newsus.app Open in urlscan Pro
2606:4700:3037::681b:812e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://newsus.app/
Effective URL:
https://newsus.app/
Submission: On June 22 via manual (June 22nd 2020, 7:52:20 pm UTC) from US

Summary HTTP 99 Redirects Behaviour Indicators

Summary

This website contacted 46 IPs in 8 countries across 41 domains to perform 99 HTTP transactions. The main IP is 2606:4700:3037::681b:812e, located in United States and belongs to CLOUDFLARENET, US. The main domain is newsus.app.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on October 16th 2019. Valid for: a year.

This is the only time newsus.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	2606:4700:303... 2606:4700:3037::681b:812e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
6	151.139.241.23 151.139.241.23	33438 (HIGHWINDS2) (HIGHWINDS2)
6	139.45.196.196 139.45.196.196	9002 (RETN-AS) (RETN-AS)
4	139.45.196.10 139.45.196.10	9002 (RETN-AS) (RETN-AS)
3	2a00:1450:400... 2a00:1450:4001:821::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:218... 2600:9000:2182:7400:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	145.239.193.145 145.239.193.145	16276 (OVH) (OVH)
1	198.148.27.132 198.148.27.132	19189 (PULSEPOINT) (PULSEPOINT)
1 4	185.86.137.17 185.86.137.17	201081 (SMARTADSE...) (SMARTADSERVER)
4	68.232.35.16 68.232.35.16	15133 (EDGECAST) (EDGECAST)
1	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	145.239.193.51 145.239.193.51	16276 (OVH) (OVH)
2	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
1	2606:4700:10:... 2606:4700:10::6816:1957	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:215... 2600:9000:215d:4400:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:215d:e200:1:af78:4c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.58.64.30 52.58.64.30	16509 (AMAZON-02) (AMAZON-02)
1	143.204.247.117 143.204.247.117	16509 (AMAZON-02) (AMAZON-02)
1	91.228.74.198 91.228.74.198	27281 (QUANTCAST) (QUANTCAST)
1	143.204.247.38 143.204.247.38	16509 (AMAZON-02) (AMAZON-02)
1	13.226.156.73 13.226.156.73	16509 (AMAZON-02) (AMAZON-02)
2	72.247.225.98 72.247.225.98	16625 (AKAMAI-AS) (AKAMAI-AS)
2	139.45.196.95 139.45.196.95	9002 (RETN-AS) (RETN-AS)
1 4	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	2600:9000:218... 2600:9000:2182:4000:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:814::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:e2:... 2606:4700:e2::ac40:8620	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	206.54.165.181 206.54.165.181	35415 (WEBZILLA) (WEBZILLA)
1	54.228.220.169 54.228.220.169	16509 (AMAZON-02) (AMAZON-02)
1	188.42.160.46 188.42.160.46	35415 (WEBZILLA) (WEBZILLA)
2	78.140.190.98 78.140.190.98	35415 (WEBZILLA) (WEBZILLA)
1	63.33.80.49 63.33.80.49	16509 (AMAZON-02) (AMAZON-02)
1 2	35.157.238.72 35.157.238.72	16509 (AMAZON-02) (AMAZON-02)
1	37.252.172.38 37.252.172.38	29990 (ASN-APPNEX) (ASN-APPNEX)
2	116.202.160.31 116.202.160.31	24940 (HETZNER-AS) (HETZNER-AS)
1 2	5.178.65.246 5.178.65.246	50673 (SERVERIUS-AS) (SERVERIUS-AS)
1	3.123.181.23 3.123.181.23	16509 (AMAZON-02) (AMAZON-02)
2	104.16.53.4 104.16.53.4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	185.29.134.233 185.29.134.233	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2	2606:4700::68... 2606:4700::6810:3f36	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	138.201.84.252 138.201.84.252	24940 (HETZNER-AS) (HETZNER-AS)
1	92.123.228.239 92.123.228.239	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	144.76.91.199 144.76.91.199	24940 (HETZNER-AS) (HETZNER-AS)
1 1	23.203.80.189 23.203.80.189	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.199.220.85 23.199.220.85	16625 (AKAMAI-AS) (AKAMAI-AS)
99	46

20 2606:4700:3037::681b:812e (United States)

ASN13335 (CLOUDFLARENET, US)

newsus.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.139.241.23 (Dallas, United States)

ASN33438 (HIGHWINDS2, US)

ads.themoneytizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 139.45.196.196 (Ascension Island)

ASN9002 (RETN-AS, EU)

propu.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.45.196.10 (Ascension Island)

ASN9002 (RETN-AS, EU)

inpagepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:7400:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.193.145 (France)

ASN16276 (OVH, FR)

g.themoneytizer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.132 (New York, United States)

ASN19189 (PULSEPOINT, US)

tag.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.86.137.17 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ww1097.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.232.35.16 (United States)

ASN15133 (EDGECAST, US)

ced-ns.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ec-ns.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.193.51 (France)

ASN16276 (OVH, FR)

tag.leadplace.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.253 (Germany)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:215d:4400:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:215d:e200:1:af78:4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

vendorlist.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.64.30 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-64-30.eu-central-1.compute.amazonaws.com

apis.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.247.117 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-247-117.cph50.r.cloudfront.net

audit.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.198 (United Kingdom)

ASN27281 (QUANTCAST, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.247.38 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-247-38.cph50.r.cloudfront.net

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.156.73 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-156-73.dus51.r.cloudfront.net

d2zur9cc2gf1tx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.247.225.98 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-225-98.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.196.95 (Ascension Island)

ASN9002 (RETN-AS, EU)

ofgogoatan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:4000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e2::ac40:8620 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 206.54.165.181 (Amsterdam, Netherlands)

ASN35415 (WEBZILLA, NL)

itpatratr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.228.220.169 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-220-169.eu-west-1.compute.amazonaws.com

adtrack.adleadevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.42.160.46 (Amsterdam, Netherlands)

ASN35415 (WEBZILLA, NL)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.140.190.98 (Netherlands)

ASN35415 (WEBZILLA, NL)

static.ptoahaistais.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.33.80.49 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-80-49.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.238.72 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-238-72.eu-central-1.compute.amazonaws.com

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.38 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 116.202.160.31 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.31.160.202.116.clients.your-server.de

shb.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.178.65.246 (Renswoude, Netherlands) 1 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

ads.us.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.123.181.23 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-181-23.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.53.4 (United States)

ASN13335 (CLOUDFLARENET, US)

pixel.yabidos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.134.233 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:3f36 (United States)

ASN13335 (CLOUDFLARENET, US)

pre.glotgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.84.252 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.252.84.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.228.239 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-228-239.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 144.76.91.199 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.199.91.76.144.clients.your-server.de

hal900018.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.203.80.189 (United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-80-189.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.199.220.85 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-199-220-85.deploy.static.akamaitechnologies.com

www.zenaps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	newsus.app newsus.app	640 KB
6	consensu.org quantcast.mgr.consensu.org static.quantcast.mgr.consensu.org vendorlist.consensu.org apis.quantcast.mgr.consensu.org audit.quantcast.mgr.consensu.org	157 KB
6	propu.sh propu.sh	57 KB
6	themoneytizer.com ads.themoneytizer.com	152 KB
4	redintelligence.net 1 redirects hal9000.redintelligence.net hal900018.redintelligence.net	5 KB
4	mathtag.com tags.mathtag.com pixel.mathtag.com	2 KB
4	yandex.ru 1 redirects mc.yandex.ru	94 KB
4	sascdn.com ced-ns.sascdn.com ec-ns.sascdn.com	21 KB
4	smartadserver.com 1 redirects ww1097.smartadserver.com	6 KB
4	inpagepush.com inpagepush.com	24 KB
3	gstatic.com fonts.gstatic.com	51 KB
2	glotgrx.com pre.glotgrx.com	559 B
2	yabidos.com pixel.yabidos.com	22 KB
2	e-planning.net 1 redirects ads.us.e-planning.net	2 KB
2	richaudience.com shb.richaudience.com	432 B
2	360yield.com 1 redirects ice.360yield.com	4 KB
2	ptoahaistais.com static.ptoahaistais.com	77 KB
2	4dex.io script.4dex.io	19 KB
2	ofgogoatan.com ofgogoatan.com	26 KB
2	onetag-sys.com onetag-sys.com	441 B
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	31 KB
1	zenaps.com www.zenaps.com	705 B
1	awin1.com 1 redirects www.awin1.com	722 B
1	3lift.com tlx.3lift.com	472 B
1	adnxs.com ib.adnxs.com	1 KB
1	casalemedia.com as-sec.casalemedia.com	334 B
1	adsrvr.org match.adsrvr.org	539 B
1	rtmark.net my.rtmark.net	768 B
1	adleadevent.com adtrack.adleadevent.com	521 B
1	itpatratr.com itpatratr.com
1	quantcount.com rules.quantcount.com	968 B
1	indexww.com js-sec.indexww.com	12 KB
1	cloudfront.net d2zur9cc2gf1tx.cloudfront.net	26 KB
1	cpx.to p.cpx.to	2 KB
1	quantserve.com secure.quantserve.com	8 KB
1	zeotap.com spl.zeotap.com
1	leadplace.fr tag.leadplace.fr	3 KB
1	criteo.com gum.criteo.com	329 B
1	contextweb.com tag.contextweb.com	11 KB
1	themoneytizer.net g.themoneytizer.net	200 B
0	tmyzer.com Failed c.tmyzer.com Failed
99	41

	Domain	Requested by
20	newsus.app	newsus.app
6	propu.sh	newsus.app propu.sh
6	ads.themoneytizer.com	newsus.app ads.themoneytizer.com
4	mc.yandex.ru	1 redirects newsus.app
4	ww1097.smartadserver.com	1 redirects ced-ns.sascdn.com
4	inpagepush.com	newsus.app inpagepush.com
3	hal900018.redintelligence.net	1 redirects newsus.app hal900018.redintelligence.net
3	tags.mathtag.com	ced-ns.sascdn.com tags.mathtag.com
3	ced-ns.sascdn.com	newsus.app ww1097.smartadserver.com
3	fonts.gstatic.com	newsus.app
2	pre.glotgrx.com
2	pixel.yabidos.com	ww1097.smartadserver.com pixel.yabidos.com
2	ads.us.e-planning.net	1 redirects
2	shb.richaudience.com	ads.themoneytizer.com
2	ice.360yield.com	1 redirects
2	static.ptoahaistais.com	newsus.app inpagepush.com
2	script.4dex.io	ads.themoneytizer.com script.4dex.io
2	ofgogoatan.com	newsus.app
2	static.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
2	onetag-sys.com	ads.themoneytizer.com
1	www.zenaps.com	newsus.app
1	www.awin1.com	1 redirects
1	pixel.mathtag.com	tags.mathtag.com
1	hal9000.redintelligence.net	newsus.app
1	ec-ns.sascdn.com	ced-ns.sascdn.com
1	tlx.3lift.com	ads.themoneytizer.com
1	ib.adnxs.com	ads.themoneytizer.com
1	as-sec.casalemedia.com	js-sec.indexww.com
1	match.adsrvr.org	js-sec.indexww.com
1	my.rtmark.net	inpagepush.com
1	adtrack.adleadevent.com	ajax.googleapis.com
1	itpatratr.com	ofgogoatan.com
1	ajax.googleapis.com	d2zur9cc2gf1tx.cloudfront.net
1	rules.quantcount.com	secure.quantserve.com
1	js-sec.indexww.com	ads.themoneytizer.com
1	d2zur9cc2gf1tx.cloudfront.net	ads.themoneytizer.com
1	p.cpx.to	ads.themoneytizer.com
1	secure.quantserve.com	ads.themoneytizer.com
1	audit.quantcast.mgr.consensu.org	static.quantcast.mgr.consensu.org
1	apis.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	vendorlist.consensu.org	quantcast.mgr.consensu.org
1	spl.zeotap.com	ads.themoneytizer.com
1	tag.leadplace.fr	ads.themoneytizer.com
1	gum.criteo.com	ads.themoneytizer.com
1	tag.contextweb.com	ads.themoneytizer.com
1	g.themoneytizer.net	ads.themoneytizer.com
1	quantcast.mgr.consensu.org	newsus.app
1	fonts.googleapis.com	newsus.app
0	c.tmyzer.com Failed	ads.themoneytizer.com
99	49

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-10-16` - `2020-10-09`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.themoneytizer.com Sectigo RSA Domain Validation Secure Server CA	`2019-02-15` - `2021-02-14`	2 years	crt.sh
propu.sh Let's Encrypt Authority X3	`2020-04-27` - `2020-07-26`	3 months	crt.sh
inpagepush.com Let's Encrypt Authority X3	`2020-05-20` - `2020-08-18`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
quantcast.mgr.consensu.org Amazon	`2020-05-22` - `2021-06-22`	a year	crt.sh
g.themoneytizer.net GoGetSSL RSA DV CA	`2019-10-16` - `2022-01-17`	2 years	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2020-05-07` - `2022-05-12`	2 years	crt.sh
*.sascdn.com DigiCert SHA2 Secure Server CA	`2020-05-08` - `2022-05-25`	2 years	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2020-06-22` - `2020-09-20`	3 months	crt.sh
*.leadplace.fr Gandi Standard SSL CA 2	`2018-09-06` - `2020-09-12`	2 years	crt.sh
onetag-sys.com Let's Encrypt Authority X3	`2020-05-23` - `2020-08-21`	3 months	crt.sh
vendorlist.consensu.org Amazon	`2020-02-07` - `2021-03-07`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2019-10-04` - `2020-10-07`	a year	crt.sh
p.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2020-01-27` - `2021-02-08`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
ofgogoatan.com Let's Encrypt Authority X3	`2020-06-12` - `2020-09-10`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2019-09-23` - `2020-09-22`	a year	crt.sh
itpatratr.com Let's Encrypt Authority X3	`2020-04-28` - `2020-07-27`	3 months	crt.sh
adtrack.adleadevent.com Amazon	`2020-06-15` - `2021-07-15`	a year	crt.sh
*.rtmark.net Let's Encrypt Authority X3	`2020-06-02` - `2020-08-31`	3 months	crt.sh
ptoahaistais.com Let's Encrypt Authority X3	`2020-06-07` - `2020-09-05`	3 months	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.360yield.com Amazon	`2019-09-24` - `2020-10-24`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.richaudience.com RapidSSL RSA CA 2018	`2019-03-07` - `2021-04-05`	2 years	crt.sh
ads.us.e-planning.net Let's Encrypt Authority X3	`2020-06-08` - `2020-09-06`	3 months	crt.sh
*.3lift.com Amazon	`2019-07-17` - `2020-08-17`	a year	crt.sh
*.smartadserver.com DigiCert Global CA G2	`2020-02-03` - `2022-02-03`	2 years	crt.sh
*.yabidos.com Go Daddy Secure Certificate Authority - G2	`2019-05-19` - `2020-07-18`	a year	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-04-22`	2 years	crt.sh
*.glotgrx.com Go Daddy Secure Certificate Authority - G2	`2019-11-13` - `2021-01-12`	a year	crt.sh
redintelligence.net Let's Encrypt Authority X3	`2020-06-22` - `2020-09-20`	3 months	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2021-07-15`	a year	crt.sh
www.awin1.com DigiCert Secure Site ECC CA-1	`2020-04-21` - `2021-07-21`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://newsus.app/
Frame ID: E2A6B2C7F3E69B77C6EDF06C1B1D5B65
Requests: 85 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1592855514987
Frame ID: FC8AF4A45B650273523F1E659149AE4B
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Frame ID: A4D4793AEC8EF4B6CBEA8802FD86705B
Requests: 1 HTTP requests in this frame

