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=tEQ_vrpBY7mvRDC-5xUq6uNHZuqvQWG45EUOK0x1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:32 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:32 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=tEQ_vrpBY7mvRDC-5xUq6uNHZuqvQWG45EUOK0x1
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame BBE2
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3714429003386952436
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3714429003386952436
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:32 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:32 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3714429003386952436
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame BBE2 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=c146e51a-15cd-3f7d-7d9d-e2ee26e3a906&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.11.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:32 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame BBE2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZWQyOTM2ZDAtZGNiYS02MWQ5LTY4N2QtYjg1N2VjMDE2NzY2
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZWQyOTM2ZDAtZGNiYS02MWQ5LTY4N2QtYjg1N2VjMDE2NzY2&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZWQyOTM2ZDAtZGNiYS02MWQ5LTY4N2QtYjg1N2VjMDE2NzY2&google_tc=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZWQyOTM2ZDAtZGNiYS02MWQ5LTY4N2QtYjg1N2VjMDE2NzY2&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame BBE2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOOf9tH0KWjchgP6QwHqOsU&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOOf9tH0KWjchgP6QwHqOsU&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:32 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOOf9tH0KWjchgP6QwHqOsU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame B71B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://cdn.undertone.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://cdn.undertone.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 27 Apr 2021 03:32:32 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=12776
Date
Tue, 27 Apr 2021 03:32:32 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
getuidnb
ib.adnxs.com/ Frame B39D 		43 B
698 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Apr 2021 03:32:32 GMT
X-Proxy-Origin
37.120.211.132; 37.120.211.132; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.102:80
AN-X-Request-Uuid
84aecb6b-c916-47ec-aea3-fe04852ecf17
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
usr.undertone.com/userPixel/ Frame B39D
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=8a2b823d-1562-031e-1718-fd29d14f8954
0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=8a2b823d-1562-031e-1718-fd29d14f8954
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.143.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:32 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

date
Tue, 27 Apr 2021 03:32:32 GMT
content-encoding
gzip
server
OXGW/16.205.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=8a2b823d-1562-031e-1718-fd29d14f8954
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
sync
usr.undertone.com/userPixel/ Frame B39D
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP33418bd1-a709-11eb-b653-0283ac77b496
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-RIhWlFtE2uEVPuENMoXOEmZVbgzHFu7b~A~UP33418bd1-a709-11eb-b653-0283ac77b496
0
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-RIhWlFtE2uEVPuENMoXOEmZVbgzHFu7b~A~UP33418bd1-a709-11eb-b653-0283ac77b496
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.143.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:32 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

Date
Tue, 27 Apr 2021 03:32:32 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-RIhWlFtE2uEVPuENMoXOEmZVbgzHFu7b~A~UP33418bd1-a709-11eb-b653-0283ac77b496
Connection
keep-alive
Content-Length
0
sync
usr.undertone.com/userPixel/ Frame B39D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usr.undertone.com/userPixel/sync?partner=ttd&uid=5ae81d0d-3d7e-4b6a-aeb7-93b50cf5becf&ttl=1622086352
0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=ttd&uid=5ae81d0d-3d7e-4b6a-aeb7-93b50cf5becf&ttl=1622086352
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.143.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:32 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:32 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://usr.undertone.com/userPixel/sync?partner=ttd&uid=5ae81d0d-3d7e-4b6a-aeb7-93b50cf5becf&ttl=1622086352
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
247
sync.php
pixel.rubiconproject.com/exchange/ Frame B39D 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/gif
sync
usr.undertone.com/userPixel/ Frame B39D
Redirect Chain
  • https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID
  • https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=5651f3b5ad495670b9e8afea73c65f3ac93e884f
0
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=5651f3b5ad495670b9e8afea73c65f3ac93e884f
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.143.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:32 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

Location
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=5651f3b5ad495670b9e8afea73c65f3ac93e884f
Date
Tue, 27 Apr 2021 03:32:32 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Pug
image2.pubmatic.com/AdServer/ Frame 2481
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOW5SQF5u2eg5wiRHJB7_gs&google_cver=1
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOW5SQF5u2eg5wiRHJB7_gs&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 03:32:32 GMT
X-lat
lhrpug006:0:438
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOW5SQF5u2eg5wiRHJB7_gs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 2481 		43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:32 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 26 Apr 2021 03:32:32 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 5DCD 		43 B
304 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Tue, 27 Apr 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
1473
date
Tue, 27 Apr 2021 03:32:31 GMT
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 2481
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:8cbf6087-85cf-4300-85f2-0f86229f07b1&gdpr=0&gdpr_consent=
42 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:8cbf6087-85cf-4300-85f2-0f86229f07b1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 03:32:32 GMT
X-lat
lhrpug018:0:260
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Tue, 27 Apr 2021 03:32:32 GMT
Server
MT3 3660 495c301 master zrh-pixel-x29
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:8cbf6087-85cf-4300-85f2-0f86229f07b1&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 27 Apr 2021 03:32:31 GMT
pubmatic
d5p.de17a.com/getuid/ Frame 562D 		35 B
134 B 		Document
General
Check archive.org
Download Go to
Full URL
https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.155.156.169 , Sweden, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
213-155-156-169.teliacarrier-cust.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

:method
GET
:authority
d5p.de17a.com
:scheme
https
:path
/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
35
content-type
image/gif
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 2481
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3979682817167768895
42 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3979682817167768895
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 03:32:32 GMT
X-lat
lhrpug015:0:440
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:32 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3979682817167768895
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 2481
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=69af026e-1af6-41a9-b4e0-8e7cf05e6fc1
42 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=69af026e-1af6-41a9-b4e0-8e7cf05e6fc1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 03:32:32 GMT
X-lat
lhrpug013:0:324
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:32 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=69af026e-1af6-41a9-b4e0-8e7cf05e6fc1
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 2481
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2983638079502412303&gdpr=0&gdpr_consent=
42 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2983638079502412303&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 03:32:32 GMT
X-lat
lhrpug015:0:388
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Tue, 27 Apr 2021 03:32:32 GMT
X-Proxy-Origin
37.120.211.132; 37.120.211.132; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.248:80
AN-X-Request-Uuid
79f4f960-b2a2-4a53-884f-a52f38853005
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2983638079502412303&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2481
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4UxGyPZlQk-95_q9QBWbag%3D%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4UxGyPZlQk-95_q9QBWbag%3D%3D&google_tc=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 03:32:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=77817
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Wed, 28 Apr 2021 01:09:29 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 2481 		95 B
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=E14C46C8-F665-424F-BDE7-FABD40159B6A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:32 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6464fbf45b0dd6cd-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09b2fbccb20000d6cd55b81000000001
info2
uipglob.semasio.net/pubmatic/1/ Frame 2481
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=E14C46C8-F665-424F-BDE7-FABD40159B6A&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=E14C46C8-F665-424F-BDE7-FABD40159B6A&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=E14C46C8-F665-424F-BDE7-FABD40159B6A&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:31 GMT
frontend-id
2
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:31 GMT
frontend-id
6
location
/pubmatic/1/info2?sType=sync&sExtCookieId=E14C46C8-F665-424F-BDE7-FABD40159B6A&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 2481
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=E14C46C8-F665-424F-BDE7-FABD40159B6A&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=E14C46C8-F665-424F-BDE7-FABD40159B6A&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=E14C46C8-F665-424F-BDE7-FABD40159B6A&addseg=21
7 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=E14C46C8-F665-424F-BDE7-FABD40159B6A&addseg=21
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.190.106 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 03:32:32 GMT
Connection
keep-alive
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Tue, 27 Apr 2021 03:32:32 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=E14C46C8-F665-424F-BDE7-FABD40159B6A&addseg=21
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
135
Pug
image2.pubmatic.com/AdServer/ Frame 2481
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTE0QzQ2QzgtRjY2NS00MjRGLUJERTctRkFCRDQwMTU5QjZB&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTE0QzQ2QzgtRjY2NS00MjRGLUJERTctRkFCRDQwMTU5QjZB&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 03:32:32 GMT
X-lat
lhrpug020:0:348
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
E14C46C8-F665-424F-BDE7-FABD40159B6A
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 2481 		43 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/E14C46C8-F665-424F-BDE7-FABD40159B6A?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:32 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 2481
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=E14C46C8-F665-424F-BDE7-FABD40159B6A&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-rf9hcGJE2uVYvudOCVEzZvC6uee44.M-~A&gdpr=0&gdpr_consent=
0
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-rf9hcGJE2uVYvudOCVEzZvC6uee44.M-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 03:32:31 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 27 Apr 2021 03:32:32 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-rf9hcGJE2uVYvudOCVEzZvC6uee44.M-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ Frame 2481
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ums.acuityplatform.com/bum?tpid=29&uid=ca99a85e-ff88-4b37-8e55-0f72b3c8a270&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=236&user_id=575301050043&expires=30&user_group=1&ssp=Pubmatic
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=236&user_id=575301050043&expires=30&user_group=1&ssp=Pubmatic
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.52.76 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 03:32:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://x.bidswitch.net/sync?dsp_id=236&user_id=575301050043&expires=30&user_group=1&ssp=Pubmatic
usync.js
eus.rubiconproject.com/ Frame B71B 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ed2d993c35cd51826ee304739d91e554bd9faa1b120602fc4b3baa15941a9e35

