www.newscon.org Open in urlscan Pro
51.79.250.224 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://newscon.net/getlink
Effective URL:
https://www.newscon.org/d3/
Submission: On September 19 via manual (September 19th 2024, 4:49:07 am UTC) from CA — Scanned from SG

Summary HTTP 59 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 15 domains to perform 59 HTTP transactions. The main IP is 51.79.250.224, located in Singapore, Singapore and belongs to OVH, FR. The main domain is www.newscon.org.
TLS certificate: Issued by R10 on July 31st 2024. Valid for: 3 months.

This is the only time www.newscon.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4 15	51.79.250.224 51.79.250.224	16276 (OVH) (OVH)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	74.125.200.105 74.125.200.105	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4003:c00::61	15169 (GOOGLE) (GOOGLE)
4	74.125.200.154 74.125.200.154	15169 (GOOGLE) (GOOGLE)
2	172.67.170.41 172.67.170.41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2404:6800:400... 2404:6800:4003:c01::5f	15169 (GOOGLE) (GOOGLE)
11	2600:9000:223... 2600:9000:223b:800:1b:cadc:ef40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2404:6800:400... 2404:6800:4003:c03::5e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:f6cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3033::ac43:aa29	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	74.125.200.99 74.125.200.99	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4003:c05::8a	15169 (GOOGLE) (GOOGLE)
1	95.217.58.251 95.217.58.251	24940 (HETZNER-AS) (HETZNER-AS)
2	74.125.200.102 74.125.200.102	15169 (GOOGLE) (GOOGLE)
1	52.59.78.184 52.59.78.184	16509 (AMAZON-02) (AMAZON-02)
8	144.76.128.227 144.76.128.227	24940 (HETZNER-AS) (HETZNER-AS)
1	2404:6800:400... 2404:6800:4003:c0f::94	15169 (GOOGLE) (GOOGLE)
3	142.251.175.156 142.251.175.156	15169 (GOOGLE) (GOOGLE)
59	20

15 51.79.250.224 (Singapore, Singapore) 4 redirects

ASN16276 (OVH, FR)
PTR: vps-c0ef9e6e.vps.ovh.ca

newscon.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.newscon.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.200.105 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f105.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c00::61 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.125.200.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f154.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.170.41 (United States)

ASN13335 (CLOUDFLARENET, US)

tags.profitsence.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4003:c01::5f (Singapore, Singapore)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2600:9000:223b:800:1b:cadc:ef40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c03::5e (Singapore, Singapore)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:f6cb (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:aa29 (United States)

ASN13335 (CLOUDFLARENET, US)

tags.profitsence.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.200.99 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f99.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c05::8a (Singapore, Singapore)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.217.58.251 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.251.58.217.95.clients.your-server.de

serving.profitsence.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.200.102 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f102.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.78.184 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-78-184.eu-central-1.compute.amazonaws.com

api.cmp.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 144.76.128.227 (Mainz, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: ap16.adplayer.pro

serving.stat-rock.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c0f::94 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.175.156 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f156.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	newscon.org 3 redirects www.newscon.org	94 KB
12	inmobi.com cmp.inmobi.com — Cisco Umbrella Rank: 5339 api.cmp.inmobi.com — Cisco Umbrella Rank: 20196	331 KB
8	stat-rock.com serving.stat-rock.com — Cisco Umbrella Rank: 36138	3 KB
5	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 407 imasdk.googleapis.com — Cisco Umbrella Rank: 506	175 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 33	21 KB
4	profitsence.com tags.profitsence.com — Cisco Umbrella Rank: 307433 serving.profitsence.com — Cisco Umbrella Rank: 958845	117 KB
4	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 213	180 KB
3	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 115	14 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 43	168 KB
2	google.com www.google.com — Cisco Umbrella Rank: 3	994 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 368	17 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 797	9 KB
1	gstatic.com www.gstatic.com	213 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 215	11 KB
1	newscon.net 1 redirects newscon.net	271 B
59	15