Frame: https://static.quantcast.mgr.consensu.org/v34/cmp-3pc-check.html
Frame ID: 2A0A343C68F3AA87573BDEA60E55C9A8
Requests: 1 HTTP requests in this frame

Frame: https://itpatratr.com/fac.php
Frame ID: 9CBE6BC740434A504796BB498C8524C7
Requests: 1 HTTP requests in this frame

Frame: https://static.ptoahaistais.com/contents/s/2c/8c/40/8c63c8c7eaf679414b65cbddb3/01493259554841.png
Frame ID: 652E8A27DE95D16B3E5FD8EBC3A14EA6
Requests: 1 HTTP requests in this frame

Frame: https://ec-ns.sascdn.com/diff/rtb/handler/st.min.html?%7b%22bid%22%3a%22237387794747422652%22%2c%22adomain%22%3a%22soberberlin.com%22%2c%22page%22%3a%221232602%22%2c%22format%22%3a%2226328%22%2c%22crid%22%3a%226816004%22%2c%22dsp%22%3a%2225%22%2c%22buyer%22%3a%2267013%22%2c%22cid%22%3a%22669970%22%2c%22adid%22%3a%226816004%22%2c%22hash%22%3a%22-3175290429695038343%22%7d
Frame ID: 83195D8A7DADC93A9C144DFA42002A82
Requests: 1 HTTP requests in this frame

Frame: https://tags.mathtag.com/notify/js?exch=sas&id=5aW95q2jLzIyLyAvWkdZd09HTXpaVGN0WldZMVlpMHdZell6TFRBd01EQXRNREF3TURBd01EQXdNREF3LzU3MTQwOTExMDA1MDMwMDMzNzQvNjgxNjAwNC80NzM5NjE5LzM5L1dnZXR3U2o4STFzU2M3RnZseERyVUtIRExmZ3JYbFdaM2VhYWctLWlHTkkvMS8zOS8wLzAvOTk4MDg4LzMxMTgwNTAwNjAvMjE2NTM2LzY2OTk3MC8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzU3MTQwOTExMDA1MDMwMDMzNzQvenJoLzAvNTkzOS85MS85OTkvMC8xODUuMjE3LjE3MS4wLzAuMDAwLzE1OTI4NTU1MzQvMTU5Mjg2ODEzNC8zOS8/v7RntE6Wh3uUmQCRwxrQu3NSNFc&nodeid=1341&group=eu&auctionid=5714091100503003374&sid=4739619&cid=6816004&price=0.057730859&bp=a_ahcaab&nfy_act=LD5wfnw&type=adm&client=c2s&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&bfip=185.29.132.131
Frame ID: 4CE4B84E7C7C3054704C44DC48E3B5EE
Requests: 8 HTTP requests in this frame

Frame: https://hal900018.redintelligence.net/request_content.php?s=90489300273697701041198011268018&a=5c93581a
Frame ID: 1024083B539ABA81B12A4176487079E9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /\/prebid\.js/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

99
Requests

99 %
HTTPS

28 %
IPv6

41
Domains

49
Subdomains

46
IPs

8
Countries

1456 kB
Transfer

3176 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
https://ced-ns.sascdn.com/diff/js/smart.js

Request Chain 60

https://mc.yandex.ru/watch/55805035?wmode=7&page-url=https%3A%2F%2Fnewsus.app%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1592855514476%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200622215204%3Aet%3A1592855524%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1297585882246%3Arqn%3A1%3Arn%3A911538985%3Ahid%3A316205738%3Ads%3A45%2C24%2C196%2C10%2C0%2C0%2C0%2C9213%2C34%2C%2C%2C%2C9482%3Afp%3A538%3Agdpr%3A14%3Av%3A1885%3Awv%3A2%3Arqnl%3A1%3Ast%3A1592855524%3Au%3A1592855524683841865%3At%3ABreaking%20U.S%20News HTTP 302
https://mc.yandex.ru/watch/55805035/1?wmode=7&page-url=https%3A%2F%2Fnewsus.app%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1592855514476%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200622215204%3Aet%3A1592855524%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1297585882246%3Arqn%3A1%3Arn%3A911538985%3Ahid%3A316205738%3Ads%3A45%2C24%2C196%2C10%2C0%2C0%2C0%2C9213%2C34%2C%2C%2C%2C9482%3Afp%3A538%3Agdpr%3A14%3Av%3A1885%3Awv%3A2%3Arqnl%3A1%3Ast%3A1592855524%3Au%3A1592855524683841865%3At%3ABreaking%20U.S%20News

Request Chain 71

https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2221ed997ef8f49ef%22%2C%22version%22%3A%227.0.0-JS-6.3.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fnewsus.app%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2262146%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2221bec71fbd6d9f%22%2C%22pid%22%3A%2222279658%22%2C%22tid%22%3A%22f56a76a9-9736-4016-956e-a0c143f9c5e0%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A990%2C%22h%22%3A90%7D%2C%7B%22w%22%3A950%2C%22h%22%3A90%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%223f3e8f378012c6%22%2C%22pid%22%3A%2222279666%22%2C%22tid%22%3A%2264114b66-1636-4f33-bff8-d4b3587b437c%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D HTTP 302
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2221ed997ef8f49ef%22%2C%22version%22%3A%227.0.0-JS-6.3.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fnewsus.app%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2262146%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2221bec71fbd6d9f%22%2C%22pid%22%3A%2222279658%22%2C%22tid%22%3A%22f56a76a9-9736-4016-956e-a0c143f9c5e0%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A990%2C%22h%22%3A90%7D%2C%7B%22w%22%3A950%2C%22h%22%3A90%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%223f3e8f378012c6%22%2C%22pid%22%3A%2222279666%22%2C%22tid%22%3A%2264114b66-1636-4f33-bff8-d4b3587b437c%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D

Request Chain 77

https://ads.us.e-planning.net/hb/1/2a156/1/newsus.app/ROS?rnd=0.7871203082393969&e=26328%3A1x1%2C728x90%2C970x90%2C1000x90%2C1000x30%2C990x90%2C950x90%2C300x250%2B26300%3A300x250&ur=https%253A%252F%252Fnewsus.app%252F&r=pbjs&pbv=3.20.0&ncb=1&vs=FF&crs=UTF-8&fr=https%253A%252F%252Fnewsus.app%252F&gdpr=0 HTTP 302
https://ads.us.e-planning.net/hb/1/2a156/1/newsus.app/ROS?ct=1&rnd=0.7871203082393969&e=26328%3A1x1%2C728x90%2C970x90%2C1000x90%2C1000x30%2C990x90%2C950x90%2C300x250%2B26300%3A300x250&ur=https%253A%252F%252Fnewsus.app%252F&r=pbjs&pbv=3.20.0&ncb=1&vs=FF&crs=UTF-8&fr=https%253A%252F%252Fnewsus.app%252F&gdpr=0

Request Chain 96

https://hal900018.redintelligence.net/request.php?zone=qjrb633sv5h8&nw=20&renderingType=javascript&namespace=5431832896&subid=&uid=2e2a6b6e170f2ada&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&tcfGdpr=&tcfGdprConsent=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D5714091100503003374%26mt_id%3D6816004%26mt_adid%3D216536%26mt_sid%3D4739619%26mt_exid%3D39%26mt_inapp%3D0%26mt_uuid%3Dd4385ef1-0bee-4001-bef8-e2c2f6a3641f%26redirect%3D&documentReferer=https%3A%2F%2Fnewsus.app%2F&ancestorOrigins=https%3A%2F%2Fnewsus.app&random=4415881638942&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900018.redintelligence.net/request.php?zone=qjrb633sv5h8&nw=20&renderingType=javascript&namespace=5431832896&subid=&uid=2e2a6b6e170f2ada&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&tcfGdpr=&tcfGdprConsent=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D5714091100503003374%26mt_id%3D6816004%26mt_adid%3D216536%26mt_sid%3D4739619%26mt_exid%3D39%26mt_inapp%3D0%26mt_uuid%3Dd4385ef1-0bee-4001-bef8-e2c2f6a3641f%26redirect%3D&documentReferer=https%3A%2F%2Fnewsus.app%2F&ancestorOrigins=https%3A%2F%2Fnewsus.app&random=4415881638942&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 98

https://www.awin1.com/cshow.php?s=2664739&v=8488&q=391888&r=235229&pref1=90489300273697701041198011268018&pv=1 HTTP 302
https://www.zenaps.com/cshow.php?pvr=df317671-b4c1-11ea-a4a2-692d04ea0f64&v=8488&r=235229&q=391888&s=2664739&viewref=90489300273697701041198011268018&pv=1

99 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
newsus.app/ 101 KB
26 KB 265ms
196ms Document
text/html 2606:4700:3037::681b:812e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsus.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681b:812e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75640482af4dae0d5eb717cef6e463f76e861d1fd63d45d856bfa70d3655d6d1

Request headers

:method: GET
:authority: newsus.app
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 22 Jun 2020 19:51:54 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d2d3ac6c2c64fcc40ce2ef19586fa6ec71592855514; expires=Wed, 22-Jul-20 19:51:54 GMT; path=/; domain=.newsus.app; HttpOnly; SameSite=Lax
x-hyper-cache: stop - no cache header
link: <https://newsus.app/wp-json/>; rel="https://api.w.org/"
cf-cache-status: DYNAMIC
cf-request-id: 037f2f65b60000177e939b2200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5a7881b5f857177e-FRA
content-encoding: br

GET
H2 200 style.min.css
newsus.app/wp-includes/css/dist/block-library/ 52 KB
7 KB 93ms
91ms Stylesheet
text/css 2606:4700:3037::681b:812e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsus.app/wp-includes/css/dist/block-library/style.min.css?ver=5.4.2
Requested by: Host: newsus.app
URL: https://newsus.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681b:812e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 22 Jun 2020 19:51:54 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 08 May 2020 03:00:56 GMT
server: cloudflare
etag: W/"5eb4cb68-d159"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-ray: 5a7881b73b4b177e-FRA
cf-request-id: 037f2f66800000177e939c7200000001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
969 B 18ms
16ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:400,700,300|PT+Serif:400,400italic,700,700italic

Requested by

Host: newsus.app
URL: https://newsus.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2a61b76500f92d212da51805bf1d1a36443ff39c405b57d86f7729be7cb35ecf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 22 Jun 2020 19:51:54 GMT
server: ESF
date: Mon, 22 Jun 2020 19:51:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Jun 2020 19:51:54 GMT

GET
H2 200 font-awesome.min.css
newsus.app/wp-content/themes/newsus/includes/ 30 KB
7 KB 77ms
76ms Stylesheet
text/css 2606:4700:3037::681b:812e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsus.app/wp-content/themes/newsus/includes/font-awesome.min.css
Requested by: Host: newsus.app
URL: https://newsus.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681b:812e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 22 Jun 2020 19:51:54 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 17 Oct 2019 00:28:54 GMT
server: cloudflare
etag: W/"5da7b5c6-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-ray: 5a7881b73b4c177e-FRA
cf-request-id: 037f2f66800000177e939c8200000001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
newsus.app/wp-content/themes/newsus/ 28 KB
6 KB 76ms
75ms Stylesheet
text/css 2606:4700:3037::681b:812e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsus.app/wp-content/themes/newsus/style.css?ver=5.4.2
Requested by: Host: newsus.app
URL: https://newsus.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681b:812e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09a986c42fe27cda020dbd47d625f597832077fe9a8354ef9bdc264914cb57f0

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 22 Jun 2020 19:51:54 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 17 Oct 2019 00:28:52 GMT
server: cloudflare
etag: W/"5da7b5c4-6f13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-ray: 5a7881b73b4d177e-FRA
cf-request-id: 037f2f66800000177e939c9200000001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.js Show response
newsus.app/wp-includes/js/jquery/ 95 KB
32 KB 95ms
93ms Script
application/javascript 2606:4700:3037::681b:812e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsus.app/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: newsus.app
URL: https://newsus.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681b:812e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 22 Jun 2020 19:51:54 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 16 Oct 2019 17:04:12 GMT
server: cloudflare
etag: W/"5da74d8c-17a69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-ray: 5a7881b73b4f177e-FRA
cf-request-id: 037f2f66800000177e939ca200000001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-migrate.min.js Show response
newsus.app/wp-includes/js/jquery/ 10 KB
4 KB 14ms
13ms Script
application/javascript 2606:4700:3037::681b:812e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsus.app/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: newsus.app
URL: https://newsus.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681b:812e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Jun 2020 19:51:54 GMT
content-encoding: br
cf-cache-status: HIT
age: 193787
status: 200
cf-request-id: 037f2f66800000177e939cb200000001
pragma: public
last-modified: Wed, 16 Oct 2019 17:04:11 GMT
server: cloudflare
etag: W/"5da74d8b-2748"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-ray: 5a7881b73b51177e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scripts.js Show response
newsus.app/wp-content/themes/newsus/js/ 13 KB
5 KB 62ms
61ms Script
application/javascript 2606:4700:3037::681b:812e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsus.app/wp-content/themes/newsus/js/scripts.js?ver=5.4.2
Requested by: Host: newsus.app
URL: https://newsus.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681b:812e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50d22562075c75280f7ae096c504a62df766e9c664228cbe4eb8c67dc81915fc