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 03:32:32 GMT
Content-Encoding
gzip
Last-Modified
Mon, 19 Apr 2021 20:34:13 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=9804
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9242
Expires
Tue, 27 Apr 2021 06:15:56 GMT
khaos.jpg
token.rubiconproject.com/ Frame B71B 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/jpg
SPug
simage4.pubmatic.com/AdServer/ Frame 1183 		0
587 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=109126&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Date
Tue, 27 Apr 2021 03:32:32 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8
v2
de.tynt.com/deb/ Frame 2E9D 		75 B
289 B 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=aQZNIebZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.187 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

:method
GET
:authority
de.tynt.com
:scheme
https
:path
/deb/v2?m=xch&rt=html&id=aQZNIebZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.newser.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/

Response headers

cache-control
max-age=86400
expires
Wed, 28 Apr 2021 03:32:33 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
75
date
Tue, 27 Apr 2021 03:32:33 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
v2
de.tynt.com/deb/ Frame 109C 		75 B
289 B 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=aYM3dqbZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.187 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

:method
GET
:authority
de.tynt.com
:scheme
https
:path
/deb/v2?m=xch&rt=html&id=aYM3dqbZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.newser.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/

Response headers

cache-control
max-age=86400
expires
Wed, 28 Apr 2021 03:32:33 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
75
date
Tue, 27 Apr 2021 03:32:33 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
v2
de.tynt.com/deb/ Frame 40B8 		75 B
289 B 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=aVbmTmbZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.187 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

:method
GET
:authority
de.tynt.com
:scheme
https
:path
/deb/v2?m=xch&rt=html&id=aVbmTmbZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.newser.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/

Response headers

cache-control
max-age=86400
expires
Wed, 28 Apr 2021 03:32:33 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
75
date
Tue, 27 Apr 2021 03:32:33 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
v2
de.tynt.com/deb/ Frame 9629 		75 B
289 B 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=auLbLMbZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.187 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

:method
GET
:authority
de.tynt.com
:scheme
https
:path
/deb/v2?m=xch&rt=html&id=auLbLMbZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.newser.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/

Response headers

cache-control
max-age=86400
expires
Wed, 28 Apr 2021 03:32:33 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
75
date
Tue, 27 Apr 2021 03:32:32 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
v2
de.tynt.com/deb/ Frame B29B 		75 B
289 B 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=aIsVNgbZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.187 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

:method
GET
:authority
de.tynt.com
:scheme
https
:path
/deb/v2?m=xch&rt=html&id=aIsVNgbZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.newser.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/

Response headers

cache-control
max-age=86400
expires
Wed, 28 Apr 2021 03:32:33 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
75
date
Tue, 27 Apr 2021 03:32:33 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
SPug
simage4.pubmatic.com/AdServer/ Frame 2481 		0
418 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=109126&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 03:32:33 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
v2
de.tynt.com/deb/ Frame F5DF 		75 B
289 B 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=aMI2rSbZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.187 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

:method
GET
:authority
de.tynt.com
:scheme
https
:path
/deb/v2?m=xch&rt=html&id=aMI2rSbZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.newser.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/

Response headers

cache-control
max-age=86400
expires
Wed, 28 Apr 2021 03:32:34 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
75
date
Tue, 27 Apr 2021 03:32:34 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
v2
de.tynt.com/deb/ Frame 0A2F 		75 B
289 B 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=aEhRN6bZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.187 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

:method
GET
:authority
de.tynt.com
:scheme
https
:path
/deb/v2?m=xch&rt=html&id=aEhRN6bZKr64uoaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.newser.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newser.com/

Response headers

cache-control
max-age=86400
expires
Wed, 28 Apr 2021 03:32:35 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
75
date
Tue, 27 Apr 2021 03:32:34 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
ping
ping.chartbeat.net/ 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=newser.com&p=%2F&u=DQk-kTRci2MC7pUmB&d=newser.com&g=19359&g0=Home&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=2850&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=1913&t=iGrB1BRWNicBnrZT6ggOICCZMjss&V=126&tz=-120&sn=2&sv=ZuPwKDDslXy6URyyBfrkOiBCisTc&sd=1&im=062b073f&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.67.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-67-161.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.newser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Apr 2021 03:32:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bids.proper.io
URL
https://bids.proper.io/api/bidding
Domain
dmx.districtm.io
URL
https://dmx.districtm.io/b/v1
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=8777&site_id=345018&zone_id=1856232&size_id=15&alt_size_ids=2%2C9%2C10%3B2%2C9%2C10%3B2%3B2%3B&rp_floor=0.1&rp_secure=1&tk_flint=pbjs_lite_v3.2.0&x_source.tid=d6b8bb3a-8834-4afe-ae8c-fd9ece5ae379%3B77a27c8d-0b3b-4489-a870-e68ec3095910%3B1f711cdb-f677-44ce-acd7-964cf4ba3638%3Ba144c26a-6cfe-492b-848b-c22e655ec17b%3B1b00a1a0-7cc2-4202-85c2-614c25f8d994&p_screen_res=1600x1200&tg_fl.eid=1856232-1%3B1856232-2%3B1856232-3%3B1856232-4%3B1856232-5&rf=https%3A%2F%2Fwww.newser.com%2F&x_source.pchain=proper.io%3Ae5961d07-eb92-11e9-a488-69e3386c7506&rp_schain=1.0%2C1!proper.io%2Ce5961d07-eb92-11e9-a488-69e3386c7506%2C1&slots=5&rand=0.8595658553562961
Domain
bcp.crwdcntrl.net
URL
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YIeFzbHLhFuPJgdDdZtULQAA%261205