	Domain	Requested by
14	www.newscon.org	3 redirects www.newscon.org
11	cmp.inmobi.com	www.newscon.org cmp.inmobi.com
8	serving.stat-rock.com	serving.profitsence.com
4	imasdk.googleapis.com	serving.profitsence.com imasdk.googleapis.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	securepubads.g.doubleclick.net	www.newscon.org securepubads.g.doubleclick.net imasdk.googleapis.com
3	pagead2.googlesyndication.com	imasdk.googleapis.com
3	tags.profitsence.com	www.newscon.org tags.profitsence.com
2	www.googletagmanager.com	www.newscon.org www.googletagmanager.com
2	www.google.com	www.newscon.org www.gstatic.com
1	s0.2mdn.net	imasdk.googleapis.com
1	api.cmp.inmobi.com	cmp.inmobi.com
1	serving.profitsence.com	tags.profitsence.com
1	unpkg.com	www.newscon.org
1	www.gstatic.com	www.google.com
1	ajax.googleapis.com	www.newscon.org
1	cdnjs.cloudflare.com	www.newscon.org
1	newscon.net	1 redirects
59	18

This site contains links to these domains. Also see Links.

Domain
www.profitsence.com

Subject Issuer	Validity	Valid
newscon.org R10	`2024-07-31` - `2024-10-29`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
*.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.google-analytics.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
profitsence.com Cloudflare Inc ECC CA-3	`2024-02-16` - `2024-12-31`	a year	crt.sh
upload.video.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
cmp.inmobi.com Sectigo ECC Organization Validation Secure Server CA	`2024-07-31` - `2025-07-31`	a year	crt.sh
*.gstatic.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
unpkg.com WE1	`2024-07-28` - `2024-10-26`	3 months	crt.sh
serving.profitsence.com R11	`2024-08-11` - `2024-11-09`	3 months	crt.sh
serving.stat-rock.com R11	`2024-07-28` - `2024-10-26`	3 months	crt.sh
*.doubleclick.net WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.newscon.org/d3/
Frame ID: BC4FEA7421F0B4AFF7826B6427A02AB3
Requests: 53 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdEqocbAAAAAHlPikAWDldT6ToOJqj5BG6zNz8d&co=aHR0cHM6Ly93d3cubmV3c2Nvbi5vcmc6NDQz&hl=en&v=EGbODne6buzpTnWrrBprcfAY&size=invisible&cb=n7yc6wg3p6i9
Frame ID: F03E17F57723F6B9299A41982AA3ED03
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.667.0_en.html
Frame ID: 78F9255EFF6986FC5559FF4E0B956A4A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: F88256E495FDB2D7EF9D8ACE4F97F7AF
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.667.0_en.html
Frame ID: 7C77AAD287F49F1CA44262901EFBC643
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 51E544CC0E1520F1F9BE82E1399A0B02
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.667.0_en.html
Frame ID: 68854F0929B7CEE4E95366A25E09A8FE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: F7F035A4F97C8D5314BD961E23C3D607
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Get link 4share, get link fshare, 1fichier, rapidgator, katfile ... premium link generator

Page URL History Show full URLs

https://newscon.net/getlink HTTP 301
https://www.newscon.org/getlink HTTP 301
https://www.newscon.org/downloader HTTP 301
https://www.newscon.org/downloader/ HTTP 302
https://www.newscon.org/d3/ Page URL

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

59
Requests

100 %
HTTPS

47 %
IPv6

15
Domains

18
Subdomains

20
IPs

4
Countries

1351 kB
Transfer

6182 kB
Size

8
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.profitsence.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://newscon.net/getlink HTTP 301
https://www.newscon.org/getlink HTTP 301
https://www.newscon.org/downloader HTTP 301
https://www.newscon.org/downloader/ HTTP 302
https://www.newscon.org/d3/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

59 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.newscon.org/d3/
Redirect Chain

https://newscon.net/getlink
https://www.newscon.org/getlink
https://www.newscon.org/downloader
https://www.newscon.org/downloader/
https://www.newscon.org/d3/