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 22 Jun 2020 19:51:54 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 17 Oct 2019 00:28:55 GMT
server: cloudflare
etag: W/"5da7b5c7-33d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-ray: 5a7881b73b54177e-FRA
cf-request-id: 037f2f66800000177e939cc200000001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bb3be11b8f372fe24d95b7bc1c9fa9d3.png
newsus.app/wp-content/uploads/2020/06/ 44 KB
44 KB 91ms
87ms Image
image/png 2606:4700:3037::681b:812e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsus.app/wp-content/uploads/2020/06/bb3be11b8f372fe24d95b7bc1c9fa9d3.png
Requested by: Host: newsus.app
URL: https://newsus.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681b:812e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a97b0fb088692ffa1f3b0002992056bad40eb44b63bfdb8902a1be38f5f78845

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Jun 2020 19:51:54 GMT
cf-cache-status: MISS
status: 200
content-length: 44665
cf-request-id: 037f2f66f60000177e939db200000001
pragma: public
last-modified: Mon, 22 Jun 2020 19:46:17 GMT
server: cloudflare
etag: "5ef10a89-ae79"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5a7881b7fcfe177e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 c8b50d7af1666c65f8644c219408d367-260x146.png
newsus.app/wp-content/uploads/2020/06/ 46 KB
46 KB 83ms
79ms Image
image/png 2606:4700:3037::681b:812e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsus.app/wp-content/uploads/2020/06/c8b50d7af1666c65f8644c219408d367-260x146.png
Requested by: Host: newsus.app
URL: https://newsus.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681b:812e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d27d5211e33c6a577d22f8b8d80fc65b4547573d12a9c32f4fc651641bd0956

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Jun 2020 19:51:54 GMT
cf-cache-status: MISS
status: 200
content-length: 46990
cf-request-id: 037f2f66f70000177e939dc200000001
pragma: public
last-modified: Mon, 22 Jun 2020 19:45:55 GMT
server: cloudflare
etag: "5ef10a73-b78e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5a7881b7fd00177e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 f5d614c48d714fb3bb62423e2890939c-260x146.png
newsus.app/wp-content/uploads/2020/06/ 86 KB
86 KB 92ms
88ms Image
image/png 2606:4700:3037::681b:812e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsus.app/wp-content/uploads/2020/06/f5d614c48d714fb3bb62423e2890939c-260x146.png
Requested by: Host: newsus.app
URL: https://newsus.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681b:812e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 401a6999717effb54afb71c8b55282babef2ec1f19685525da52c854239457ef

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Jun 2020 19:51:54 GMT
cf-cache-status: MISS
status: 200
content-length: 88254
cf-request-id: 037f2f66f70000177e939dd200000001
pragma: public
last-modified: Mon, 22 Jun 2020 19:45:44 GMT
server: cloudflare
etag: "5ef10a68-158be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5a7881b7fd02177e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 041fd942776b1c8f346f09eef19788e1-260x146.png
newsus.app/wp-content/uploads/2020/06/ 66 KB
66 KB 91ms
88ms Image
image/png 2606:4700:3037::681b:812e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsus.app/wp-content/uploads/2020/06/041fd942776b1c8f346f09eef19788e1-260x146.png
Requested by: Host: newsus.app
URL: https://newsus.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681b:812e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a598a7dda70f0d08bdc5d3f5e112b69c7ba8544cf9b33ab4eb778a91993e7eee

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Jun 2020 19:51:54 GMT
cf-cache-status: MISS
status: 200
content-length: 67784
cf-request-id: 037f2f66f70000177e939de200000001
pragma: public
last-modified: Mon, 22 Jun 2020 19:45:21 GMT
server: cloudflare
etag: "5ef10a51-108c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5a7881b7fd04177e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 104f602b9b9b92ea0b89309538542600-260x146.png
newsus.app/wp-content/uploads/2020/06/ 59 KB
59 KB 91ms
88ms Image
image/png 2606:4700:3037::681b:812e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsus.app/wp-content/uploads/2020/06/104f602b9b9b92ea0b89309538542600-260x146.png
Requested by: Host: newsus.app
URL: https://newsus.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681b:812e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86035b8fe52cc2791c8e194d863bb7b5d720fcc69c14e071ca65b6e90c200885

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Jun 2020 19:51:54 GMT
cf-cache-status: MISS
status: 200
content-length: 60018
cf-request-id: 037f2f66f70000177e939df200000001
pragma: public
last-modified: Mon, 22 Jun 2020 19:45:10 GMT
server: cloudflare
etag: "5ef10a46-ea72"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5a7881b7fd05177e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 b3ccfe35faf2b2cc60b5ce0af6546d62-260x146.png
newsus.app/wp-content/uploads/2020/06/ 46 KB
46 KB 84ms
81ms Image
image/png 2606:4700:3037::681b:812e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsus.app/wp-content/uploads/2020/06/b3ccfe35faf2b2cc60b5ce0af6546d62-260x146.png
Requested by: Host: newsus.app
URL: https://newsus.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681b:812e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9af54c66fca6a74907e6033747a9ad304a3079cc1e85166db9f3e984d6c7cf9f

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Jun 2020 19:51:54 GMT
cf-cache-status: MISS
status: 200
content-length: 46902
cf-request-id: 037f2f66f70000177e939e0200000001
pragma: public
last-modified: Mon, 22 Jun 2020 19:22:45 GMT
server: cloudflare
etag: "5ef10505-b736"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5a7881b7fd06177e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 d8eddf25ee5827ad9087137544b7f99d-260x146.png
newsus.app/wp-content/uploads/2020/06/ 13 KB
13 KB 60ms
58ms Image
image/png 2606:4700:3037::681b:812e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsus.app/wp-content/uploads/2020/06/d8eddf25ee5827ad9087137544b7f99d-260x146.png
Requested by: Host: newsus.app
URL: https://newsus.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681b:812e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 563e10d9c4457036087d97d9bbb2b6665b04eb5b4f747e643d1cbb24dd00ef09

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Jun 2020 19:51:54 GMT
cf-cache-status: MISS
status: 200
content-length: 12813
cf-request-id: 037f2f66f70000177e939e1200000001
pragma: public
last-modified: Mon, 22 Jun 2020 18:46:18 GMT
server: cloudflare
etag: "5ef0fc7a-320d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5a7881b7fd07177e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 0bc4d926fccbbad485ef86f6d2eb2033-260x146.png
newsus.app/wp-content/uploads/2020/06/ 53 KB
53 KB 91ms
89ms Image
image/png 2606:4700:3037::681b:812e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsus.app/wp-content/uploads/2020/06/0bc4d926fccbbad485ef86f6d2eb2033-260x146.png
Requested by: Host: newsus.app
URL: https://newsus.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681b:812e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36a52c3b1ca6a9802f90bab0809d0bec59a186b8415f6da63f377665b1f9be66

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Jun 2020 19:51:54 GMT
cf-cache-status: MISS
status: 200
content-length: 53843
cf-request-id: 037f2f66f80000177e939e2200000001
pragma: public
last-modified: Mon, 22 Jun 2020 18:46:00 GMT
server: cloudflare
etag: "5ef0fc68-d253"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5a7881b7fd08177e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 73ca92e87e1a8ab0fe26c5fa5bdfdf5e-260x146.png
newsus.app/wp-content/uploads/2020/06/ 64 KB
64 KB 94ms
91ms Image
image/png 2606:4700:3037::681b:812e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsus.app/wp-content/uploads/2020/06/73ca92e87e1a8ab0fe26c5fa5bdfdf5e-260x146.png
Requested by: Host: newsus.app
URL: https://newsus.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681b:812e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec418f6f4070ef17c8fe9d395d260ab8449e3a2af8e792e0fcb4643a31e5ef78

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Jun 2020 19:51:54 GMT
cf-cache-status: MISS
status: 200
content-length: 65451
cf-request-id: 037f2f66f80000177e939e3200000001
pragma: public
last-modified: Mon, 22 Jun 2020 18:45:48 GMT
server: cloudflare
etag: "5ef0fc5c-ffab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5a7881b7fd09177e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 c8e10a8ba7d953ce493cc62163df1b93-260x146.png
newsus.app/wp-content/uploads/2020/06/ 69 KB
69 KB 86ms
84ms Image
image/png 2606:4700:3037::681b:812e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsus.app/wp-content/uploads/2020/06/c8e10a8ba7d953ce493cc62163df1b93-260x146.png
Requested by: Host: newsus.app
URL: https://newsus.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681b:812e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aacfea8f5aeaf77f83c91342681081a83c71af26e6e7e0744d550aad77cca3ed

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Jun 2020 19:51:54 GMT
cf-cache-status: MISS
status: 200
content-length: 70859
cf-request-id: 037f2f66f80000177e939e4200000001
pragma: public
last-modified: Mon, 22 Jun 2020 18:45:35 GMT
server: cloudflare
etag: "5ef0fc4f-114cb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5a7881b7fd0a177e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 9 KB
4 KB 45ms
14ms Script
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=6
Requested by: Host: newsus.app
URL: https://newsus.app/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 380333b0b75ec9ad51d95668ab00662d4c63a0913ec1c10304c6f312e1ee2c8e

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Jun 2020 19:51:54 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 3371
expires: Tue, 23 Jun 2020 19:51:47 GMT

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 44 KB
9 KB 9057ms
9034ms Script
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=62146&formatId=6
Requested by: Host: newsus.app
URL: https://newsus.app/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 00aacaebd7cde9799722dfabc10c9ec1d6df81e9b1c540fbc832ba3cda8f8166

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Jun 2020 19:52:03 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=86400
accept-ranges: bytes
expires: Tue, 23 Jun 2020 19:52:03 GMT

GET
H/1.1 200
OK tag.min.js Show response
propu.sh/pfe/current/ 39 KB
12 KB 46ms
15ms Script
application/javascript 139.45.196.196
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://propu.sh/pfe/current/tag.min.js?z=3156533
Requested by: Host: newsus.app
URL: https://newsus.app/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.196 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash: dc810823a23679d0e104b8dd8fe274ac686ae193c1d888ecfda089d8eca415b8

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Jun 2020 19:51:54 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Jun 2020 07:47:24 GMT
Server: nginx
ETag: W/"5eec6d8c-9ce3"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK 3156537 Show response
inpagepush.com/400/ 59 KB
22 KB 64ms
20ms Script
application/javascript 139.45.196.10
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/400/3156537

Requested by

Host: newsus.app
URL: https://newsus.app/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.196.10 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

6dd9e40b5de991edb0612cce69020546b07e57ac907489f3024b5a4ccf681d0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: d621d968173737da4f7d86540cb136a3
Pragma: no-cache
Date: Mon, 22 Jun 2020 19:51:54 GMT
Content-Encoding: gzip
Vary: Origin
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/javascript
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2 200 wp-emoji-release.min.js Show response
newsus.app/wp-includes/js/ 14 KB
4 KB 71ms
69ms Script
application/javascript 2606:4700:3037::681b:812e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsus.app/wp-includes/js/wp-emoji-release.min.js?ver=5.4.2
Requested by: Host: newsus.app
URL: https://newsus.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681b:812e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 22 Jun 2020 19:51:54 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 08 May 2020 03:00:56 GMT
server: cloudflare
etag: W/"5eb4cb68-364d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-ray: 5a7881b7fd0c177e-FRA
cf-request-id: 037f2f66f80000177e939e5200000001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-embed.min.js Show response
newsus.app/wp-includes/js/ 1 KB
766 B 66ms
62ms Script
application/javascript 2606:4700:3037::681b:812e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsus.app/wp-includes/js/wp-embed.min.js?ver=5.4.2
Requested by: Host: newsus.app
URL: https://newsus.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681b:812e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 22 Jun 2020 19:51:54 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 08 May 2020 03:00:56 GMT
server: cloudflare
etag: W/"5eb4cb68-59a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-ray: 5a7881b7fcfd177e-FRA
cf-request-id: 037f2f66f60000177e939da200000001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 TK3iWkUHHAIjg752GT8Gl-1PKw.woff2
fonts.gstatic.com/s/oswald/v31/ 25 KB
25 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v31/TK3iWkUHHAIjg752GT8Gl-1PKw.woff2

Requested by

Host: newsus.app
URL: https://newsus.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e747521bc9729c30f06bda6471e77ad26ce0e05b104743e93fe14c8ef3b559a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Oswald:400,700,300|PT+Serif:400,400italic,700,700italic
Origin: https://newsus.app

Response headers

date: Thu, 11 Jun 2020 16:30:36 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 00:19:42 GMT
server: sffe
age: 962478
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25376
x-xss-protection: 0
expires: Fri, 11 Jun 2021 16:30:36 GMT

GET
H2 200 EJRVQgYoZZY2vCFuvAFWzr-_dSb_.woff2
fonts.gstatic.com/s/ptserif/v11/ 13 KB
13 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v11/EJRVQgYoZZY2vCFuvAFWzr-_dSb_.woff2

Requested by

Host: newsus.app
URL: https://newsus.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d6cd55572e8be7aa03c122e0ef98bf72d91a2caa2dddfe3c7c5b50f67d2bd07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Oswald:400,700,300|PT+Serif:400,400italic,700,700italic
Origin: https://newsus.app

Response headers

date: Thu, 11 Jun 2020 13:11:50 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:23:27 GMT
server: sffe
age: 974404
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13280
x-xss-protection: 0
expires: Fri, 11 Jun 2021 13:11:50 GMT

GET
H2 200 EJRSQgYoZZY2vCFuvAnt66qSVyvVp8NA.woff2
fonts.gstatic.com/s/ptserif/v11/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v11/EJRSQgYoZZY2vCFuvAnt66qSVyvVp8NA.woff2

Requested by

Host: newsus.app
URL: https://newsus.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a75a7bf10f415b7c91f0b959177f3f1779e78cbf735601e41fb982c2b1cf4be2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Oswald:400,700,300|PT+Serif:400,400italic,700,700italic
Origin: https://newsus.app

Response headers

date: Thu, 11 Jun 2020 20:53:11 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:24:48 GMT
server: sffe
age: 946723
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13372
x-xss-protection: 0
expires: Fri, 11 Jun 2021 20:53:11 GMT

GET
H2 200 cmp.js Show response
quantcast.mgr.consensu.org/ 255 KB
70 KB 33ms
11ms Script
text/javascript 2600:9000:2182:7400:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/cmp.js
Requested by: Host: newsus.app
URL: https://newsus.app/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:7400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ae9a4cb28029fecf8f9a50d23d19dc51186f14880768528c8541807615d34327