Verdicts & Comments Add Verdict or Comment

642 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated number| _sf_startpt function| $ function| jQuery function| css_browser_selector number| rolloverTimeoutId number| readTimeout number| clearReadTimeout boolean| loaded boolean| ready boolean| showingRollover boolean| videoClickEventRecorded boolean| registerOpen boolean| isMobileDevice undefined| countdown boolean| isCountdownRunning boolean| ab string| browserWidthCode function| setLoaded function| setReady function| isEmpty function| IsPWAInstalled function| IsPWAStandalone function| IsPWA function| IsPWAURL function| IsMobile function| IsTablet function| IsDesktop function| IsMobilePWA function| IsTabletPWA function| IsDesktopPWA function| IsMobileNonPWA function| IsTabletNonPWA function| IsDesktopNonPWA function| isMobile function| dateAddMinutes function| dateDiffMinutes function| GetOSVersion function| GetBrowserVersion function| AjaxCall function| AjaxCallPost function| AjaxCallSync function| adjustVoteBoxes function| AjaxReplace function| AjaxUpdate function| AjaxUpdateAndRefresh function| ScrollTop function| GetMonthAbbreviation function| EmailAStoryShow function| EmailAStoryClose function| sendEmailStory function| sendEmailStorySuccess function| sendEmailStoryError function| ReportAStoryErrorShow function| ReportAStoryErrorClose function| ReportAStoryError function| ReportAStoryErrorSuccess function| ReportAStoryErrorError number| icurscroll number| qcurscroll object| toid number| pstatus number| pstatusQuote boolean| scrollVid boolean| scrollQuo boolean| scrollImg function| play function| pause function| playpause function| prevImage function| nextImage function| iScrollTo function| changeiScrollCount function| checkPrevNextImage number| icruscroll2 object| toid2 number| pstatus2 boolean| scrollImg2 function| play2 function| pause2 function| playpause2 function| prevImage2 function| nextImage2 function| iScrollTo2 function| changeiScrollCount2 function| checkPrevNextImage2 number| vcurscroll function| prevVideo function| nextVideo function| vScrollTo function| changeVideoCount function| checkPrevNextVideo function| playQuote function| pauseQuote function| playpauseQuote function| prevQuote function| nextQuote function| qScrollTo function| changeqScrollCount function| checkPrevNextQuote function| BuildAjaxURL function| StoryGetRows function| StoryGetRowsBuffer function| StoryGetRowsBufferCall function| StoryGetRowsBufferCallSuccess function| StoryGetRowsBufferCallError function| StoryAddToGrid function| StoryShowNBUFrontPage function| StoryShowLatest function| StoryShowPopular function| GridMainNavSelect function| ResetGridNav function| StoryShowLatestAll function| StoryShowLatestToday function| StoryShowLatestYesterday function| StoryShowLatestPickADate function| StoryShowPopularType function| StoryShowDate function| StoryReloadGrid function| StoryGetNewGrid function| StoryGetNewGridSuccess function| StoryGetNewGridError function| StoryNewGrid function| StoryStartAutorefresh function| StoryCancelAutorefresh function| StoryAutorefresh function| StoryAutorefreshSuccess function| StoryAutorefreshError function| StoryCheckAutorefresh function| StoryScrolledToTop function| StoryCheckAutorefreshScroll function| StoryViewHide function| StoryViewHideCalendar function| GetCalendarDate function| ChangeHardSoftSliderValue function| ConvertHardSoftValueToSliderValue function| ConvertSliderValueToHardSoftValue function| HardSoftLeft function| HardSoftRight function| HardSoftReset function| StoryHandleGridScroll function| Calendar function| calendarGoToDate function| calendarShowNextMonth function| calendarShowPrevMonth object| DYNIFS function| doPopup function| doPopupShow function| closePopup function| HoverScreen function| UnhoverScreen function| storyParagraphLinks number| actions function| carousel_itemLoadCallback function| carousel_initCallback object| addedItems function| carousel_itemAddCallback function| carousel_getItemHTML function| CheckForCarouselSameLink function| StoryCarouselNext function| CheckAdForRefresh function| HideSpinner function| wait function| initCarousel undefined| selectedMediaId object| imageIDs object| mediaCount boolean| playing number| timeout undefined| myCarousel number| largeMediaClicks function| stopError function| sizeThis function| initCarouselGallery function| initjCarouselGallery function| initMediaArray function| selectMedia function| goNextImage function| goPrevImage function| goPlayPause function| pauseLarge function| playLarge function| checkLoadLargeMediaAd function| showAd function| hideAd function| initVideoArray function| selectVideo function| goNextVideo function| goPrevVideo function| AnalyticsCustomEvent function| VideoAnalyticsCustomEvent function| closePromotion function| closePromotionSuccess function| NavMouseOver function| NavMouseOut function| SubMenu function| showSubMenu function| hideSubMenu function| hideOverlay function| CustomizeSettingsOpen function| CustomizeSettingsClose function| markStoryRead function| isRead function| ShowLightBox function| HideLightBox function| getPageSize function| ParseMessage function| mouseLeaves function| containsForMouseLeaves function| stringTrim function| getIEVersion function| trim function| renderSquareNew function| renderSquareNewStory function| renderSquare function| IsLoggedIn function| GetCookie function| ExtractCookieValue function| createCookie function| readCookie function| GetCurrentTime function| sleep function| sleep2 object| Mouse function| mouseMoveHandler object| PositionNew function| Slider function| ToggleMyAccount function| OpenRegister function| CloseRegister function| CloseShare function| YesNoToggleClick function| ShowWhatIsThis function| HideWhatIsThis function| ShowHelp function| HideHelp function| SizeShade function| GetComments function| GetCommentsSuccess function| GetCommentsError function| ReplaceInterrupter function| InterrupterCallbackSuccess function| InterrupterCallbackError function| ScrollToId function| refreshAd function| SubmitStoryTrack function| StoryImageGalleryMore function| ScrolledToTop function| LazyLoadImagesReady function| LazyLoadImagesScroll function| alignSkin function| AreCookiesEnabled function| GetCookieValue function| GetKeyValuePair function| NewsletterSignUp function| fb_click function| tw_click function| HeaderSearch function| ShowLogin function| ShowNewserSignUp function| ShowLoggedIn function| ShowMegaMenu function| HideOtherMegaMenus function| redirectToComments function| redirectToStory function| redirectToStoryMobile function| removeQuerystring function| BuildCarouselUrl function| GetCarouselCallSuccess function| GetCarouselCallError function| ConnectionsFacebookConnect function| ConnectionsFacebookConnectSuccess function| ConnectionsFacebookDisconnect function| ConnectionsFacebookDisconnectSuccess function| ConnectionsTwitterConnect function| LogIntoNewser function| ConnectWithFacebook function| LoginWithFacebook function| TwitterResponse function| Register function| vote function| votenew function| parseQueryString function| isIE function| checkEnter