25 KB
6 KB

23ms
23ms

Document
text/html

51.79.250.224
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newscon.org/d3/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

51.79.250.224 Singapore, Singapore, ASN16276 (OVH, FR),

Reverse DNS

vps-c0ef9e6e.vps.ovh.ca

Software

nginx /

Resource Hash

d8fefb6ef3eb57a87850a6890b72010d3a2b39c0f1e02160f993c392ebd6414a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-language: en
content-type: text/html; charset=utf-8
date: Thu, 19 Sep 2024 04:49:01 GMT
referrer-policy: same-origin
server: nginx
vary: Accept-Encoding Origin, Cookie
x-content-type-options: nosniff

Redirect headers

content-language: en
content-length: 0
content-type: text/html; charset=utf-8
date: Thu, 19 Sep 2024 04:49:01 GMT
location: /d3/
referrer-policy: same-origin
server: nginx
vary: Origin, Cookie
x-content-type-options: nosniff

GET
H2 200 output.c74835aa9ce7.css
www.newscon.org/static/CACHE/css/ 502 KB
64 KB 41ms
33ms Stylesheet
text/css 51.79.250.224
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newscon.org/static/CACHE/css/output.c74835aa9ce7.css
Requested by: Host: www.newscon.org
URL: https://www.newscon.org/d3/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 51.79.250.224 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS: vps-c0ef9e6e.vps.ovh.ca
Software: nginx /
Resource Hash: c74835aa9ce7202c93e6ec8d3de6d700c93968d78ee1aec606f3e46d2dcc9895

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.newscon.org/d3/

Response headers

cache-control: max-age=2592000, max-age=2629746, public
content-encoding: gzip
etag: W/"66ebac1f-7d6c1"
expires: Sat, 19 Oct 2024 04:49:01 GMT
date: Thu, 19 Sep 2024 04:49:01 GMT
content-type: text/css
last-modified: Thu, 19 Sep 2024 04:44:15 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 output.cf852c4319bc.css
www.newscon.org/static/CACHE/css/ 2 KB
901 B 45ms
37ms Stylesheet
text/css 51.79.250.224
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newscon.org/static/CACHE/css/output.cf852c4319bc.css
Requested by: Host: www.newscon.org
URL: https://www.newscon.org/d3/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 51.79.250.224 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS: vps-c0ef9e6e.vps.ovh.ca
Software: nginx /
Resource Hash: cf852c4319bc0c0fd4cac6a3b4ba61bc80c4cef8a8a646e238d15a9b08899976

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.newscon.org/d3/

Response headers

cache-control: max-age=2592000, max-age=2629746, public
content-encoding: gzip
etag: W/"66ebac1f-6fe"
expires: Sat, 19 Oct 2024 04:49:01 GMT
date: Thu, 19 Sep 2024 04:49:01 GMT
content-type: text/css
last-modified: Thu, 19 Sep 2024 04:44:15 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 output.94d49d382861.css
www.newscon.org/static/CACHE/css/ 7 KB
3 KB 47ms
39ms Stylesheet
text/css 51.79.250.224
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newscon.org/static/CACHE/css/output.94d49d382861.css
Requested by: Host: www.newscon.org
URL: https://www.newscon.org/d3/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 51.79.250.224 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS: vps-c0ef9e6e.vps.ovh.ca
Software: nginx /
Resource Hash: 94d49d382861a206a7c2c07456a6ba7fdba3c6ff22f8fbb23e90c72ffa0acb43

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.newscon.org/d3/

Response headers

cache-control: max-age=2592000, max-age=2629746, public
content-encoding: gzip
etag: W/"66ebac1f-1c2b"
expires: Sat, 19 Oct 2024 04:49:01 GMT
date: Thu, 19 Sep 2024 04:49:01 GMT
content-type: text/css
last-modified: Thu, 19 Sep 2024 04:44:15 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 output.dff4fa840b02.css
www.newscon.org/static/CACHE/css/ 1 KB
808 B 45ms
38ms Stylesheet
text/css 51.79.250.224
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newscon.org/static/CACHE/css/output.dff4fa840b02.css
Requested by: Host: www.newscon.org
URL: https://www.newscon.org/d3/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 51.79.250.224 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS: vps-c0ef9e6e.vps.ovh.ca
Software: nginx /
Resource Hash: dff4fa840b02caf2b7d59fdce38a1658db0682f41e315ac1100871a09b95014b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.newscon.org/d3/