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Jun 2020 19:38:04 GMT
content-encoding: gzip
last-modified: Thu, 28 May 2020 22:22:19 GMT
server: AmazonS3
age: 1051
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
status: 200
x-amz-meta-qc-ineu: True
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: nhTw1iS3LbsUNByyZ9nxjRDfPKAZ2c7FzJCUkYiYmdPGK0b0BWqZlg==
via: 1.1 51054083366f59cdc509361d23d873eb.cloudfront.net (CloudFront)

GET
H/1.1 200
OK / Show response
g.themoneytizer.net/g/ 26 B
200 B 123ms
31ms Script
text/html 145.239.193.145
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://g.themoneytizer.net/g/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.193.145 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 278393caf9e3b1246267fb79e95027449f041bbf8e8774a4cf46d72cc09b7405

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Jun 2020 19:51:55 GMT
Server: nginx
X-IPLB-Instance: 29821
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 moneyvisibility.js Show response
ads.themoneytizer.com/ 12 KB
4 KB 16ms
14ms Script
text/javascript 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneyvisibility.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 22185f510bff003e8504a6bff1759a96e745cb019155405c55fd2263898c6151

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Jun 2020 19:51:54 GMT
content-encoding: gzip
last-modified: Wed, 08 Jan 2020 19:01:35 GMT
server: nginx
etag: "779a-30ad-59ba5857e2265"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 3955
expires: Tue, 23 Jun 2020 19:51:19 GMT

GET
H2 200 moneybile.js Show response
ads.themoneytizer.com/ 37 KB
16 KB 21ms
19ms Script
text/javascript 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybile.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Jun 2020 19:51:54 GMT
content-encoding: gzip
last-modified: Wed, 27 Feb 2019 16:57:00 GMT
server: nginx
etag: "7ff1-9390-582e30fefbc74"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 15733
expires: Tue, 23 Jun 2020 19:51:19 GMT

GET
H2 200 getjs.static.js Show response
tag.contextweb.com/ 32 KB
11 KB 282ms
95ms Script
application/x-javascript 198.148.27.132
PULSEPOINT

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.contextweb.com/getjs.static.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.148.27.132 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software: envoy /
Resource Hash: bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Jun 2020 19:51:55 GMT
content-encoding: gzip
server: envoy
etag: d13c8ae45565efb782b52cb7f6a3b3828e3d77a7
p3p: policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
status: 200
cache-control: max-age=432000, public
x-envoy-upstream-service-time: 4
content-type: application/x-javascript
content-length: 11296

GET
H2

200

smart.js Show response
ced-ns.sascdn.com/diff/js/
Redirect Chain

https://ww1097.smartadserver.com/config.js?nwid=1097
https://ced-ns.sascdn.com/diff/js/smart.js

28 KB
9 KB

60ms
14ms

Script
application/x-javascript

68.232.35.16
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/js/smart.js
Requested by: Host: newsus.app
URL: https://newsus.app/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BC2) /
Resource Hash: 3f6464f9ad74909c3fdc357f6062e3e90f71c994a19154e7b27a148185848b9a

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Jun 2020 19:51:55 GMT
content-encoding: gzip
last-modified: Thu, 04 Jun 2020 08:09:39 GMT
server: ECS (amb/6BC2)
age: 39659
etag: "5f7fddb9b97f8eb48a8bdb4b04e2554a:1591258182.317141"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 9186

Redirect headers

location: https://ced-ns.sascdn.com/diff/js/smart.js
date: Mon, 22 Jun 2020 19:51:54 GMT
content-length: 0

GET
H2 200 sync Show response
gum.criteo.com/ 49 B
329 B 45ms
13ms Script
text/javascript 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Jun 2020 19:51:54 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
cache-control: private, max-age=3600
strict-transport-security: max-age=31536000
content-length: 165
expires: 60

GET
H/1.1 200
OK libJsLP.js Show response
tag.leadplace.fr/ 3 KB
3 KB 83ms
20ms Script
application/javascript 145.239.193.51
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/libJsLP.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Jun 2020 19:51:55 GMT
Last-Modified: Wed, 28 Nov 2018 09:16:40 GMT
Server: nginx/1.14.2
ETag: "5bfe5cf8-a72"
X-IPLB-Instance: 29922
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 2674

GET
H2 200 /
onetag-sys.com/usync/ Frame FC8A 0
0 71ms
23ms Document
text/html 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1592855514987

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.9.253 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2a897e3f18e6769&cb=1592855514987
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsus.app/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://newsus.app/

Response headers

status: 200
content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=2592000

GET
H2 200 /
spl.zeotap.com/ Frame A4D4 0
0 44ms
25ms Document
text/html 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /?env=mWeb&uc=2&zdid=1258&eventType=map
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsus.app/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://newsus.app/

Response headers

status: 200
date: Mon, 22 Jun 2020 19:51:55 GMT
content-type: text/html
set-cookie: __cfduid=db8c1b58847c099c39a829a0a2cc4a0ca1592855515; expires=Wed, 22-Jul-20 19:51:55 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax zc=5a82ed72-8fba-4ee6-4949-f91044d579db; Path=/; Domain=.zeotap.com; Max-Age=315360000; SameSite=None; Secure zsc=%5B%1B%A0t%3A%C1%E4P%E4%3El%40%D9%7D%D3%B6%F00%B2%17%DA%DBb%C8%E6%115%23z%03%B9%1D%E9%9A%D8%EFE%29%95%E1%D3%F9n0p9%F9N%24%FE%2Fz%A3%16%1Dg%00%A34%8F%C7%84%E8%A5uG%96cT%829%98%17%0D%B4G%FDL%E2%FF%2F%86XA%84%7C.%0E%BE%B1%B2l%1EK%15%BC%2B; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://newsus.app
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
cf-request-id: 037f2f678500001f19ef287200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5a7881b8d8491f19-FRA
content-encoding: br

GET
H2 200 cmp-3pc-check.html
static.quantcast.mgr.consensu.org/v34/ Frame 2A0A 0
0 97ms
31ms Document
text/html 2600:9000:215d:4400:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.quantcast.mgr.consensu.org/v34/cmp-3pc-check.html
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:215d:4400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: static.quantcast.mgr.consensu.org
:scheme: https
:path: /v34/cmp-3pc-check.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsus.app/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://newsus.app/

Response headers

status: 200
content-type: text/html
content-length: 645
last-modified: Thu, 28 May 2020 22:22:14 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Mon, 22 Jun 2020 19:39:31 GMT
etag: "55b98270d639ef0c34781d9f03cce91f"
x-cache: Hit from cloudfront
via: 1.1 6ca0922c4cb330aecc1b691bf382d465.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: _RVAKtenQIo4EmufiXmwwX6mOkq2SdJNexYRyh4HaSggppTDn6Z_fA==
age: 744

GET
H2 200 cmpui-banner.js Show response
static.quantcast.mgr.consensu.org/v34/ 249 KB
68 KB 38ms
37ms Script
text/javascript 2600:9000:215d:4400:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.quantcast.mgr.consensu.org/v34/cmpui-banner.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:215d:4400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b4d5d27cf99c2da1dc40c4bcefa51877e1458d9656c0feea7c2d3c941f6feb99

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Jun 2020 19:43:52 GMT
content-encoding: gzip
last-modified: Thu, 28 May 2020 22:22:13 GMT
server: AmazonS3
age: 595
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
status: 200
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: zLpa1L52C7FWkBThnCiR-XrvLvZBhybaP__B1hMeR3eMgX9O08A4CA==
via: 1.1 6ca0922c4cb330aecc1b691bf382d465.cloudfront.net (CloudFront)

GET
H2 200 vendorlist.json Show response
vendorlist.consensu.org/ 98 KB
18 KB 113ms
57ms XHR
application/json 2600:9000:215d:e200:1:af78:4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vendorlist.consensu.org/vendorlist.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:215d:e200:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a4e4a93e4a9fb48a74c82bcafe12ba946e478ac750ca0219b13f3a0f66fa2035

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Jun 2020 19:51:56 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: CPH50-C1
x-cache: Miss from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 18 Jun 2020 16:00:56 GMT
server: AmazonS3
access-control-max-age: 604800
access-control-allow-methods: GET
x-amz-version-id: WYeWORlayIJY8L9g1qQOV59LfXCJ9avc
via: 1.1 6cbce7f027770aab1fdecc1818c43a0b.cloudfront.net (CloudFront)
cache-control: max-age=604800
content-type: application/json; charset=utf-8
x-amz-cf-id: 1eoBeooecRW2lUh7OM-FdXv_NVd7TtH7VThjUsNf9KAPVZoOoc7iVQ==

GET
H2 200 CookieAccess Show response
apis.quantcast.mgr.consensu.org/ 18 B
262 B 110ms
45ms XHR
application/json 52.58.64.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://apis.quantcast.mgr.consensu.org/CookieAccess
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.64.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-64-30.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 9aae8dacafa5856ab91d8632a1a45d7034bc2e538cf52837fe1a8973c2f44177

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Jun 2020 19:51:55 GMT
server: awselb/2.0
status: 200
vary: Origin
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: https://newsus.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 18

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b640b9af1e6fa5c035c168701d2c1f5a02f371352cca208fefded3ddea443b6a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
audit.quantcast.mgr.consensu.org/ 80 B
480 B 854ms
762ms XHR
text/html 143.204.247.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit.quantcast.mgr.consensu.org/?log=;1592855515833;Moneytizer;https%3A%2F%2Fnewsus.app%2F;;;;;b,off,false,,1,en,34,207,true,false,false;displayConsentUi:mandatory,;GDPR-y5e0pcst1ks1p4d6f48k
Requested by: Host: static.quantcast.mgr.consensu.org
URL: https://static.quantcast.mgr.consensu.org/v34/cmpui-banner.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.247.117 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-247-117.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Jun 2020 19:51:57 GMT
via: 1.1 36977a8510529cb59322504bc8295469.cloudfront.net (CloudFront)
vary: Origin
x-amz-cf-pop: CPH50-C1
x-cache: Miss from cloudfront
status: 200
content-length: 80
last-modified: Mon, 11 Jun 2018 22:07:34 GMT
server: AmazonS3
etag: "0614149d8033903db5de46d6c184bbfd"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: sikD8N-7FAKyEs4IhzKGQcXxPjHcv8JROBzbG8CBaGT6Ja2RWVEl8A==

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
8 KB 70ms
25ms Script
application/x-javascript 91.228.74.198
QUANTCAST

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.quantserve.com/quant.js

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=62146&formatId=6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.198 , United Kingdom, ASN27281 (QUANTCAST, US),

Reverse DNS

Software

Resource Hash

e6e50fd1047f835e02b1b4140c8a63062dff27f25906501694c4829624150955

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Jun 2020 19:52:03 GMT
content-encoding: gzip
last-modified: Mon, 22-Jun-2020 19:52:03 GMT
etag: M0-4cca824e
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: private, no-transform, max-age=604800
strict-transport-security: max-age=86400
content-length: 8082
expires: Mon, 29 Jun 2020 19:52:03 GMT

GET
H/1.1 200
OK px.js Show response
p.cpx.to/p/12761/ 1 KB
2 KB 183ms
45ms Script
application/javascript 143.204.247.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/12761/px.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=62146&formatId=6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.247.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-247-38.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be27164578693a56994c1415e7b09992723585283a123ca62dc540a9597737bc

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Jun 2020 17:28:25 GMT
Content-Encoding: UTF-8
Connection: keep-alive
Last-Modified: Thu, 04 Jun 2020 12:37:59 GMT
Server: AmazonS3
Age: 1563819
ETag: "9bb5f4833e32ef86f1a606bf453610c0"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 c4cfd693df2d3c329a667c606d9185f1.cloudfront.net (CloudFront)
Cache-Control: max-age=2419200
X-Amz-Cf-Pop: CPH50-C1
Accept-Ranges: bytes
Content-Length: 1498
X-Amz-Cf-Id: ykx_pXb6yJwPzbPbM6sxvc-AwWA3QottQLgcJ88IdVwzsEOmAs2R6A==

GET
H/1.1 200
OK notifyme.js Show response
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 25 KB
26 KB 100ms
26ms Script
text/javascript 13.226.156.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=62146&formatId=6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.73 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-73.dus51.r.cloudfront.net
Software: Apache /
Resource Hash: b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 21 Jun 2020 21:37:37 GMT
Via: 1.1 a608f2055229f2ea193f6b8f15267a71.cloudfront.net (CloudFront)
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
Age: 80067
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
X-Amz-Cf-Pop: DUS51-C1
Accept-Ranges: bytes
Content-Length: 25704
X-Amz-Cf-Id: n5sIyH9LInnAJYUbd2bqLJp8_09Fqq65w7kWq7WzsIhr4gb22Ow9PQ==

GET
H/1.1 200
OK 186329-261067657875242.js Show response
js-sec.indexww.com/ht/p/ 35 KB
12 KB 868ms
815ms Script
text/javascript 72.247.225.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=62146&formatId=6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.225.98 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f869c2dff8faee0c62fe6b9eb479f2b326557fadefd778d35dabb9d7cd18a958

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Jun 2020 19:52:04 GMT
Content-Encoding: gzip
Last-Modified: Mon, 22 Jun 2020 19:51:03 GMT
Server: Apache
ETag: "764b5c-8bdb-5a8b19013a5ab"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 12319
Expires: Mon, 22 Jun 2020 20:52:04 GMT

GET
H2 200 prebid.js Show response
ads.themoneytizer.com/moneybid3_20/build/dist/ 372 KB
119 KB 18ms
17ms Script
text/javascript 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybid3_20/build/dist/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=62146&formatId=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 9927bfa69df2f37ab9bf7766fc14a8bbfa91940a9ddcd30132d90e8b6352330a

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Jun 2020 19:52:03 GMT
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 21:49:08 GMT
server: nginx
etag: "4d6d3-5d128-5a7c1d04797f1"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 121273
expires: Tue, 23 Jun 2020 19:51:11 GMT

GET
H/1.1 200
OK apu.php Show response
ofgogoatan.com/ 2 KB
2 KB 96ms
33ms XHR
application/json 139.45.196.95
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ofgogoatan.com/apu.php?zoneid=3156542&oo=1

Requested by

Host: newsus.app
URL: https://newsus.app/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.196.95 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

d22cb42b4f65e1e7bd2bea8dd4f474e2ba3dc0097e5c093d4f6e1b25fb876a35

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Jun 2020 19:52:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 51c51b5220bbb2edccd123ad5d480846
Pragma: no-cache
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://newsus.app
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK tag.min.js Show response
ofgogoatan.com/ 75 KB
24 KB 76ms
17ms Script
application/javascript 139.45.196.95
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ofgogoatan.com/tag.min.js