function| ScrollToViewMoreImages function| StoryMediaViewMore function| MediaGetDataSuccess function| MediaGetDataError function| MediaImageShrinkEnlarge function| MediaAllResize function| MediaMainResize function| MediaOtherResize function| MediaOtherLoad function| overrideRecaptcha function| CloseAppPromo function| UpdatePageMetaData function| VotingShowResults function| CloseActionBar function| MetricsAB function| OpenABPopup function| CloseABPopup function| ABSwap function| RefreshGoogleAd function| doPopupR function| MetricsABR function| ABPopupShow function| ABPopupClose function| RefreshAllAds function| RefreshAllGoogleAds function| RefreshAllProperMediaAds function| BuildNewProperMediaAds function| ResponsiveCheckSize function| debounce function| HomeSideBySideNavigate function| HomeSideBySideNavigateSuccess function| HomeSideBySideNavigateError function| ToggleNav function| ShowCopyURLMsg object| xDown object| yDown function| handleTouchStart function| handleTouchMove function| SwipeLeft function| SwipeRight boolean| IsPageVisible string| hidden string| visibilityChange function| handleVisibilityChange object| PageActivityTime function| myActivityMouseDownCheck function| myActivityTouchStartCheck function| myActivityKeyDownCheck function| myActivityScrollCheck function| myActivityMouseMoveCheck function| myActivityFocusCheck function| myActivityOnlineCheck function| myActivityResumeCheck function| MyActivity function| PageInactivitySeconds function| CheckForTopOfGridPage function| GetPageStoryIdIfNoPrev function| CheckForUpdatesStart function| CheckForUpdatesCancel function| CheckForUpdates function| CheckForUpdatesSuccess function| CheckForUpdatesError function| CheckForUpdatesDone function| ProcessUpdates function| UpdateInAppBadge function| RemoveInAppBadge function| SetInAppBadge function| FixTextForNativo function| RemoveNativo boolean| BeforeInstallPromptFired function| PresentAddToHome function| myAppInstalledEventHandler function| AppInstalledEventHandler boolean| PWAInstallFunctionRunning function| PWAInstall function| PWAInstallSuccess function| PWAInstallError function| PWAUninstall function| PWAUninstallSuccess function| PWAUninstallError function| PWAVisit function| PWAVisitSuccess function| PWAVisitError string| ip function| NewserLog function| FlushCachedPagesFromCache number| width number| height object| jscd object| twttr object| properSpecialOps string| PWAAdHide object| propertag object| _gaq object| _qevents string| NewserClassification boolean| loggedIn string| ajaxAdControl object| c object| theForm function| __doPostBack string| FBAPI function| fbAsyncInit boolean| _isMobile number| pageHeight number| pageWidth object| arrayPageSize object| addthis_config string| sitePageName object| calObj function| focusOn object| jQuery112408561170856682669 object| __twttrll object| __twttr function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| FB boolean| payload_loaded object| g367CB268B1094004A3689751E7AC568F undefined| g undefined| adscoreVerificationStatus undefined| freqms undefined| elapsed undefined| waitForAdscoreSignature function| UAParser number| storySectionId string| storyShowPopular string| storyPopularType number| storySiteId number| storyTagId number| storyUserId number| storyTagGroupId number| storyCategoryId number| storyChannelId string| storyType string| storyLinkStoryType string| storyDisplayAdSection string| storyLastRefreshDate string| storyFirstStoryPubDate number| storyRows number| storyCols number| storySquareWidth number| storySquareHeight number| storyHeight number| storyRowsToGetInitial number| storyRowsToGetScroll number| storyRowsTotal number| storyAutorefreshTime boolean| storyClickToScroll number| storyHardsoft boolean| storyShowGridLeaderboardAds boolean| storyShowGridMobileAds string| storyStoryView string| storyShowSimpleListView boolean| isUserGrid boolean| storyShowNBUFrontPage boolean| storyShowStats string| storyStartDate string| storyEndDate string| storyPickADate string| storyStoryId string| storyDoNotShowAds string| storyShowRolloversOverride string| storyURLSubfolder string| storyWebsite boolean| storyIsHeadlineTest string| storyShowGridRepeatingAds number| storyGridFirstAdLocation number| storyGridSubsequentAdLocation string| storyOnClickOverride string| storyGridPositioning boolean| storyIsMobile number| storyScrollcount boolean| storyLoadInProcess string| storyBuffer string| storyBufferMore boolean| storyBufferRetry number| storyAutofreshTimerId number| storyBufferCheckCount number| storyRowsInit number| storyScrollbarWidth string| storyLoading string| storyTitle boolean| PWAEnabled object| checkForUpdatesTimeOfLastCall object| checkForUpdatesTimeLastCallStarted object| checkForUpdatesCallXhr number| checkForUpdatesRefreshSeconds number| checkForUpdatesInactivitySeconds object| checkForUpdatesId number| checkForUpdatesInterrupterId undefined| SwipeEnabled string| pubcidCookie object| _comscore object| _sf_async_config object| _0x1ac4 function| _0x2ad4 function| _0x32639f object| ProperMedia object| googletag function| proper_log function| proper_debug_console function| proper_display function| proper_render function| disableSlotRefresh function| logMatchingResponse function| properSpaNewPage function| properInfNewPage function| properBuildSlots function| properDeleteSlot function| properDestroyDfpSlot function| proper_remnant object| TraceKit object| device string| SYNC_ENDPOINT string| NON_MEASURABLE string| ENDPOINT_TEST number| accountId function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto function| LazyLoadBindScroll object| sifi_att_42656 boolean| adBlockEnabled object| testAd object| ria function| PWAIPShow function| PWAIPInstall function| PWAIPClose function| PWAIPHide object| responsiveSize number| responsiveOldSize number| responsiveNewSize function| myResponsiveCheck object| Modernizr number| c_start number| c_end object| addthis_share object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY string| requestType boolean| edge string| bidder boolean| withCredentials function| proper_97b9efe7_355918fd_1 function| proper_4b7f05c4_3edc92a2_2 string| proper_ad_page_uuid string| proper_ad_session_uuid string| x function| proper_98c8fbf5_93024225_3 object| apstag number| __a function| udm_ object| ns_p object| COMSCORE boolean| __@@##MUH object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle string| google_user_agent_client_hint object| _atw object| response boolean| apstagLOADED function| splitIndexSlots function| isSameSlot function| clearTargeting function| cygnus_index_judge function| cygnus_index_parse_res function| cygnus_index_set_targets function| cygnus_log function| index_render function| cygnus_copy function| getSlotInfo number| cygnus_tid object| index_slot_to_size object| index_slots_render object| index_slots_add function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options string| addthis_ssh object| __callbacks object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| gaGlobal object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| GoogleGcLKhOms object| google_image_requests