Response headers

cache-control: max-age=2592000, max-age=2629746, public
content-encoding: gzip
etag: W/"66ebac1f-5a3"
expires: Sat, 19 Oct 2024 04:49:01 GMT
date: Thu, 19 Sep 2024 04:49:01 GMT
content-type: text/css
last-modified: Thu, 19 Sep 2024 04:44:15 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/ 58 KB
11 KB 54ms
12ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css

Requested by

Host: www.newscon.org
URL: https://www.newscon.org/d3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "6599bda5-28f2"
age: 23667
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SKksI7FWiKnogBkwQvYWMk8lC3ZL%2Bs4wNdNVvAGAPq%2FGfq3mBEzdFszgOOmna%2FTFkktm6bsZ24TRrnwHVsVQBz%2BHUmxhczlRI9CuriwUGKt9SVYqliG%2BDE%2BGgZhy6mSfj%2BPhrIoe8jdeUPvim%2F6a%2FuxT"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 09 Sep 2025 04:49:01 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 19 Sep 2024 04:49:01 GMT
content-type: text/css; charset=utf-8
last-modified: Sat, 06 Jan 2024 21:52:53 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8c56f2621f960217-SIN
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10482
server: cloudflare

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
994 B 41ms
24ms Script
text/javascript 74.125.200.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LdEqocbAAAAAHlPikAWDldT6ToOJqj5BG6zNz8d

Requested by

Host: www.newscon.org
URL: https://www.newscon.org/d3/

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f105.1e100.net

Software

ESF /

Resource Hash

dfdc8b42a711c151b1ec53aeb71a0dc609833d1225c07bf9cc88bd29c201b6c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Thu, 19 Sep 2024 04:49:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Thu, 19 Sep 2024 04:49:01 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 201 KB
73 KB 76ms
17ms Script
application/javascript 2404:6800:4003:c00::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-57784662-9

Requested by

Host: www.newscon.org
URL: https://www.newscon.org/d3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::61 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

23c7ce5c8fe7a91ccaa3d15a800ad5186faf19d7ee61e43948fdc9767c0742c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
content-encoding: br
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Thu, 19 Sep 2024 04:49:01 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74393
date: Thu, 19 Sep 2024 04:49:01 GMT
x-xss-protection: 0
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Google Tag Manager
access-control-allow-headers: Cache-Control

GET
H2 200 icons8-menu.svg
www.newscon.org/static/img/ 232 B
438 B 44ms
39ms Image
image/svg+xml 51.79.250.224
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newscon.org/static/img/icons8-menu.svg
Requested by: Host: www.newscon.org
URL: https://www.newscon.org/d3/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 51.79.250.224 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS: vps-c0ef9e6e.vps.ovh.ca
Software: nginx /
Resource Hash: 6526af87d06c443d8c396322e77d1789ab7fea474b7ca35183a5ea13b4b5c4ff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.newscon.org/d3/

Response headers

cache-control: max-age=2592000, max-age=2629746, public
etag: "631d75e9-e8"
expires: Sat, 19 Oct 2024 04:49:01 GMT
accept-ranges: bytes
content-length: 232
date: Thu, 19 Sep 2024 04:49:01 GMT
content-type: image/svg+xml
last-modified: Sun, 11 Sep 2022 05:45:13 GMT
server: nginx

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 104 KB
31 KB 70ms
16ms Script
text/javascript 74.125.200.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.newscon.org
URL: https://www.newscon.org/d3/