Requested by

Host: newsus.app
URL: https://newsus.app/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.196.95 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

922014228b35f797405be950c40370b64e8c71b7dce9c69b38b8fbe0c5a0f4dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Jun 2020 19:52:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 23701
X-Trace-Id: 9e7673f6a28e5ef1771681cdeec0c1e7
Pragma: no-cache
Last-Modified: Thu, 18 Jun 2020 11:09:18 GMT
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK tag.js Show response
mc.yandex.ru/metrika/ 359 KB
91 KB 136ms
44ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: newsus.app
URL: https://newsus.app/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

30621ef00f58adf18b716634957984c221af0634eddad78b7143da2551ad9ba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Jun 2020 19:52:04 GMT
Content-Encoding: br
Last-Modified: Tue, 16 Jun 2020 08:26:08 GMT
Server: nginx/1.14.2
ETag: "5ee88220-16bfc"
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 93180
Expires: Mon, 22 Jun 2020 20:52:04 GMT

GET
H/1.1 200
OK zone Show response
propu.sh/ 634 B
1 KB 87ms
60ms Fetch
application/json 139.45.196.196
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://propu.sh/zone?pub=0&zone_id=3156533&is_mobile=false&domain=newsus.app&var=&ymid=&var_3=

Requested by

Host: propu.sh
URL: https://propu.sh/pfe/current/tag.min.js?z=3156533

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.196 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

b136f1ce96ba09ca19cbccce85817458357591e42e3fb48199ebe6c308524380

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: 4e353b19cd86137e6c1751ba9c7ed531
Date: Mon, 22 Jun 2020 19:52:04 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://newsus.app
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 634

GET
H/1.1 200
OK universal.min.js Show response
propu.sh/pfe/current/ 140 KB
42 KB 56ms
28ms Fetch
application/javascript 139.45.196.196
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://propu.sh/pfe/current/universal.min.js?v=3.1.224
Requested by: Host: propu.sh
URL: https://propu.sh/pfe/current/tag.min.js?z=3156533
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.196 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash: 8ccf4d144b169c2ce86fde8a159dcd4658730429abce2755cbb880215869b787

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Jun 2020 19:52:04 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Jun 2020 07:47:24 GMT
Server: nginx
ETag: W/"5eec6d8c-2307f"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://newsus.app
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 rules-p-6Fv0cGNfc_bw8.js Show response
rules.quantcount.com/ 1 KB
968 B 34ms
9ms Script
application/x-javascript 2600:9000:2182:4000:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:4000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Jun 2020 19:37:42 GMT
content-encoding: gzip
last-modified: Mon, 19 Mar 2018 22:28:36 GMT
server: AmazonS3
age: 863
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: UMuULXnG69ybOeO4DsnZDE0xIS9u6-SDmCzuZ5vIZmq4eRjT5QrKFw==
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 84 KB
30 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

Requested by

Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 06:21:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 912632
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30186
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Jun 2021 06:21:32 GMT

GET
H2 200 localstore.js Show response
script.4dex.io/ 450 B
748 B 35ms
16ms Script
application/javascript 2606:4700:e2::ac40:8620
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid3_20/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8620 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ca8e213054d163276dedede01f9eaedf3daf414063621030719d3cbde1eca51

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Jun 2020 19:52:04 GMT
content-encoding: br
cf-cache-status: HIT
age: 555
status: 200
x-amz-request-id: DBFC3C55F40C443C
x-amz-id-2: mwDJsm80Bqk6xZLy1w7QYThSQNNegPLQLlW2W7KVSRTDiQiEyGrGBezw1bMurbaDGE0rsPZVOYI=
last-modified: Mon, 06 Apr 2020 11:18:51 GMT
server: cloudflare
etag: W/"bfa52622781c173885812009122c3f7c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1800
cf-request-id: 037f2f8af4000096bcbb9d5200000001
cf-ray: 5a7881f18e4d96bc-FRA

GET
H/1.1 204
No Content fac.php
itpatratr.com/ Frame 9CBE 0
0 59ms
15ms Document
text/html 206.54.165.181
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://itpatratr.com/fac.php

Requested by

Host: ofgogoatan.com
URL: https://ofgogoatan.com/tag.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

206.54.165.181 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Host: itpatratr.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://newsus.app/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://newsus.app/

Response headers

Server: nginx
Date: Mon, 22 Jun 2020 19:52:04 GMT
Content-Type: text/html; charset=utf8
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Timing-Allow-Origin: * *
X-Trace-Id: 30a5062f5740acbc1bcc09e4180bdea8
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

GET
H2 200 adagio.js Show response
script.4dex.io/ 62 KB
18 KB 76ms
58ms Fetch
application/javascript 2606:4700:e2::ac40:8620
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8620 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b21b082670143ac16a71038445d789a8875da5206df9b45e97ceeb44d50e0926

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Jun 2020 19:52:04 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: REVALIDATED
x-amz-request-id: 6788C62D0570A00E
status: 200
x-amz-id-2: u5X7xERhtln9HrzZwn9s3lVhZleVqy34Zw5J5QcYcZbvtDT/68blWQb70YYxPgwbMlt5eDzugdE=
last-modified: Mon, 06 Apr 2020 11:18:49 GMT
server: cloudflare
etag: W/"69fac1b60dfd5d00b8ff023e19aca7e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
cf-request-id: 037f2f8b40000005b785216200000001
cf-ray: 5a7881f20fb605b7-FRA

GET
H/1.1 200
OK notifyme.php Show response
adtrack.adleadevent.com/ 0
521 B 160ms
41ms XHR
application/x-javascript 54.228.220.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.220.169 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-228-220-169.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Jun 2020 19:52:04 GMT
Content-Encoding: gzip
Last-Modified: Mon, 22 Jun 2020 19:52:04 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://newsus.app
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK custom Show response
propu.sh/ 39 B
485 B 17ms
16ms Fetch
application/json 139.45.196.196
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://propu.sh/custom

Requested by

Host: newsus.app
URL: https://newsus.app/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.196 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: c6e1aef5d25137088c581cd7774d9030
Date: Mon, 22 Jun 2020 19:52:04 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://newsus.app
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

GET
H2 200 sw.js Show response
newsus.app/ 3 KB
1 KB 64ms
63ms Fetch
application/javascript 2606:4700:3037::681b:812e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsus.app/sw.js
Requested by: Host: newsus.app
URL: https://newsus.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681b:812e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd4ea9fe87a1815ec6bfb3c0c4c20a55c5d26612ab85f08b20f6ffd3a84aa493

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 22 Jun 2020 19:52:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 25 Mar 2020 15:18:02 GMT
server: cloudflare
etag: W/"5e7b762a-aa7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-ray: 5a7881f1fbfb177e-FRA
cf-request-id: 037f2f8b380000177e938db200000001
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1

200
OK

1 Show response
mc.yandex.ru/watch/55805035/
Redirect Chain

https://mc.yandex.ru/watch/55805035?wmode=7&page-url=https%3A%2F%2Fnewsus.app%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1592855514476%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3...
https://mc.yandex.ru/watch/55805035/1?wmode=7&page-url=https%3A%2F%2Fnewsus.app%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1592855514476%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101...

171 B
717 B

90ms
45ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/55805035/1?wmode=7&page-url=https%3A%2F%2Fnewsus.app%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1592855514476%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200622215204%3Aet%3A1592855524%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1297585882246%3Arqn%3A1%3Arn%3A911538985%3Ahid%3A316205738%3Ads%3A45%2C24%2C196%2C10%2C0%2C0%2C0%2C9213%2C34%2C%2C%2C%2C9482%3Afp%3A538%3Agdpr%3A14%3Av%3A1885%3Awv%3A2%3Arqnl%3A1%3Ast%3A1592855524%3Au%3A1592855524683841865%3At%3ABreaking%20U.S%20News

Requested by

Host: newsus.app
URL: https://newsus.app/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

97a5f702c435584479c47011fc3e4e83b5af1f0c177f0eb810db21e42fd2b446

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Jun 2020 19:52:04 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 22-Jun-2020 19:52:04 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://newsus.app
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 171
X-XSS-Protection: 1; mode=block
Expires: Mon, 22-Jun-2020 19:52:04 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 22 Jun 2020 19:52:04 GMT
Last-Modified: Mon, 22-Jun-2020 19:52:04 GMT
Server: nginx/1.14.2
Access-Control-Allow-Origin: https://newsus.app
Strict-Transport-Security: max-age=31536000
Location: /watch/55805035/1?wmode=7&page-url=https%3A%2F%2Fnewsus.app%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1592855514476%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200622215204%3Aet%3A1592855524%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1297585882246%3Arqn%3A1%3Arn%3A911538985%3Ahid%3A316205738%3Ads%3A45%2C24%2C196%2C10%2C0%2C0%2C0%2C9213%2C34%2C%2C%2C%2C9482%3Afp%3A538%3Agdpr%3A14%3Av%3A1885%3Awv%3A2%3Arqnl%3A1%3Ast%3A1592855524%3Au%3A1592855524683841865%3At%3ABreaking%20U.S%20News
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Mon, 22-Jun-2020 19:52:04 GMT

GET
H/1.1 200
OK gid.js Show response
my.rtmark.net/ 65 B
768 B 61ms
16ms XHR
application/json 188.42.160.46
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3156537

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

188.42.160.46 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

01a97e4a78eae544d967053bfcc6e740b2eaf50cf1b4399d96a56cc06f2bc720

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Jun 2020 19:52:04 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://newsus.app
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Content-Length: 65

GET
H/1.1 200
OK advert.gif
mc.yandex.ru/metrika/ 43 B
425 B 77ms
44ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: newsus.app
URL: https://newsus.app/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Jun 2020 19:52:04 GMT
Last-Modified: Fri, 17 Jan 2020 08:05:01 GMT
Server: nginx/1.14.2
ETag: "5e216aad-2b"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 22 Jun 2020 20:52:04 GMT

POST
H/1.1 200
OK custom Show response
propu.sh/ 39 B
485 B 14ms
14ms Fetch
application/json 139.45.196.196
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://propu.sh/custom

Requested by

Host: newsus.app
URL: https://newsus.app/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.196 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 838e290875a48f96d5f53d69ff087777
Date: Mon, 22 Jun 2020 19:52:04 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://newsus.app
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

GET
H/1.1 200
OK 3156537 Show response
inpagepush.com/500/ 974 B
2 KB 139ms
112ms XHR
application/javascript 139.45.196.10
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/500/3156537?excludes=&oaid=30b42c76314a4fd1b36d076e8790c112&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=6&pl=https%3A%2F%2Fnewsus.app%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3156537

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.196.10 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

cc090762aca3b007fdfd68db1c377a93233dc8ec6efb305aeea7e99f992b8a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 22 Jun 2020 19:52:04 GMT
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 974
X-Trace-Id: 2da78e21bb38ca0a4240a9146ecdf452
Pragma: no-cache
Server: nginx
Vary: Origin
Content-Type: application/javascript
Access-Control-Allow-Origin: https://newsus.app
Access-Control-Expose-Headers: Link
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H/1.1 200
OK 01493259554841.png
static.ptoahaistais.com/contents/s/2c/8c/40/8c63c8c7eaf679414b65cbddb3/ 38 KB
39 KB 60ms
16ms Image
image/png 78.140.190.98
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ptoahaistais.com/contents/s/2c/8c/40/8c63c8c7eaf679414b65cbddb3/01493259554841.png
Requested by: Host: newsus.app
URL: https://newsus.app/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 78.140.190.98 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: d5d82acc41fadbf8ca744c4943c0768cb77029634fa36907b54e0cce89468e0b

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Jun 2020 19:52:04 GMT
Last-Modified: Wed, 26 Jun 2019 16:05:24 GMT
Server: nginx
ETag: "5d1397c4-97f9"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 38905

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
539 B 134ms
134ms XHR
application/json 63.33.80.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186329
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.80.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-80-49.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: bba1c5a6e9e1dfefaff064abb4afb4276f3c2249eadf6960be3da59474e53744

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 22 Jun 2020 19:52:04 GMT
x-aspnet-version: 4.0.30319
status: 200
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://newsus.app
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Wed, 22 Jul 2020 19:52:04 GMT

POST
H/1.1 200
OK custom Show response
propu.sh/ 39 B
485 B 17ms
17ms Fetch
application/json 139.45.196.196
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://propu.sh/custom

Requested by

Host: newsus.app
URL: https://newsus.app/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.196 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 45415d77807af08a7bb238121252cffa
Date: Mon, 22 Jun 2020 19:52:04 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://newsus.app
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
334 B 3094ms
3042ms XHR
text/plain 72.247.225.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=415712&u=https%3A%2F%2Fnewsus.app%2F&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.225.98 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 22 Jun 2020 19:52:08 GMT
Server: Apache
Content-Type: text/plain
Access-Control-Allow-Origin: https://newsus.app
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Mon, 22 Jun 2020 19:52:08 GMT

GET
H/1.1 200
OK C4LX3eFayrD52Sps_Dvg0fXbW1sNDK8D1t81vorkaiSWwrP460-gGmjVS9GhVd0yrDR4it21oWHyLvxbldOwx1hvZ0cwE0wMXHySN8VuFFqbOHcQ51_wQ1Ek6SH8CntwY7b-KkTNT3YLWhSQ0SsD7xQywMlk-9rSnymj3-o8W1n-XlUTfemCA77EQlUoxGdXXDwzm...
inpagepush.com/impression/ 43 B
482 B 46ms
19ms Image
image/gif 139.45.196.10
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inpagepush.com/impression/C4LX3eFayrD52Sps_Dvg0fXbW1sNDK8D1t81vorkaiSWwrP460-gGmjVS9GhVd0yrDR4it21oWHyLvxbldOwx1hvZ0cwE0wMXHySN8VuFFqbOHcQ51_wQ1Ek6SH8CntwY7b-KkTNT3YLWhSQ0SsD7xQywMlk-9rSnymj3-o8W1n-XlUTfemCA77EQlUoxGdXXDwzmE5cNhnvUh2AJvnGR5FjIAF8-jlCthamm66muoW4rL3fFxLyVoYzgdzjb6bOAgHxDl7U4aD9_H5lA_3gnQ==?z=3156537&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=6&pl=https%3A%2F%2Fnewsus.app%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.196.10 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: c641a33a4911f105b40b535c472337c3
Pragma: no-cache
Date: Mon, 22 Jun 2020 19:52:14 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: image/gif
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Vary: Origin
Content-Length: 43
Expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H/1.1 200
OK 01493259554841.png
static.ptoahaistais.com/contents/s/2c/8c/40/8c63c8c7eaf679414b65cbddb3/ Frame 652E 38 KB
39 KB 16ms
16ms Image
image/png 78.140.190.98
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ptoahaistais.com/contents/s/2c/8c/40/8c63c8c7eaf679414b65cbddb3/01493259554841.png
Requested by: Host: inpagepush.com
URL: https://inpagepush.com/400/3156537
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 78.140.190.98 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: d5d82acc41fadbf8ca744c4943c0768cb77029634fa36907b54e0cce89468e0b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Jun 2020 19:52:14 GMT
Last-Modified: Wed, 26 Jun 2019 16:05:24 GMT
Server: nginx
ETag: "5d1397c4-97f9"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 38905

GET
H2

200

hb Show response
ice.360yield.com/ul_cb/
Redirect Chain

https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2221ed997ef8f49ef%22%2C%22version%22%3A%227.0.0-JS-6.3.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fnewsus.app...
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2221ed997ef8f49ef%22%2C%22version%22%3A%227.0.0-JS-6.3.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fnews...