19 Cookies

Domain/Path Name / Value
.newser.com/ Name: __asAB
Value: false
.newser.com/ Name: verizon_media_s2s_cookie
Value: y-z6gjY0FE2uFq2Z78LnhvUrDjiZCBRTKI~A
.newser.com/ Name: proper_tracker_cookie
Value: eyJwaWQiOiIiLCJiaWRkZXJzIjp7Il9fY2ZfYm0iOjEsInZlcml6b25fbWVkaWFfczJzIjoxLCJtZWRpYWdyaWQiOjF9LCJwcm9wZXJfdWlkIjoiNjk5YjFkYjItZTc3ZC00MjRkLTk4ZDctMDkxZDRjNmY2MjFhIn0=
.newser.com/ Name: properSessionData
Value: eyJ1dWlkIjoiNmQyMWU2YjEtMDMzZS00YTM1LTljODAtZmIwOWYxZGUwZGU2IiwiZGVwdGgiOjEsInJlZmVycmVyIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fdGVybSI6IiIsInV0bV9jb250ZW50IjoiIiwicmV2ZW51ZSI6MC4wMDAzM30=
.newser.com/ Name: mediagrid_cookie
Value: 394c0077-63e1-443c-a271-99c34be98bcc
www.newser.com/ Name: AB
Value: N
www.newser.com/ Name: __atuvs
Value: 608785c664e9c7f9000
www.newser.com/ Name: _chartbeat2
Value: .1619494342737.1619494342737.1.ZuPwKDDslXy6URyyBfrkOiBCisTc.1
www.newser.com/ Name: _cb_ls
Value: 1
www.newser.com/ Name: __atuvc
Value: 1%7C17
.newser.com/ Name: __gads
Value: ID=4f20dce35f6cc4fd:T=1619494345:S=ALNI_MahFY4LLR2vFNPwOISwlLN1H1sNPg
www.newser.com/ Name: _cb
Value: DQk-kTRci2MC7pUmB
.newser.com/ Name: __qca
Value: P0-1542396880-1619494342508
.newser.com/ Name: __cf_bm_cookie
Value: 91e07941217ae3562dbbfed22caf489f37a1b315-1619494342-1800-AQtBcG1rXXw11kZgIiMHzZl9tCqQPHHGP7iuFfsuLtwW2ozFRgUWzRnWFSh1I5bx0TEz2+oawLIWdVUHYgdl9mwcy0yhd2WpdIGeLYdJQqHG
www.newser.com/ Name: _pubcid
Value: 699b1db2-e77d-424d-98d7-091d4c6f621a
www.newser.com/ Name: g36FastPopSessionRequestNumber
Value: 1
www.newser.com/ Name: USERCREDENTIALS
Value: EMAIL=&PASSWORD=&USERID=0&VISITORID=1454566181
www.newser.com/ Name: _cb_svref
Value: null
www.newser.com/ Name: ASP.NET_SessionId
Value: 0yjqj4kz5v3lzywm10dra5xj