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f154.1e100.net

Software

cafe /

Resource Hash

d397112399ea2c51ae330174a2db972adc0b2a8edd90f9bff7f249ce0f0bbe99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 825 / 19985 / m202409130501 / config-hash: 11188666388358424679
x-content-type-options: nosniff
expires: Thu, 19 Sep 2024 04:49:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Thu, 19 Sep 2024 04:49:01 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 31965
x-xss-protection: 0
server: cafe

GET
H2 200 output.b3321646b267.js Show response
www.newscon.org/static/CACHE/js/ 3 KB
990 B 44ms
39ms Script
application/javascript 51.79.250.224
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newscon.org/static/CACHE/js/output.b3321646b267.js
Requested by: Host: www.newscon.org
URL: https://www.newscon.org/d3/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 51.79.250.224 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS: vps-c0ef9e6e.vps.ovh.ca
Software: nginx /
Resource Hash: b3321646b267b08b6cf88cc952315c4e04e1f5b5275f31f7f195fbf203da8428

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.newscon.org/d3/

Response headers

cache-control: max-age=2592000, max-age=2629746, public
content-encoding: gzip
etag: W/"66ebac1f-c17"
expires: Sat, 19 Oct 2024 04:49:01 GMT
date: Thu, 19 Sep 2024 04:49:01 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 04:44:15 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 output.60f89923f5d8.js Show response
www.newscon.org/static/CACHE/js/ 301 B
459 B 11ms
7ms Script
application/javascript 51.79.250.224
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newscon.org/static/CACHE/js/output.60f89923f5d8.js
Requested by: Host: www.newscon.org
URL: https://www.newscon.org/d3/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 51.79.250.224 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS: vps-c0ef9e6e.vps.ovh.ca
Software: nginx /
Resource Hash: 60f89923f5d8de745bd47a363d1d5dbd7cd0924192f8ec30bf65cee2f575ebc6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.newscon.org/d3/

Response headers

cache-control: max-age=2592000, max-age=2629746, public
content-encoding: gzip
etag: W/"66ebac1f-12d"
expires: Sat, 19 Oct 2024 04:49:01 GMT
date: Thu, 19 Sep 2024 04:49:01 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 04:44:15 GMT
server: nginx
vary: Accept-Encoding

GET
H3 200 profitSenceAdRotationV1.js Show response
tags.profitsence.com/scripts/ 4 KB
2 KB 158ms
73ms Script
application/x-javascript 172.67.170.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.profitsence.com/scripts/profitSenceAdRotationV1.js
Requested by: Host: www.newscon.org
URL: https://www.newscon.org/d3/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c8cb49f3e2f94dc2521361a4d7b5d6156ed611ba25da3e67921ee5f907b1ef8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
cf-bgj: minify
etag: W/"e69-66090d4c-cfafb;br"
age: 597202
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SRFYh0kWDrA2grxVtJJLvlQipoN%2Bxuftkicx3NEAkZZCgMJWAFokd8zbMuRk%2Fz6a6Vfdgon4tKnGnoj7U88xk7nLtPrZ5%2Ff3KiiA9g%2B5Ty05FcrQkzcqB6i4GH7AtGda%2BBiehCc3WA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 16 May 2024 05:39:18 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 19 Sep 2024 04:49:01 GMT
content-type: application/x-javascript
last-modified: Sun, 31 Mar 2024 07:14:20 GMT
vary: Accept-Encoding
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8c56f262dfb30510-HKG
server: cloudflare

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
31 KB 23ms
5ms Script
text/javascript 2404:6800:4003:c01::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: www.newscon.org
URL: https://www.newscon.org/d3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
age: 48524
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Thu, 18 Sep 2025 15:20:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Sep 2024 15:20:17 GMT
last-modified: Mon, 13 May 2019 14:37:17 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30774
x-xss-protection: 0
server: sffe