6 KB
3 KB

114ms
113ms

XHR
application/json

35.157.238.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2221ed997ef8f49ef%22%2C%22version%22%3A%227.0.0-JS-6.3.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fnewsus.app%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2262146%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2221bec71fbd6d9f%22%2C%22pid%22%3A%2222279658%22%2C%22tid%22%3A%22f56a76a9-9736-4016-956e-a0c143f9c5e0%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A990%2C%22h%22%3A90%7D%2C%7B%22w%22%3A950%2C%22h%22%3A90%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%223f3e8f378012c6%22%2C%22pid%22%3A%2222279666%22%2C%22tid%22%3A%2264114b66-1636-4f33-bff8-d4b3587b437c%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.238.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-238-72.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: b9af622e56a8f92ede87b6726480ef36ffc964e0b588383746dc8427f28cc8ed

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Jun 2020 19:52:14 GMT
content-encoding: gzip
status: 200
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: https://newsus.app
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 2857

Redirect headers

date: Mon, 22 Jun 2020 19:52:14 GMT
status: 302
location: https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2221ed997ef8f49ef%22%2C%22version%22%3A%227.0.0-JS-6.3.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fnewsus.app%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2262146%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2221bec71fbd6d9f%22%2C%22pid%22%3A%2222279658%22%2C%22tid%22%3A%22f56a76a9-9736-4016-956e-a0c143f9c5e0%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A990%2C%22h%22%3A90%7D%2C%7B%22w%22%3A950%2C%22h%22%3A90%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%223f3e8f378012c6%22%2C%22pid%22%3A%2222279666%22%2C%22tid%22%3A%2264114b66-1636-4f33-bff8-d4b3587b437c%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: https://newsus.app
access-control-allow-credentials: true
content-type: text/plain
content-length: 0

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ 626 B
654 B 45ms
15ms XHR
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=62146&adid=2&formatid=26300&size=desktop
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid3_20/build/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: d1129aac93c379a71c9aa2ea39229b00ae47379cbd3c211084f828fa5243ded0

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 22 Jun 2020 19:52:14 GMT
content-encoding: gzip
server: nginx
status: 200
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Tue, 23 Jun 2020 19:52:14 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
441 B 28ms
28ms XHR
application/json 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid3_20/build/dist/prebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.9.253 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=2592000
content-encoding: gzip
status: 200
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://newsus.app
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 260 B
1 KB 114ms
70ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid3_20/build/dist/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

d19d7b5bccdbd472fd3b2f30ee7c9b1fa716ea73d470c6b25261aacb67afb934

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 22 Jun 2020 19:52:16 GMT
X-Proxy-Origin: 185.217.171.12; 185.217.171.12; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.235:80
AN-X-Request-Uuid: a821ab71-3696-4b73-bf6a-b1654be5f7a2
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://newsus.app
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 260
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 / Show response
shb.richaudience.com/hb/ 7 B
216 B 188ms
113ms XHR
text/html 116.202.160.31
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid3_20/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.160.31 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.31.160.202.116.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 2a31a0cf826c6e1e887b6fce54d63697c5090699531ddae153ded54d600b1689

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 22 Jun 2020 19:52:14 GMT
content-encoding: gzip
server: nginx/1.10.3
status: 200
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://newsus.app
access-control-max-age: 86400
access-control-allow-credentials: true

POST
H2 200 / Show response
shb.richaudience.com/hb/ 7 B
216 B 158ms
85ms XHR
text/html 116.202.160.31
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid3_20/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.160.31 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.31.160.202.116.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: 2a31a0cf826c6e1e887b6fce54d63697c5090699531ddae153ded54d600b1689

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 22 Jun 2020 19:52:14 GMT
content-encoding: gzip
server: nginx/1.10.3
status: 200
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://newsus.app
access-control-max-age: 86400
access-control-allow-credentials: true

GET
H2

200

ROS Show response
ads.us.e-planning.net/hb/1/2a156/1/newsus.app/
Redirect Chain

https://ads.us.e-planning.net/hb/1/2a156/1/newsus.app/ROS?rnd=0.7871203082393969&e=26328%3A1x1%2C728x90%2C970x90%2C1000x90%2C1000x30%2C990x90%2C950x90%2C300x250%2B26300%3A300x250&ur=https%253A%252F...
https://ads.us.e-planning.net/hb/1/2a156/1/newsus.app/ROS?ct=1&rnd=0.7871203082393969&e=26328%3A1x1%2C728x90%2C970x90%2C1000x90%2C1000x30%2C990x90%2C950x90%2C300x250%2B26300%3A300x250&ur=https%253A...

705 B
1 KB

29ms
29ms

XHR
application/json

5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/2a156/1/newsus.app/ROS?ct=1&rnd=0.7871203082393969&e=26328%3A1x1%2C728x90%2C970x90%2C1000x90%2C1000x30%2C990x90%2C950x90%2C300x250%2B26300%3A300x250&ur=https%253A%252F%252Fnewsus.app%252F&r=pbjs&pbv=3.20.0&ncb=1&vs=FF&crs=UTF-8&fr=https%253A%252F%252Fnewsus.app%252F&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.178.65.246 Renswoude, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: be4b36a55d2c99ccd42ec1b511d8bb270c4c67febef92614d408b244308bdc1f

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Jun 2020 19:52:14 GMT
server: openresty
status: 200
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://newsus.app
expires: Mon, 22 Jun 2020 19:52:14 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 705
x-sid: AMS-610

Redirect headers

date: Mon, 22 Jun 2020 19:52:14 GMT
server: openresty
status: 302
location: /hb/1/2a156/1/newsus.app/ROS?ct=1&rnd=0.7871203082393969&e=26328%3A1x1%2C728x90%2C970x90%2C1000x90%2C1000x30%2C990x90%2C950x90%2C300x250%2B26300%3A300x250&ur=https%253A%252F%252Fnewsus.app%252F&r=pbjs&pbv=3.20.0&ncb=1&vs=FF&crs=UTF-8&fr=https%253A%252F%252Fnewsus.app%252F&gdpr=0
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://newsus.app
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-610

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
472 B 148ms
104ms XHR
application/json 3.123.181.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=3.20.0&referrer=https%3A%2F%2Fnewsus.app%2F&tmax=3000&gdpr=false

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid3_20/build/dist/prebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.123.181.23 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-123-181-23.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Jun 2020 19:52:14 GMT
status: 200
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://newsus.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H/1.1 200
OK 3156537 Show response
inpagepush.com/500/ 10 B
709 B 104ms
104ms XHR
application/javascript 139.45.196.10
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/500/3156537?excludes=6302564&oaid=30b42c76314a4fd1b36d076e8790c112&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=7&pl=https%3A%2F%2Fnewsus.app%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3156537

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.196.10 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

f3c689523d23693d898b0fff66ef380027572e1896e28552f0e029a5626dd46b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 22 Jun 2020 19:52:14 GMT
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 10
X-Trace-Id: 423b9937c16417611a33aa9a93e9f158
Pragma: no-cache
Server: nginx
Vary: Origin
Content-Type: application/javascript
Access-Control-Allow-Origin: https://newsus.app
Access-Control-Expose-Headers: Link
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H/1.1 200
OK ac Show response
ww1097.smartadserver.com/ 13 KB
5 KB 401ms
351ms Script
application/javascript 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1097.smartadserver.com/ac?nwid=1097&siteid=351755&pgid=1232602&fmtid=26328&async=1&visit=m&tmstp=1751344767&tgt=%3Bhb_adid%3Dundefined%3Bhb_pb%3Dundefined%3Bhb_bidder%3Dundefined%3Bhb_format%3D26328&tag=sas_26328&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fnewsus.app%2F&noadcbk=sas.noad
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/js/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: b79ae0923d4e66346a3cfc5f67993f0fa76d392d0d37f34ad281804da1cad8d2

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jun 2020 19:52:14 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 3%3b18%3b75
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i: 4785594
cache-control: no-cache,no-store
transfer-encoding: chunked
content-type: application/javascript; charset=UTF-8

GET /
c.tmyzer.com/c/ 0
0

GET
H2 200 sas-floorad-2.0.js Show response
ced-ns.sascdn.com/diff/templates/ts/dist/floorad/ 34 KB
10 KB 14ms
14ms Script
application/x-javascript 68.232.35.16
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/floorad/sas-floorad-2.0.js
Requested by: Host: ww1097.smartadserver.com
URL: https://ww1097.smartadserver.com/ac?nwid=1097&siteid=351755&pgid=1232602&fmtid=26328&async=1&visit=m&tmstp=1751344767&tgt=%3Bhb_adid%3Dundefined%3Bhb_pb%3Dundefined%3Bhb_bidder%3Dundefined%3Bhb_format%3D26328&tag=sas_26328&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fnewsus.app%2F&noadcbk=sas.noad
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B79) /
Resource Hash: 914debadfa5bba7816846804e32010dee0e767a03a0686221770f5017e80e1c9

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Jun 2020 19:52:14 GMT
content-encoding: gzip
last-modified: Tue, 12 May 2020 12:03:26 GMT
server: ECS (amb/6B79)
cache-control: max-age=86400
age: 27695
etag: "db3a46dccdca7aed8df91b0ba62647a9:1589285006"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
status: 200
x-n: S
accept-ranges: bytes
content-length: 10528

GET
H2 200 fltiu.js Show response
pixel.yabidos.com/ 2 KB
2 KB 61ms
21ms Script
application/javascript 104.16.53.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiu.js?qid=034393f5534393f5734363&cid=647&p=1097&s=https%3a%2f%2fnewsus.app&x=SmartAdserver&nci=4785594&nai=26328&adtg=sas_26328&si=351755&ip=185.217.171.12&ua=Mozilla%2f5.0+(Macintosh%3b+Intel+Mac+OS+X+10_14_5)+AppleWebKit%2f537.36+(KHTML%2c+like+Gecko)+Chrome%2f83.0.4103.61+Safari%2f537.36&flcb=284014832&di=
Requested by: Host: ww1097.smartadserver.com
URL: https://ww1097.smartadserver.com/ac?nwid=1097&siteid=351755&pgid=1232602&fmtid=26328&async=1&visit=m&tmstp=1751344767&tgt=%3Bhb_adid%3Dundefined%3Bhb_pb%3Dundefined%3Bhb_bidder%3Dundefined%3Bhb_format%3D26328&tag=sas_26328&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fnewsus.app%2F&noadcbk=sas.noad
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.53.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Jun 2020 19:52:14 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1162
status: 200
content-length: 1146
cf-request-id: 037f2fb4f00000c7951fb7e200000001
last-modified: Tue, 02 Jun 2020 23:28:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 5a788234bdc9c795-AMS
expires: Mon, 22 Jun 2020 21:52:14 GMT

GET
H2 200 st.min.html
ec-ns.sascdn.com/diff/rtb/handler/ Frame 8319 0
0 28ms
14ms Document
text/html 68.232.35.16
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ec-ns.sascdn.com/diff/rtb/handler/st.min.html?%7b%22bid%22%3a%22237387794747422652%22%2c%22adomain%22%3a%22soberberlin.com%22%2c%22page%22%3a%221232602%22%2c%22format%22%3a%2226328%22%2c%22crid%22%3a%226816004%22%2c%22dsp%22%3a%2225%22%2c%22buyer%22%3a%2267013%22%2c%22cid%22%3a%22669970%22%2c%22adid%22%3a%226816004%22%2c%22hash%22%3a%22-3175290429695038343%22%7d
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/floorad/sas-floorad-2.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BB2) /
Resource Hash

Request headers

:method: GET
:authority: ec-ns.sascdn.com
:scheme: https
:path: /diff/rtb/handler/st.min.html?%7b%22bid%22%3a%22237387794747422652%22%2c%22adomain%22%3a%22soberberlin.com%22%2c%22page%22%3a%221232602%22%2c%22format%22%3a%2226328%22%2c%22crid%22%3a%226816004%22%2c%22dsp%22%3a%2225%22%2c%22buyer%22%3a%2267013%22%2c%22cid%22%3a%22669970%22%2c%22adid%22%3a%226816004%22%2c%22hash%22%3a%22-3175290429695038343%22%7d
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newsus.app/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://newsus.app/

Response headers

status: 200
content-encoding: gzip
age: 73970
cache-control: max-age=86400
content-type: text/html
date: Mon, 22 Jun 2020 19:52:14 GMT
etag: "cf77ec65ee9c36afad6942d47dda53fb:1515417051+gzip"
last-modified: Mon, 08 Jan 2018 13:10:51 GMT
server: ECS (amb/6BB2)
vary: Accept-Encoding
x-cache: HIT
content-length: 320

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 4CE4 2 KB
1 KB 77ms
31ms Script
application/x-javascript 185.29.134.233
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=sas&id=5aW95q2jLzIyLyAvWkdZd09HTXpaVGN0WldZMVlpMHdZell6TFRBd01EQXRNREF3TURBd01EQXdNREF3LzU3MTQwOTExMDA1MDMwMDMzNzQvNjgxNjAwNC80NzM5NjE5LzM5L1dnZXR3U2o4STFzU2M3RnZseERyVUtIRExmZ3JYbFdaM2VhYWctLWlHTkkvMS8zOS8wLzAvOTk4MDg4LzMxMTgwNTAwNjAvMjE2NTM2LzY2OTk3MC8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzU3MTQwOTExMDA1MDMwMDMzNzQvenJoLzAvNTkzOS85MS85OTkvMC8xODUuMjE3LjE3MS4wLzAuMDAwLzE1OTI4NTU1MzQvMTU5Mjg2ODEzNC8zOS8/v7RntE6Wh3uUmQCRwxrQu3NSNFc&nodeid=1341&group=eu&auctionid=5714091100503003374&sid=4739619&cid=6816004&price=0.057730859&bp=a_ahcaab&nfy_act=LD5wfnw&type=adm&client=c2s&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&bfip=185.29.132.131
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/floorad/sas-floorad-2.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.233 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.174.0 /
Resource Hash: a1150534afee02e3489483fd8e46c0b62401cae50db7c55f45d9f3291e993c32