11 Console Messages

Source Level URL
Text
console-api log URL: https://global.proper.io/payloads/latest.js(Line 1)
Message:
USP CMP not found.
console-api log URL: https://global.proper.io/payloads/latest.js(Line 1)
Message:
GDPR CMP not found.
console-api log URL: https://global.proper.io/payloads/latest.js(Line 1)
Message:
USP CMP not found.
console-api log URL: https://global.proper.io/payloads/latest.js(Line 1)
Message:
USPAPI workflow exceeded timeout threshold.
console-api log URL: https://global.proper.io/payloads/latest.js(Line 1)
Message:
GDPR CMP not found.
console-api log URL: https://global.proper.io/payloads/latest.js(Line 1)
Message:
USP CMP not found.
console-api log URL: https://global.proper.io/payloads/latest.js(Line 1)
Message:
GDPR CMP not found.
console-api log URL: https://www.newser.com/(Line 3556)
Message:
NewserConsolePWA: Service worker registered, scope: https://www.newser.com/
console-api info URL: https://cdn.ampproject.org/rtv/032104130153000/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2104130153000 https://www.newser.com/
console-api info URL: https://cdn.ampproject.org/rtv/022103020108001/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2103020108001 https://www.newser.com/
console-api info URL: https://cdn.ampproject.org/rtv/022103020108001/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2103020108001 https://www.newser.com/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6116d3d949bda88a13307fdab1f05e8d.safeframe.googlesyndication.com
aa.agkn.com
acdn.adnxs.com
ads.avct.cloud
ads.pubmatic.com
adservice.google.com
adservice.google.pl
apex.go.sonobi.com
api.ipify.org
as-sec.casalemedia.com
aud.pubmatic.com
b1sync.zemanta.com
bcp.crwdcntrl.net
bidder.criteo.com
biddr.brealtime.com
bids.proper.io
btlr.sharethrough.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
cdn.ampproject.org
cdn.districtm.io
cdn.engine.4dsply.com
cdn.undertone.com
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
cs.admanmedia.com
csi.gstatic.com
d.agkn.com
d5p.de17a.com
de.tynt.com
dis.criteo.com
dmx.districtm.io
dsum-sec.casalemedia.com
eb.proper.io
eb2.3lift.com
ecs.mantisadnetwork.com
engine.4dsply.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
global.proper.io
googleads.g.doubleclick.net
hb-api.omnitagjs.com
hb.emxdgt.com
hbopenbid.pubmatic.com
i.simpli.fi
ib.3lift.com
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
img1-azrcdn.newser.com
img2-azrcdn.newser.com
js-sec.indexww.com
load77.exelator.com
loadm.exelator.com
loadus.exelator.com
mantodea.mantisadnetwork.com
match.adsrvr.org
match.prod.bidr.io
mwzeom.zeotap.com
p.rfihub.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel-sync.sitescout.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
platform.twitter.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pre.ads.justpremium.com
prod.perf-serving.com
propermedia-d.openx.net
rddywd.com
rtb.adentifi.com
rules.quantcount.com
s.amazon-adsystem.com
s7.addthis.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
simplifi.partners.tremorhub.com
ssc.33across.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.chartbeat.com
static1-azrcdn.newser.com
static2-azrcdn.newser.com
sync.bfmio.com
sync.intentiq.com
sync.mathtag.com
sync.search.spotxchange.com
sync.teads.tv
syndication.twitter.com
tag.1rx.io
token.rubiconproject.com
tpc.googlesyndication.com
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
usr.undertone.com
usync.proper.io
v1.addthisedge.com
visitor.fiftyt.com
www.google.com
www.google.de
www.googleadservices.com
www.googleapis.com
www.newser.com
x.bidswitch.net
z.moatads.com
bcp.crwdcntrl.net
bids.proper.io
dmx.districtm.io
fastlane.rubiconproject.com
104.109.85.134
104.111.230.142
104.111.242.245
104.16.68.69
104.17.120.107
104.244.42.8
107.23.67.161
13.224.105.229
13.224.111.115
13.224.111.129
13.224.111.41
142.250.185.130
142.250.186.66
142.250.186.98
154.59.122.79
159.253.128.188
169.50.137.179
178.162.133.150
178.250.0.163
178.250.0.165
18.133.35.94
18.156.0.31
18.185.167.149
18.192.249.156
18.194.113.221
18.194.69.169
18.198.69.109
18.235.163.155
185.255.84.151
185.29.132.68
185.33.221.88
185.33.221.91
185.64.189.112
185.64.189.114
185.64.190.106
185.64.190.78
185.64.190.80
185.94.180.125
193.0.160.129
2.18.232.130
2.18.233.180
2.18.234.21
2.18.235.40
208.100.17.187
213.155.156.169
213.19.147.43
216.52.2.19
23.45.99.241
23.79.143.124
2404:6800:4008:c07::78
2600:1901:0:8eee::
2600:1f18:612b:4264:7659:1bf:d736:fba9
2600:9000:20c8:2600:6:44e3:f8c0:93a1
2600:9000:20c8:5600:1f:2473:9080:93a1
2600:9000:20c8:bc00:18:1fcd:34e:d2a1
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:10::6816:1957
2606:4700:3036::ac43:8a2c
2606:4700::6810:9e11
2606:4700::6811:4e22
2620:116:800d:21:36a9:ecb:e518:b308
2620:1ec:46::45
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1288:110:c305::8000
2a00:1450:4001:803::200a
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::2003
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::200a
2a00:1450:400f:808::2002
2a02:6ea0:c700::3
2a03:2880:f01c:8012:face:b00c:0:3
3.120.52.76
3.124.65.205
3.125.99.7
3.217.41.235
34.200.78.134
34.251.130.56
34.98.64.218
35.201.96.126
35.227.248.159
35.244.174.68
37.157.6.251
40.114.51.62
44.238.170.237
50.16.249.42
52.11.196.81
52.19.106.86
52.22.15.148
52.57.10.248
52.58.127.188
54.194.211.3
54.239.17.112
54.78.254.47
54.84.143.226
63.33.11.43
64.202.112.63
66.155.71.149
69.173.144.138
69.173.144.139
77.243.60.138
88.214.206.142
0192d287075be6b22531c8e15d8e3ca3a303396518536557a09f40e84e5d584f
029750e55d40a527dbad54f1549177179897188925979fe1ece2313a23367a1d
03ba788d90135720bb3de988a36b9b3daa6faa95f468f5479aebee777521bfac
03c7384b672af507615984849c1eb2bcdb1546d839f5b86516ace34cb0aa2119
0477aa148f76bfbc151ffc02256cf9fdf07062900a25f497367451a2826becd1
04db9ba63e8b2e34313c88ec6fc98d6a9eee164ebe9f5eeb8c2825ca49aaada3
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
064d8654685defd5adf0da7b8bf4e1adc8e618b6f0c659ff878637bf8f9d039a
06a6d1879723de25acf7c21ffeccd6681848492b2a27fb74b4604b7013d791b9
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c19d9507a5e950ae4e3115a08e5213ad6daf7952e54fc1d89c7a60e3b966c49
0d8bcd89148e12d3d09e89da17fb6349af8c4bbee7427f91fd56a59d5e72a872
0ddfbb5f026dfa356e9a1d120238cc19a24357bfd0ea3e804dc4434e577b747b
0e4a39e51c9086a8c1269e62fa3009e8e7ccd9c7dae6cffb16c2ad043a7ffcd0
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0fb220ece242f54bf46bcb59a9602502dbd8ba1104723a442ff1d990d66a463a
1126dae47147dee29ca9bffbbd45f3e609f7d38a2c17cd4f5c73283db4e6304a
11c5ae7818c4eef3cccc717044c2df12970161821533f840ead4b6830c703619
1345fd31c871f1be80924e6020298e182023f420b49e740bed5903748fc27546
167024cf618ce2102d66614f681c7ea9bff2282aa1e884f5a67a52b0ebbc5e34