GET
H2 200 output.b961d9ad6b6a.js Show response
www.newscon.org/static/CACHE/js/ 4 KB
1 KB 42ms
35ms Script
application/javascript 51.79.250.224
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newscon.org/static/CACHE/js/output.b961d9ad6b6a.js
Requested by: Host: www.newscon.org
URL: https://www.newscon.org/d3/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 51.79.250.224 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS: vps-c0ef9e6e.vps.ovh.ca
Software: nginx /
Resource Hash: b961d9ad6b6aae8d1def1387fc5b53d2ebaa6f262e8d9fabcd512299dfc68eee

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.newscon.org/d3/

Response headers

cache-control: max-age=2592000, max-age=2629746, public
content-encoding: gzip
etag: W/"66ebac1f-f0b"
expires: Sat, 19 Oct 2024 04:49:01 GMT
date: Thu, 19 Sep 2024 04:49:01 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 04:44:15 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 choice.js Show response
cmp.inmobi.com/choice/5Fctf_7A488Hn/www.newscon.org/ 4 KB
2 KB 802ms
711ms Script
application/javascript 2600:9000:223b:800:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/choice/5Fctf_7A488Hn/www.newscon.org/choice.js?tag_version=V3
Requested by: Host: www.newscon.org
URL: https://www.newscon.org/d3/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223b:800:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0968837a337df2748ab54477ea6203a095da6b9c51cd4c33694d8cc0df38faa5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
cache-control: max-age=900
content-encoding: gzip
etag: W/"a54f5aa744d037bed95a9dad018f717d"
cross-origin-resource-policy: cross-origin
via: 1.1 57441ee201b6bfb8ff8be48f8e002574.cloudfront.net (CloudFront)
x-cache: RefreshHit from cloudfront
x-amz-cf-id: OhJjOyyda9Jz7Ta01k0ZCW0dCnMWSjPqVZUiNfqhLT78_EK5tN-wgw==
date: Thu, 19 Sep 2024 04:49:03 GMT
content-type: application/javascript
last-modified: Mon, 01 Jul 2024 09:12:20 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P2
x-amz-server-side-encryption: AES256

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/EGbODne6buzpTnWrrBprcfAY/ 538 KB
213 KB 62ms
4ms Script
text/javascript 2404:6800:4003:c03::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/EGbODne6buzpTnWrrBprcfAY/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdEqocbAAAAAHlPikAWDldT6ToOJqj5BG6zNz8d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4943e91f7f53318d481ca07297395abbc52541c2be55d7276ecda152cd7ad9c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.newscon.org
Referer

Response headers

content-encoding: gzip
age: 128938
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Wed, 17 Sep 2025 17:00:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Sep 2024 17:00:03 GMT
last-modified: Tue, 03 Sep 2024 02:00:38 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 217247
x-xss-protection: 0
server: sffe

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409130501/ 477 KB
149 KB 54ms
51ms Script
text/javascript 74.125.200.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409130501/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f154.1e100.net

Software

cafe /

Resource Hash

a2db6f5816e22bc5c271d00a5f39c5bed544219fa9ec6620e9028704c58799a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 15411602477199946532
age: 46669
x-content-type-options: nosniff
expires: Thu, 18 Sep 2025 15:51:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 18 Sep 2024 15:51:12 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 152107
x-xss-protection: 0
server: cafe

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 1 KB
311 B 127ms
38ms XHR
application/json 74.125.200.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.newscon.org

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f154.1e100.net

Software

cafe /

Resource Hash

a6187f739d9614daece8600e68f18b4aef7008db7f172339ae903ea0cae7221c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Thu, 19 Sep 2024 04:49:02 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 286
date: Thu, 19 Sep 2024 04:49:02 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 infinite-scroll.pkgd.min.js Show response
unpkg.com/infinite-scroll@4.0.1/dist/ 22 KB
9 KB 141ms
25ms Script
application/javascript 2606:4700::6811:f6cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/infinite-scroll@4.0.1/dist/infinite-scroll.pkgd.min.js