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Jun 2020 19:52:14 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1592855534
Last-Modified: Mon, 22 Jun 2020 19:52:14 GMT
Server: MMBD/3.174.0
x-mm-latency: 17 (1)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: cdg-router-x28, zrh-bidder-x116
Connection: close
Content-Type: application/x-javascript; charset=UTF-8
Expires: Mon, 22 Jun 2020 19:52:13 GMT

GET
H/1.1 200
OK aip
ww1097.smartadserver.com/h/ Frame 4CE4 43 B
270 B 28ms
28ms Image
image/gif 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ww1097.smartadserver.com/h/aip?tmstp=1751344767&ckid=8609138200558765411&pubid=18&systgt=%24qc%3d1313935576%3b%24ql%3dUnknown%3b%24qpc%3d3509%3b%24qt%3d212_97_40421t%3b%24dma%3d0%3b%24b%3d16830%3b%24o%3d12100%3b%24sw%3d1600%3b%24sh%3d1200%3b%24wpc%3d18%3b%24wpc%3d163%3b%24wpc%3d182&uii=237387794747375186&acd=1592855534450&envtype=0&visit=V&statid=19&tgt=%24dt%3d1t%3b%3bhb_adid%3dundefined%3bhb_pb%3dundefined%3bhb_bidder%3dundefined%3bhb_format%3d26328&imptype=0&pgDomain=https%3a%2f%2fnewsus.app%2f&capp=0&mcrdbt=1&insid=4785594&siteid=351755&imgid=0&pgid=1232602&fmtid=26328&rtb=1&rtbnid=1097&rtbbid=237387794747422652&rtbh=45990aa515a3c8de846fe88fd90505b0a182b05d&rtblt=637284523345378548&rtbet=0&rtbptnid=25&cftgid=4269677633d6
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/floorad/sas-floorad-2.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jun 2020 19:52:14 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 close-retina.png
ced-ns.sascdn.com/diff/templates/images/ 2 KB
2 KB 15ms
14ms Image
image/png 68.232.35.16
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ced-ns.sascdn.com/diff/templates/images/close-retina.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B71) /
Resource Hash: 4bf7264f30deeb81d01c84f1391db13744a4addf86af434cfd1d609cec819d14

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Jun 2020 19:52:14 GMT
last-modified: Tue, 21 Nov 2017 13:19:51 GMT
server: ECS (amb/6B71)
age: 68071
etag: "dc45791e534223d16a4d14fa1a1a5f4e:1511270391"
x-cache: HIT
content-type: image/png
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 1802

GET
H/1.1 200
OK aip
ww1097.smartadserver.com/h/ 43 B
163 B 58ms
28ms Image
image/gif 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ww1097.smartadserver.com/h/aip?tmstp=1751344767&ckid=8609138200558765411&pubid=18&systgt=%24qc%3d1313935576%3b%24ql%3dUnknown%3b%24qpc%3d3509%3b%24qt%3d212_97_40421t%3b%24dma%3d0%3b%24b%3d16830%3b%24o%3d12100%3b%24sw%3d1600%3b%24sh%3d1200%3b%24wpc%3d18%3b%24wpc%3d163%3b%24wpc%3d182&uii=237387794747375186&acd=1592855534450&envtype=0&visit=V&statid=19&tgt=%24dt%3d1t%3b%3bhb_adid%3dundefined%3bhb_pb%3dundefined%3bhb_bidder%3dundefined%3bhb_format%3d26328&imptype=0&pgDomain=https%3a%2f%2fnewsus.app%2f&capp=0&mcrdbt=1&insid=4785594&siteid=351755&imgid=0&pgid=1232602&fmtid=26328&rtb=1&rtbnid=1097&rtbbid=237387794747422652&rtbh=45990aa515a3c8de846fe88fd90505b0a182b05d&rtblt=637284523345378548&rtbet=0&rtbptnid=25&cftgid=4269677633d6&rtbnc=nc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Jun 2020 19:52:13 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 flimpobj.js Show response
pixel.yabidos.com/ 26 KB
21 KB 26ms
25ms Script
application/javascript 104.16.53.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/flimpobj.js?cb=1592855534850&ver1=2.2.3&qid=034393f5534393f5734363&rnd=prfiyx52tl6s&cid=647
Requested by: Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=034393f5534393f5734363&cid=647&p=1097&s=https%3a%2f%2fnewsus.app&x=SmartAdserver&nci=4785594&nai=26328&adtg=sas_26328&si=351755&ip=185.217.171.12&ua=Mozilla%2f5.0+(Macintosh%3b+Intel+Mac+OS+X+10_14_5)+AppleWebKit%2f537.36+(KHTML%2c+like+Gecko)+Chrome%2f83.0.4103.61+Safari%2f537.36&flcb=284014832&di=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.53.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0958288f0cd667bdfff1702b69ebf09c968968a6e3f46fba35aa7a6976c11df

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Jun 2020 19:52:14 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1165
status: 200
content-length: 20931
cf-request-id: 037f2fb5100000c7951fb81200000001
last-modified: Tue, 02 Jun 2020 23:28:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 5a788234ee1fc795-AMS
expires: Mon, 22 Jun 2020 21:52:14 GMT

GET
H2 200 vbl.gif
pre.glotgrx.com/ 26 B
114 B 37ms
17ms Image
image/gif 2606:4700::6810:3f36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/vbl.gif?cb=1592855534905&rnd=prfiyx52tl6s&ifm=0&uai=2&cid=647&s=https%253A//newsus.app&p=1097&x=SmartAdserver&adtg=sas_26328&ats=0&atf=sas_26328&nsi=&si=351755&nci=4785594&nai=26328&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Jun 2020 19:52:14 GMT
cf-cache-status: HIT
last-modified: Mon, 01 Jun 2020 01:14:19 GMT
server: cloudflare
age: 593
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 5a7882355d6a9778-FRA
content-length: 26
cf-request-id: 037f2fb55a00009778ea9a4200000001
expires: Mon, 22 Jun 2020 21:52:14 GMT

GET
H2 200 nflrc.gif
pre.glotgrx.com/ 26 B
445 B 35ms
16ms Image
image/gif 2606:4700::6810:3f36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/nflrc.gif?cb=1592855534897865&ver=1.2r81&qid=034393f5534393f5734363&p=1097&s=https%253A//newsus.app&x=SmartAdserver&cid=647&od1=&od2=&adtg=sas_26328&nci=4785594&nai=26328&si=351755&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=prfiyx52tl6s&impid=&tps=41&ver1=2.2.3&di=&flcb=284014832&ua=Mozilla%2f5.0+(Macintosh%3b+Intel+Mac+OS+X+10_14_5)+AppleWebKit%2f537.36+(KHTML%2c+like+Gecko)+Chrome%2f83.0.4103.61+Safari%2f537.36&ip=185.217.171.12&1=24a6f12b27dd47628bddc6b278127949&2=2.1&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%2267%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=sas_26328&dbgcid=647&ifm=0&penv=b&pt=&ptbp=&tw=1&ldp=0&icpl=23&icp=https%253A//newsus.app/&irfl=0&irf=&cty=4&fcs=1&flky=ver-fl-6-qid-fl-22-p-fl-4-s-fl-24-x-fl-13-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-9-nci-fl-7-nai-fl-5-si-fl-6-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-di-fl-0-flcb-fl-9-ua-fl-132-ip-fl-14-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andMacIntel&adv=0&det=1&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=1600x1200&gpu=undefined&ncf=4g_9_undefined_null_0_undefined_false&fli=3429136985&flerr=0&trim=&fio=19
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Jun 2020 19:52:14 GMT
cf-cache-status: HIT
last-modified: Mon, 01 Jun 2020 01:14:19 GMT
server: cloudflare
age: 594
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 5a7882356d6d9778-FRA
content-length: 26
cf-request-id: 037f2fb55c00009778ea9a5200000001
expires: Mon, 22 Jun 2020 21:52:14 GMT

GET
H/1.1 200
OK qjrb633sv5h8 Show response
hal9000.redintelligence.net/zone/ Frame 4CE4 10 KB
3 KB 85ms
24ms Script
text/html 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/qjrb633sv5h8?subid=&rnd=5714091100503003374&extVar[]=DOUBLEBORDER:1&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D5714091100503003374%26mt_id%3D6816004%26mt_adid%3D216536%26mt_sid%3D4739619%26mt_exid%3D39%26mt_inapp%3D0%26mt_uuid%3Dd4385ef1-0bee-4001-bef8-e2c2f6a3641f%26redirect%3D
Requested by: Host: newsus.app
URL: https://newsus.app/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e4a7a34c97d34ce932b219d6f3ebeb4ff51b948dcc11779575a35797d08e1c32

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Jun 2020 19:52:14 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 2790
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame 4CE4 49 B
330 B 59ms
32ms Image
image/gif 185.29.134.233
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=5714091100503003374&node_id=1341&exch_id=39
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=sas&id=5aW95q2jLzIyLyAvWkdZd09HTXpaVGN0WldZMVlpMHdZell6TFRBd01EQXRNREF3TURBd01EQXdNREF3LzU3MTQwOTExMDA1MDMwMDMzNzQvNjgxNjAwNC80NzM5NjE5LzM5L1dnZXR3U2o4STFzU2M3RnZseERyVUtIRExmZ3JYbFdaM2VhYWctLWlHTkkvMS8zOS8wLzAvOTk4MDg4LzMxMTgwNTAwNjAvMjE2NTM2LzY2OTk3MC8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzU3MTQwOTExMDA1MDMwMDMzNzQvenJoLzAvNTkzOS85MS85OTkvMC8xODUuMjE3LjE3MS4wLzAuMDAwLzE1OTI4NTU1MzQvMTU5Mjg2ODEzNC8zOS8/v7RntE6Wh3uUmQCRwxrQu3NSNFc&nodeid=1341&group=eu&auctionid=5714091100503003374&sid=4739619&cid=6816004&price=0.057730859&bp=a_ahcaab&nfy_act=LD5wfnw&type=adm&client=c2s&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&bfip=185.29.132.131
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.233 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.174.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Jun 2020 19:52:14 GMT
Server: MMBD/3.174.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x51, zrh-bidder-x116
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Mon, 22 Jun 2020 19:52:13 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 4CE4 43 B
360 B 39ms
39ms Image
image/gif 92.123.228.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=39&v2=5714091100503003374&v3=669970&v4=4739619&v5=6816004&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=sas&id=5aW95q2jLzIyLyAvWkdZd09HTXpaVGN0WldZMVlpMHdZell6TFRBd01EQXRNREF3TURBd01EQXdNREF3LzU3MTQwOTExMDA1MDMwMDMzNzQvNjgxNjAwNC80NzM5NjE5LzM5L1dnZXR3U2o4STFzU2M3RnZseERyVUtIRExmZ3JYbFdaM2VhYWctLWlHTkkvMS8zOS8wLzAvOTk4MDg4LzMxMTgwNTAwNjAvMjE2NTM2LzY2OTk3MC8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzU3MTQwOTExMDA1MDMwMDMzNzQvenJoLzAvNTkzOS85MS85OTkvMC8xODUuMjE3LjE3MS4wLzAuMDAwLzE1OTI4NTU1MzQvMTU5Mjg2ODEzNC8zOS8/v7RntE6Wh3uUmQCRwxrQu3NSNFc&nodeid=1341&group=eu&auctionid=5714091100503003374&sid=4739619&cid=6816004&price=0.057730859&bp=a_ahcaab&nfy_act=LD5wfnw&type=adm&client=c2s&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&bfip=185.29.132.131
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.228.239 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-228-239.deploy.static.akamaitechnologies.com
Software: MT3 2567 b8d0938 master zrh-pixel-x23 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Jun 2020 19:52:14 GMT
Server: MT3 2567 b8d0938 master zrh-pixel-x23
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 22 Jun 2020 19:52:13 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 4CE4 49 B
330 B 62ms
35ms Image
image/gif 185.29.134.233
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=sas&bid=5714091100503003374&st=4739619&time=1592855534&nodeid=1341
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=sas&id=5aW95q2jLzIyLyAvWkdZd09HTXpaVGN0WldZMVlpMHdZell6TFRBd01EQXRNREF3TURBd01EQXdNREF3LzU3MTQwOTExMDA1MDMwMDMzNzQvNjgxNjAwNC80NzM5NjE5LzM5L1dnZXR3U2o4STFzU2M3RnZseERyVUtIRExmZ3JYbFdaM2VhYWctLWlHTkkvMS8zOS8wLzAvOTk4MDg4LzMxMTgwNTAwNjAvMjE2NTM2LzY2OTk3MC8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzU3MTQwOTExMDA1MDMwMDMzNzQvenJoLzAvNTkzOS85MS85OTkvMC8xODUuMjE3LjE3MS4wLzAuMDAwLzE1OTI4NTU1MzQvMTU5Mjg2ODEzNC8zOS8/v7RntE6Wh3uUmQCRwxrQu3NSNFc&nodeid=1341&group=eu&auctionid=5714091100503003374&sid=4739619&cid=6816004&price=0.057730859&bp=a_ahcaab&nfy_act=LD5wfnw&type=adm&client=c2s&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&bfip=185.29.132.131
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.233 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.174.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Jun 2020 19:52:14 GMT
Server: MMBD/3.174.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x99, zrh-bidder-x116
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Mon, 22 Jun 2020 19:52:13 GMT

GET
H/1.1

200
OK

request.php Show response
hal900018.redintelligence.net/ Frame 4CE4
Redirect Chain

https://hal900018.redintelligence.net/request.php?zone=qjrb633sv5h8&nw=20&renderingType=javascript&namespace=5431832896&subid=&uid=2e2a6b6e170f2ada&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900018.redintelligence.net/request.php?zone=qjrb633sv5h8&nw=20&renderingType=javascript&namespace=5431832896&subid=&uid=2e2a6b6e170f2ada&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