1672a0f3dfa1dbbaaeac0f999d849556f4074500ddfde1e20ad9640d6c41b04d
16783388daf0273eb6bda42a99aae780c3fe81c6e8e61c6ae50cea216e1635de
170816441d7272a04cf05b1b30e1e974eb37fe1e274c3e55cfce80f8fed26c63
185b7539076b9f8d807c5740180aac4e2a4b3bc2912b4e9485950ccddb4cb39e
1934199df51551755f77a59d6993a98e332ad57c09ab22d30fafb727d92e4eb0
1a9e82fb3296a34675ecd884ac0553e91f7c15192d449a362b0589200a253922
1b0e64c0414d24d858093359df28f0aed5b479d81ddb895023030235e8b106e8
1d2f3e07f8f041675ea8aede8d4921e835bd3f5a4b29346382278a778c19edce
1ecf3f8d16e52e14d04ec472ecfe6c19ef00cae69e3c6c88b886167ce5da18a4
2060fd30e616b177eeeb39b585f797859762b09d30211e17f18a2c17ca7ae0b9
21349b60e999f29bb11fd1384e57ea43faf7bb39d7822e81c1e30de505663228
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
21d46bb0a238b8c1b0ab5ea12b5fa6cab58b90e30ca08727321e1e40e2970046
26ee9a9c236e86e70c68334d39f1f97885852d2164f1d78547058bc201a61a17
287166cc33e02a62658f54cd6b8819c634038528f494e4b207398afa4dd6dc84
289369a25a6d90484adde55f7545ef7414dcc6ee72d9b0b97e297b5900f0dff9
2b1b006df6ed32ddde346ded031b193799b49756dca5592c010fcdf28fafd810
2b216ae0773d96f6149615501f6e4ceef7e0b8b958b81441b4d7d28347def4c6
2b291810374483e61126df23f32490a6f8a629062a6f00f0d10d7b52ed2a2762
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f76122813dc216562d9a6c2d82279ff460696b28f8f66042399a02cf93732ba
307c4cf0cec01251278a5201d04096f4b7afdb8ba2239801202adb1992c14ecb
309a404bed5b8f17ac61db5521315c644e665032d7455a8fe1257dea7d4ed161
31138ee0585c7fac8d3d8d5e6ea7da58b2861faa99b5c158e5196d84ebf170ab
316f775333e0567a2ea23141b96349652855962025964f0ba097c64c06fb639a
31c724707624a3682770d54e8b216f04db44eff6fefb8313d9178ef0f69a694b
31e2f8aab73e5ee6bc2d55665f92a5925a18250b023c5be1ade6db40eb9d7c95
33160f98cb94e69d42da9bd45304a5a1c6794ea508f78583da6d43357e4f3a9b
34235953596d4b6051210ee6bc406e9124a5453700f38c6af31bd3dc4142e538
35093baf103e71966e4a720b9f6785024df6ac9be544e6411c696b438957b74b
353f8e7ae070c63633823557b6e76affbf02c320490c2047bd64aa33cf258c13
354cd674accaa26badff834bcbb7487aa7f99930f19cd864d71e6359b6b3f346
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
383c5b8801aa54de5b4aa1318f2d96d800534a617f5fc94e1705ac48284de464
3b556e6cee32c4b0c80ef893fd00eaea90330b3a127a8dffecabbedaf6aba7c5
3d4989e4d0cc241d9764dc77ed47c2d1e28da1e9c6335e37a3ca87f49334ce33
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3edf60a8deb752941a2130846b5b28efbcee2291cb158dc83cd0bef080204494
3ef8a126b3e5919caca2a4d5d25a4536531bb088e8059372b48f1a8bb307dfd0
3f9ebf128c9383c5fc8f3a73439f0e2dfb997f34318383e554b124e37c319c2e
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
416c3cfe091f8651f25273e266d375cbf5043b98402d2f1e70812647b7c4922c
43209f80b4b955403fc1545c6af3de7f585dbae64883ea77e23742a0104e77b8
44da54fd69c8966482bc49d3744fff0a7fd944dc2dd5732d9f710da7df4329bf
475f1aa383cebeb0633dfd593febd323b24d6b807cf4faf3f0b2964cc3ec1217
47f3aa53726f114e819984f9d6586d99c9dd6f34bf4c0ddef49e520ca469d239
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49973d587bb6599fb515c7a66e51d5768b27aea54c5d88f9cf7cc05f05038224
49d2e25896e0c68d3052086de208da00190f5a34bf98ab90e4db9c53609a1458
4a1bcd9ccf66456d219727651e7b718f762e016e0187fb29471c6a2b4a0adba0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c100ba9f5980456a5269f689d0fd87674ca2f7918cec8db9e669ccab621da64
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
4cbfdce0cb7fd1d77cd70c79569237936bbe07c8a9e3ed5ec602c156956cce4d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f1b62b82b0828282cbc88d5f5d25a908ddbac873971969c6816d0b933825268
501ed6f37588ea4083347c8c1b9fd9bfbc560f8f9977aa2847749e0977063f6c
53730a7fbcb3223f91059fe2cb0ed31fc1a9280048fea7f62cd0f047c4c2d3d2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
579748b8db43302d9a159abfebf41bf6f9e17d1ae5819412c120b5922af4ae1b
58b84b102eb26834d8a04db19b6422412ec1966d9771bffe48910b3f9cca280b
5c4d5240455912f3db70a530cca391ce041419baf9e63439056c136292d283da
5c78153d848c5cf5a168ee4b734d06a65f73ce06ca8089eff396dddb25987d0b
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3
5fea439b0d9f0bc1e58b8f90721c6951a196abb1303ef966ce507a59e8789dc9
606702c39482af62ec0c8321f1a2e7e2f46288767e685a2f37aeffae78bd5aa0
607ba5401803708cd7e7d54cb229467b42bcefa017c466d0290c2903989f9cec
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
65ca91ddfe4f791727d10f3f0c5f5dd576b2b5692fc90f971c1ee37489647f24
66e5ac641a594d3e75dafa96f0ef3ce4cac642ecb3311698461beefc164e0f81
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c3f5d30be5d98820b0bd02e38b4cc1ff1baa4f73070bd7fdbfa5f40c3d67cd1
6d155e5eff7fc3cfd3e3707287c42586133a71d101fd32477752f271db348523
6d6d162a89e32c126f5019cbd4143ddf6cc9fbf19858a3272ad6ad5ac2beae14
6e7b0bd65549bb16cd8d50d6dee97b2ad2920be364b7f677b53050913bd98881
6f94014e7f3634aaa24b7c42f84bbc32da785c6ad42fd229674be824922349e6
709fc1bd9711c9f0e3869006d61ebd264afd2fa4765eb2a26a8bd1e6ea617a68
716a727e47216ad28191f60fb09d59015b1bcb3df8cc32b5bb94f73d534a5732
718946526b87f61a2162d72d8ea19465df9c3b534dc862c43e4495d4d9a0151e
72986aa124ed922154919ff3eaf2e4cff2787b847cad1efd94c0c9e60a67782a
731224af03a86538e1bb908a3b7eccb1fc7d01cb2b48a5b85aaf0708f9618c5f
732c0eb58decb9ef12ccca85c18edd0a38d53ddcc347887605f596f575616f88
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
751026cf2fbef8b1adfdd961cc9e16dd130a85036b3351c1e8ad3c39e957cb9f
75f74b9b770de072bc736a48409864455d2b540889ea0709e5cf39ec49cbec5e
7bc29500273c93c58829591b68df2cd5b8885409f82654d852b5b9b65d18f7be
7cec802828fd9d25efc4611219c8748745117f5a51d4f76e4f9cfd85a428ce95
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970
7fd516123bfc916ccb481369f2197baa283dfd4f7b9cd315c82689df2794bc3d
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8000d797097e74bfff377d2f3fca7e046ee4490ea4edb70c2c0b189575847629
8120c088cfc96df36a25b94981c27737c5f2cebcf6b8b84c354ae56f3747c5f9
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
83860ee17d1e1cdbf26eeb3d0fd3a99f253fc29e6ef7db46eefe7c1694f361ed
83ebdc08a5acf19b6fae442cb84fc623e43b4733590200c7c60313e25f5d3570
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
870c196156856ec66eb4e1d7b376eca50e218883c93775524484b4fe4603f5ed
871a8f1084b6a27c4a67c854ba86e745d89be827f9bbc9057cbf3e535722cee1
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39
8ab9927032ea182992233db8ffaf6884a8bd2c1e82c562ea897a6e999fe516e8
8aee0c6c1b1d062d607cf441f7b6b1287e66e2f9c71e951be9c41a041a7503a9
8baae135666cde471d16426b7387541d4b900559275813859e2d296eee039192
8cbab7a7ca2f1f9862d729c22caa1552466d492590bc5aad9e959fb692f95f32
8d10dc2506db755b7b4745dd1529eb4a1d3441934de015b4152f8aa6900d6643
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e6eb1b23f149d1fe11392b8d0bf97a03ba5b37e8c05362f51255f4fa07ad537
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
95298221666b8d605144ff0806a1320fd6b62d8156732823f6dfad5e43d08bbc