2 KB
1 KB

134ms
83ms

Script
application/x-javascript

144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900018.redintelligence.net/request.php?zone=qjrb633sv5h8&nw=20&renderingType=javascript&namespace=5431832896&subid=&uid=2e2a6b6e170f2ada&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&tcfGdpr=&tcfGdprConsent=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D5714091100503003374%26mt_id%3D6816004%26mt_adid%3D216536%26mt_sid%3D4739619%26mt_exid%3D39%26mt_inapp%3D0%26mt_uuid%3Dd4385ef1-0bee-4001-bef8-e2c2f6a3641f%26redirect%3D&documentReferer=https%3A%2F%2Fnewsus.app%2F&ancestorOrigins=https%3A%2F%2Fnewsus.app&random=4415881638942&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: newsus.app
URL: https://newsus.app/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 96a6ec52c7a0212e34566fc511af442962dd58b70234318d7d4df5a86f552efd

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Jun 2020 19:52:15 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 90489300273697701041198011268018
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 727
Expires: Mon, 22 Jun 2020 20:52:15 +0200

Redirect headers

Pragma: no-cache
Date: Mon, 22 Jun 2020 19:52:15 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=qjrb633sv5h8&nw=20&renderingType=javascript&namespace=5431832896&subid=&uid=2e2a6b6e170f2ada&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&tcfGdpr=&tcfGdprConsent=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D5714091100503003374%26mt_id%3D6816004%26mt_adid%3D216536%26mt_sid%3D4739619%26mt_exid%3D39%26mt_inapp%3D0%26mt_uuid%3Dd4385ef1-0bee-4001-bef8-e2c2f6a3641f%26redirect%3D&documentReferer=https%3A%2F%2Fnewsus.app%2F&ancestorOrigins=https%3A%2F%2Fnewsus.app&random=4415881638942&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Mon, 22 Jun 2020 20:52:15 +0200

GET
H/1.1 200
OK request_content.php
hal900018.redintelligence.net/ Frame 1024 0
0 77ms
26ms Document
text/html 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900018.redintelligence.net/request_content.php?s=90489300273697701041198011268018&a=5c93581a
Requested by: Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request.php?zone=qjrb633sv5h8&nw=20&renderingType=javascript&namespace=5431832896&subid=&uid=2e2a6b6e170f2ada&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&tcfGdpr=&tcfGdprConsent=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D5714091100503003374%26mt_id%3D6816004%26mt_adid%3D216536%26mt_sid%3D4739619%26mt_exid%3D39%26mt_inapp%3D0%26mt_uuid%3Dd4385ef1-0bee-4001-bef8-e2c2f6a3641f%26redirect%3D&documentReferer=https%3A%2F%2Fnewsus.app%2F&ancestorOrigins=https%3A%2F%2Fnewsus.app&random=4415881638942&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash

Request headers

Host: hal900018.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://newsus.app/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=0ca62d789033521a
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://newsus.app/

Response headers

Date: Mon, 22 Jun 2020 19:52:15 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 22 Jun 2020 20:52:15 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2144
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1

200
OK

cshow.php
www.zenaps.com/ Frame 4CE4
Redirect Chain

https://www.awin1.com/cshow.php?s=2664739&v=8488&q=391888&r=235229&pref1=90489300273697701041198011268018&pv=1
https://www.zenaps.com/cshow.php?pvr=df317671-b4c1-11ea-a4a2-692d04ea0f64&v=8488&r=235229&q=391888&s=2664739&viewref=90489300273697701041198011268018&pv=1

43 B
705 B

79ms
42ms

Image
image/gif

23.199.220.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zenaps.com/cshow.php?pvr=df317671-b4c1-11ea-a4a2-692d04ea0f64&v=8488&r=235229&q=391888&s=2664739&viewref=90489300273697701041198011268018&pv=1

Requested by

Host: newsus.app
URL: https://newsus.app/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.199.220.85 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-199-220-85.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://newsus.app/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Jun 2020 19:52:15 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

Redirect headers

Date: Mon, 22 Jun 2020 19:52:15 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.zenaps.com/cshow.php?pvr=df317671-b4c1-11ea-a4a2-692d04ea0f64&v=8488&r=235229&q=391888&s=2664739&viewref=90489300273697701041198011268018&pv=1
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: c.tmyzer.com
URL: https://c.tmyzer.com/c/?s=62146&f=6&fi=0

Verdicts & Comments Add Verdict or Comment

149 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.newsus.app/	1970-01-19 10:27:37	Name: _ym_visorc_55805035 Value: w
.newsus.app/	1970-01-19 19:13:11	Name: _ym_d Value: 1592855524
.newsus.app/	1970-01-19 19:13:11	Name: _ym_uid Value: 1592855524683841865
.newsus.app/	1970-01-19 10:28:47	Name: _ym_isad Value: 2
.newsus.app/	1970-01-19 11:10:47	Name: __cfduid Value: d2a192228870c68f32820580710a98dd01592855524

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://newsus.app/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	warning	URL: https://static.quantcast.mgr.consensu.org/v34/cmpui-banner.js(Line 1) Message: Unable to get NonIab Vendor list.
console-api	log	(Line 1) Message: service worker path (u): /sw.js event domain: https://propu.sh
console-api	log	URL: https://ads.themoneytizer.com/s/requestform.js?siteId=62146&formatId=6(Line 613) Message: undefined

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.themoneytizer.com
ads.us.e-planning.net
adtrack.adleadevent.com
ajax.googleapis.com
apis.quantcast.mgr.consensu.org
as-sec.casalemedia.com
audit.quantcast.mgr.consensu.org
c.tmyzer.com
ced-ns.sascdn.com
d2zur9cc2gf1tx.cloudfront.net
ec-ns.sascdn.com
fonts.googleapis.com
fonts.gstatic.com
g.themoneytizer.net
gum.criteo.com
hal9000.redintelligence.net
hal900018.redintelligence.net
ib.adnxs.com
ice.360yield.com
inpagepush.com
itpatratr.com
js-sec.indexww.com
match.adsrvr.org
mc.yandex.ru
my.rtmark.net
newsus.app
ofgogoatan.com
onetag-sys.com
p.cpx.to
pixel.mathtag.com
pixel.yabidos.com
pre.glotgrx.com
propu.sh
quantcast.mgr.consensu.org
rules.quantcount.com
script.4dex.io
secure.quantserve.com
shb.richaudience.com
spl.zeotap.com
static.ptoahaistais.com
static.quantcast.mgr.consensu.org
tag.contextweb.com
tag.leadplace.fr
tags.mathtag.com
tlx.3lift.com
vendorlist.consensu.org
ww1097.smartadserver.com
www.awin1.com
www.zenaps.com
c.tmyzer.com
104.16.53.4
116.202.160.31
13.226.156.73
138.201.84.252
139.45.196.10
139.45.196.196
139.45.196.95
143.204.247.117
143.204.247.38
144.76.91.199
145.239.193.145
145.239.193.51
151.139.241.23
185.29.134.233
185.86.137.17
188.42.160.46
198.148.27.132
206.54.165.181
23.199.220.85
23.203.80.189
2600:9000:215d:4400:9:46dc:4700:93a1
2600:9000:215d:e200:1:af78:4c0:93a1
2600:9000:2182:4000:6:44e3:f8c0:93a1
2600:9000:2182:7400:9:46dc:4700:93a1
2606:4700:10::6816:1957
2606:4700:3037::681b:812e
2606:4700::6810:3f36
2606:4700:e2::ac40:8620
2a00:1450:4001:808::200a
2a00:1450:4001:814::200a
2a00:1450:4001:821::2003
2a02:2638:1::13
2a02:6b8::1:119
3.123.181.23
35.157.238.72
37.252.172.38
5.178.65.246
51.89.9.253
52.58.64.30
54.228.220.169
63.33.80.49
68.232.35.16
72.247.225.98
78.140.190.98
91.228.74.198
92.123.228.239
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
00aacaebd7cde9799722dfabc10c9ec1d6df81e9b1c540fbc832ba3cda8f8166
01a97e4a78eae544d967053bfcc6e740b2eaf50cf1b4399d96a56cc06f2bc720
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
09a986c42fe27cda020dbd47d625f597832077fe9a8354ef9bdc264914cb57f0
0d27d5211e33c6a577d22f8b8d80fc65b4547573d12a9c32f4fc651641bd0956
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
22185f510bff003e8504a6bff1759a96e745cb019155405c55fd2263898c6151
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
278393caf9e3b1246267fb79e95027449f041bbf8e8774a4cf46d72cc09b7405
2a31a0cf826c6e1e887b6fce54d63697c5090699531ddae153ded54d600b1689
2a61b76500f92d212da51805bf1d1a36443ff39c405b57d86f7729be7cb35ecf
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
30621ef00f58adf18b716634957984c221af0634eddad78b7143da2551ad9ba3
36a52c3b1ca6a9802f90bab0809d0bec59a186b8415f6da63f377665b1f9be66
380333b0b75ec9ad51d95668ab00662d4c63a0913ec1c10304c6f312e1ee2c8e
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3f6464f9ad74909c3fdc357f6062e3e90f71c994a19154e7b27a148185848b9a
401a6999717effb54afb71c8b55282babef2ec1f19685525da52c854239457ef
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4bf7264f30deeb81d01c84f1391db13744a4addf86af434cfd1d609cec819d14
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50d22562075c75280f7ae096c504a62df766e9c664228cbe4eb8c67dc81915fc
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
563e10d9c4457036087d97d9bbb2b6665b04eb5b4f747e643d1cbb24dd00ef09
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6d6cd55572e8be7aa03c122e0ef98bf72d91a2caa2dddfe3c7c5b50f67d2bd07
6dd9e40b5de991edb0612cce69020546b07e57ac907489f3024b5a4ccf681d0d
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
75640482af4dae0d5eb717cef6e463f76e861d1fd63d45d856bfa70d3655d6d1
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
86035b8fe52cc2791c8e194d863bb7b5d720fcc69c14e071ca65b6e90c200885
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ccf4d144b169c2ce86fde8a159dcd4658730429abce2755cbb880215869b787
90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31
914debadfa5bba7816846804e32010dee0e767a03a0686221770f5017e80e1c9
922014228b35f797405be950c40370b64e8c71b7dce9c69b38b8fbe0c5a0f4dc
94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b
96a6ec52c7a0212e34566fc511af442962dd58b70234318d7d4df5a86f552efd
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea
97a5f702c435584479c47011fc3e4e83b5af1f0c177f0eb810db21e42fd2b446
9927bfa69df2f37ab9bf7766fc14a8bbfa91940a9ddcd30132d90e8b6352330a
9aae8dacafa5856ab91d8632a1a45d7034bc2e538cf52837fe1a8973c2f44177
9af54c66fca6a74907e6033747a9ad304a3079cc1e85166db9f3e984d6c7cf9f
9ca8e213054d163276dedede01f9eaedf3daf414063621030719d3cbde1eca51
a1150534afee02e3489483fd8e46c0b62401cae50db7c55f45d9f3291e993c32
a4e4a93e4a9fb48a74c82bcafe12ba946e478ac750ca0219b13f3a0f66fa2035
a598a7dda70f0d08bdc5d3f5e112b69c7ba8544cf9b33ab4eb778a91993e7eee
a75a7bf10f415b7c91f0b959177f3f1779e78cbf735601e41fb982c2b1cf4be2
a97b0fb088692ffa1f3b0002992056bad40eb44b63bfdb8902a1be38f5f78845
aacfea8f5aeaf77f83c91342681081a83c71af26e6e7e0744d550aad77cca3ed
ae9a4cb28029fecf8f9a50d23d19dc51186f14880768528c8541807615d34327
b0958288f0cd667bdfff1702b69ebf09c968968a6e3f46fba35aa7a6976c11df
b136f1ce96ba09ca19cbccce85817458357591e42e3fb48199ebe6c308524380
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b21b082670143ac16a71038445d789a8875da5206df9b45e97ceeb44d50e0926
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b4d5d27cf99c2da1dc40c4bcefa51877e1458d9656c0feea7c2d3c941f6feb99
b640b9af1e6fa5c035c168701d2c1f5a02f371352cca208fefded3ddea443b6a
b79ae0923d4e66346a3cfc5f67993f0fa76d392d0d37f34ad281804da1cad8d2
b9af622e56a8f92ede87b6726480ef36ffc964e0b588383746dc8427f28cc8ed
bba1c5a6e9e1dfefaff064abb4afb4276f3c2249eadf6960be3da59474e53744
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d
be27164578693a56994c1415e7b09992723585283a123ca62dc540a9597737bc
be4b36a55d2c99ccd42ec1b511d8bb270c4c67febef92614d408b244308bdc1f
bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69
cc090762aca3b007fdfd68db1c377a93233dc8ec6efb305aeea7e99f992b8a54
d1129aac93c379a71c9aa2ea39229b00ae47379cbd3c211084f828fa5243ded0
d19d7b5bccdbd472fd3b2f30ee7c9b1fa716ea73d470c6b25261aacb67afb934
d22cb42b4f65e1e7bd2bea8dd4f474e2ba3dc0097e5c093d4f6e1b25fb876a35
d5d82acc41fadbf8ca744c4943c0768cb77029634fa36907b54e0cce89468e0b
dc810823a23679d0e104b8dd8fe274ac686ae193c1d888ecfda089d8eca415b8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a7a34c97d34ce932b219d6f3ebeb4ff51b948dcc11779575a35797d08e1c32
e6e50fd1047f835e02b1b4140c8a63062dff27f25906501694c4829624150955
e747521bc9729c30f06bda6471e77ad26ce0e05b104743e93fe14c8ef3b559a7
ec418f6f4070ef17c8fe9d395d260ab8449e3a2af8e792e0fcb4643a31e5ef78
f3c689523d23693d898b0fff66ef380027572e1896e28552f0e029a5626dd46b
f869c2dff8faee0c62fe6b9eb479f2b326557fadefd778d35dabb9d7cd18a958
fd4ea9fe87a1815ec6bfb3c0c4c20a55c5d26612ab85f08b20f6ffd3a84aa493
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

newsus.app Open in urlscan Pro 2606:4700:3037::681b:812e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

99 Requests

99 %HTTPS

28 %IPv6

41 Domains

49 Subdomains

46 IPs

8 Countries

1456 kBTransfer

3176 kBSize

5 Cookies

0 Outgoing links

Redirected requests

99 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

newsus.app Open in urlscan Pro
2606:4700:3037::681b:812e Public Scan

Screenshot
Live screenshot

Full Image

99
Requests

99 %
HTTPS

28 %
IPv6

41
Domains

49
Subdomains

46
IPs

8
Countries

1456 kB
Transfer

3176 kB
Size

5
Cookies

99 HTTP transactions
1 data transactions