97713bdf5d28e0a59afcd938da9709cd6a208dd4247c3d8586a8273b5f8e7ec3
98036e72abafeb029af5a7152de7e4208dfed9967376780233f308d8b56229fe
9831e5b4e79a7b80a69a4d83d86fafc4c8e80fad4d14d27796f7eef4b686ba66
996d298d6f8685a3ae28eace9249e3580bb8d13d91d424573fefb40d52980269
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b4fa2eb85693ec78e58c89aafe35e5bf6f836e2abff841af4f80218263704a9
9b5e9c2eaadf06a925dd0d1b4359af54aab1f2b67469a75418b9a012862ee43c
9e5a3984c873d9f7009795b85f0d9bfa38e8f9dddc2309d83556aea4d7ee41a0
9efb83a33748dbaf580ec8fd537e73de9e430daa34ef4ab7acc4d00e385b3da2
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a08e0650554684721c60ca1f8b02a7b3827be0f1182587c2e2d5d2bfea46bcd2
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e3f7f11e3feb97a1b577675fcb17fb87538d414dc5342c96975b2bd2c94b86
a117924f559cb8da7692dc5a758f590fff1a959d1908f7055f2ec7a3efd35332
a177a125d7384bd51ee15e3454c488ac0f2ba22a452f9bc3a96e29d2df4aef1b
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a3942aea05f34d9aa17deb27766f216ce7bc0176e66b41518e5bdadb19400d67
a3e382c22c5c9e890e27e2a9541b0cc0b170fac7085b47a23dcbbe92e751c300
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
a8ee66c0c6f908e4e7401f360fabae31eb615d388110e7ac52ab400b706d13a4
a907722d1ef1d5e3abcb0d7f95a9979f68509c859bcda5d1057c15f94fc2a55a
a9adbf9ff6cb67410da32776829c98497f78937808849c0c77c476ad5bf8c1a6
aa6da1ba932113bdc544473ad650d8c40a0debab6bba568ee615fc314c44e28b
ab407228533fb5b1037f4a497f4e6acf6a91196df97dc1dcb70a19d44bc55c1c
ab5230a4075b4634fe7797d78cb60efb4c435e292dcba5b3e0de8541eb37d817
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad9e5210a13805edc2cc2874d7ffa326b907e9c6d0c212071798944a1dd9ffae
b02060f85d40d27d1e45d85293d66a1ebf101186d1528740ec493241ac0d7d74
b049d25f231e1d60f65462b791028506d5185d20eadcf9e3c0741dad6760aff7
b0c7916138a9a0e57dfb6d01f0e83d6afb87ab8def5f862259164fea4f0aebd3
b141d1ed2adea27c209c5a4ac35ea4f98c138e38b182932b1e8357304d9a5615
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3881f9d6871daa8f824a01fbe2c98801069d74239ca90646d6fd380fbc89263
b6c7f8d94cedfa8e0406e096f4e89e79ba3b55ba517864bb47dab369959f8949
ba7a42fab7088ac9920a53854c26008e23e33a5a95103b316008a2e3b9120f3f
bafefa2743a428a26fcda668f87197498ca166c6eabe4ae443ef0d627c3dd8e1
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb759faf67697ba0b5359e9574f85b1fe60574b6d96fce3df6eaf102501b107c
bbfcf92c6c94d918c51be1bdf1f14098db1c7454b2f025fb7d2eed08d8d84703
bcf518d2c7ee87a0a0885243f3eb453cd15507b7e724670c2a0bef6775ece0a4
bdcb1081fe2c34558a32943d3c269d8e60eb28a2b25469d6d2c7b6b76bd70316
be2aa46348ea8eb574a41cb094305c11e1be6f865ef6bd01df07aad4bd9610b1
bf47c2b0df8af6ce9861a05807ed35fa6948f2e0c849c91cf05f7275c1fd915e
bf7301dbbfe3bde655298867a85e567635eca405fb7728f7668433e026c788b1
bf9bdce91631a7316f139083394cdf00eab956acb844cd593001e05fed86fcff
c00e4b444e4089660152f10bb0cf87d45be907756bf33150841afc2f8a69d791
c0b673dcbefd798e8211d0e84e4c9a5dd69f9b8344b1b1967f54d5aa27e19ded
c0d0c45aad6611f318a6184d40dd8766e79ef30b3ad719bf0c59f81741a1c8f3
c0e2de1910c51b9146fec0cc847f64b28a62b86f030e1ea05a7d8b05c130dc9f
c0fbe2fb9302f6a0e568b9aa5563ed8cdec6cafc822cb4c222ea8579b08e953c
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c24a517cf3dc453e6046e54ec1f6944bd762da6fc68447fcfa84c374723bbb09
c2c11fc3b53a5def31091b52939877d6051161be65f7c614d2a57b9c73355974
c3d84be67c0c5be9cfca5550b4bcc0947d40d62806652b81f7c296bfbc427357
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c9b67e7b156abc521bc007dbe84dbf474e63aa630a157d150eb6c33806df3317
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc7b852c3cac86973829f19cb4623fd8a11e4e0125b91e03bbc39061ea828a34
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1477d2bfda88c678c2deaffb53f18784ca00294d7318a2521f4b95baa375e3c
d267a8d0d060e7cc876d9d70ae2d6246fdc8b69cfbd854f488a2a7c12fd5e821
d2be6ee52a644eebd1bd4ee232c40cd2b7afdabc045e3ec35aa64ab56588aad9
d389be35d900204b36fc6e6a7133faf723a23d22568be9af78f8a65996a26471
d60b33b136750bb14f1c1488c72ff50d02846e94d2aca327f5bba24509ca321e
d6a2745332948716c2d3849e9b1d02451515f96ec7ab4749855794dea0272857
d7139c86828ab90555f59fbccbf0209ed8da1f5498ba5d78f80c3b189f38e705
d7a72b814c5699dd7ce0131e32ab39f3bc8ddec3ef158f6070d9a424f6128c30
d817f36fcb5c986f68b3b8627108f8c564ce1e7f6e2b92c95722a59a4f7a34ed
d8f64ca73c0faaf5d9d1e56252a2d89a23262ea516e7d731adaf5f255d4081a3
d8fe36a17aa5e4cd1a197c81235633a1e44ca292162a06b9b7dc1dc37981a211
db428922c72c3ef3c821aea62551754070d6d0a282391b209d25574b01a8b059
dbb99fbd69185738e614fbbc92b5bace8ce70e1b000fc5930a84de1d79cbd188
dbe10f27507dbecd91351ff8eb8213dc13c2aab2eb10500e52fd42444558f42a
dbf17b9ee0457f6761fad5df3c49d061ed508a5b1b6980042a565c4c26bc7ad4
dcdd298c3cc61adb49700ead4da02f60b10cab0a1df4888019d121a02e3b275c
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd6e00bfd40318e3b262b09fc0863969360267bf8399d23eceaf18510848c5a4
dec000872742c8a53d760926c796e0474d12cd175942beea77641bf27406091f
dff3ab12802f9486fdee669bc36c86962497106ecc8c9d0d399649efd0912a10
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442
e1f9f8ae900970d349ac91231c90e101e4eae3136d8497a6b06a8c7b4ac06181
e2b29dda3ecc2c9ca63e22a28d2f16efac098f1a3199f7bd916a436d2467057f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c413d9ecb857ab839e9147e9a72b0967a80151bae1aec1b1771c623006f5bc
e3c479efa4ab1507f7909eacf9ef6ae4616b876f7ac1f968b9e0044cfcb92f88
e4400f21afb8b0d177c8cc1d042db58cd67ab5f03bb076cc84d9fc19523aebca
e46451a1600dbc128741a8b6549c727024b909f6c4e1ccf97c11498056223ccb
e4cf78cc4dd6c3fc5fd045c3e7faf3fb3a110febff48aca4e05dcaad2e8ccac0
e56c2e86ab686acb146a8627145eade1273b973f9a0c60300cfc55ef9b12d000
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e9fbecfc8ff2be3cd7c5fd4c35f58d46058a37089813434d6c15efe06aa8da4a
ec93813683cccb74a7896a34a2ed1b2163288620f6959ae06de3ded30cf518b9
ed2d993c35cd51826ee304739d91e554bd9faa1b120602fc4b3baa15941a9e35
ee8163b46eb81bd00972b26b74fe22870d91d8911720757f0fb4983f11411cfb
ee841ee7fbf298d92da848c0f7dee9d128b36f609621b0118100938de9f9dcd3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef983d6dcfe16576a9be98a6fe4d2c99552c9e76fe46fefb29dc2ae2cc5082c3
f10e7c88a107c32c5a99a31b5f6df3c7d92742b0ef6438cba64f029394018e0a
f350da55ad21b0620e745dc85fbe2b1e73c5404bf4ecc1963f538d934039026a
f4876af3aa949da819a369a0a605abcc5a0921292b5d39955aa35dacd420ffbf
f8a1886ef6ca6ef33237a32dd6f34426d9ed8281da31cf5de1e75ae47e72becc
f9f40e5aa6d80e385e5c15593748db7bfb50fd07cc45c8239a6fad053f63affe
fa07a58956910a891d47f72975d81174117e7ac2305cd66ebee37dc846fe3f9b
fa2606fbe32c3bae99acb96df6f57f2357fd21efcd16e7a33f7d7d4536c349fa
fce94e8d493fb1b0c5264ad0ca94f542ca10c39b95eca426ecc0ffbb88e25077
feae28beedc8dc85ed19e5a32948e9f225a40246c25c108e811f540ea1fbd403
febc13d4fca620c0eda223b3febb844ecb01e4299569a936801b86ecc25609e8