Requested by

Host: www.newscon.org
URL: https://www.newscon.org/d3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:f6cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c9e9d369b235905c32e3ae399f4499cc30e60a1180be631d548ca2f98099ac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "580b-Xe7Ul/wyjnKNvkk83TW0OY72vHA"
age: 11355596
x-content-type-options: nosniff
date: Thu, 19 Sep 2024 04:49:02 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HXHW84MH2E5JWH85Y5JZ7QWT-sin
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8c56f263eec149c6-SIN
access-control-allow-origin: *
server: cloudflare

GET
H2 200 main2.js Show response
www.newscon.org/static/js/ 930 B
652 B 48ms
47ms Script
application/javascript 51.79.250.224
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newscon.org/static/js/main2.js
Requested by: Host: www.newscon.org
URL: https://www.newscon.org/d3/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 51.79.250.224 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS: vps-c0ef9e6e.vps.ovh.ca
Software: nginx /
Resource Hash: 3afdccf9f0dd4c0a891584211e9006905551d8cb90c0c64663cee7a3c2feb797

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.newscon.org/d3/

Response headers

cache-control: max-age=2592000, max-age=2629746, public
content-encoding: gzip
etag: W/"631d75e9-3a2"
expires: Sat, 19 Oct 2024 04:49:01 GMT
date: Thu, 19 Sep 2024 04:49:01 GMT
content-type: application/javascript
last-modified: Sun, 11 Sep 2022 05:45:13 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 getTags Show response
tags.profitsence.com/API/account/ 550 B
845 B 397ms
319ms Fetch
application/json 2606:4700:3033::ac43:aa29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.profitsence.com:2053/API/account/getTags?adId=ps_ad_rotation_id_7973&adCount=1&countryCode=
Requested by: Host: tags.profitsence.com
URL: https://tags.profitsence.com/scripts/profitSenceAdRotationV1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:aa29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a5967fdaf1d23974f34a00ea435e9617381f65d4e6b98a1109631a1851d26776

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: DYNAMIC
etag: W/"226-cDbu5XWQpEvyjwKvU2YC5y2vsuA"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fGmNCA0%2F%2FQTfIt9hl4I9d5FJ94yAQiPSXRlEHs1w2BcKbCbz2blwqTHzP7HroeEDxdxZoemrEhZ4Jn4%2FAwBv8qIS8PKSErzmaQkOwFZiZfELMfaX4UeNkVb4va4ktfuIESFBwQfIsmTkliMZ%2FEYIAGxQC5GLns5v"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c56f263db7a46a3-SIN
access-control-allow-origin: *
alt-svc: h3=":2053"; ma=86400
date: Thu, 19 Sep 2024 04:49:02 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 273 KB
95 KB 37ms
35ms Script
application/javascript 2404:6800:4003:c00::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-067DPYH9L6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-57784662-9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::61 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d8090ca250ec22513c900d02355211826e6614674839a19e8401935fc2b30402

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
content-encoding: br
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Thu, 19 Sep 2024 04:49:02 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96745
date: Thu, 19 Sep 2024 04:49:02 GMT
x-xss-protection: 0
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Google Tag Manager
access-control-allow-headers: Cache-Control

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame F03E 0
0 38ms
31ms Document
text/html 74.125.200.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdEqocbAAAAAHlPikAWDldT6ToOJqj5BG6zNz8d&co=aHR0cHM6Ly93d3cubmV3c2Nvbi5vcmc6NDQz&hl=en&v=EGbODne6buzpTnWrrBprcfAY&size=invisible&cb=n7yc6wg3p6i9

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/EGbODne6buzpTnWrrBprcfAY/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f99.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nHdjiCdX1aMq8SZnD3EOeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-nHdjiCdX1aMq8SZnD3EOeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Thu, 19 Sep 2024 04:49:02 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 68ms
12ms Fetch
text/plain 2404:6800:4003:c05::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-067DPYH9L6&gtm=45je49h0v874882467za200&_p=1726721341815&gcd=13l3l3l3l1l1&npa=0&dma=0&tcfd=10000&tag_exp=0&cid=503464759.1726721342&ul=en-sg&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1726721342&sct=1&seg=0&dl=https%3A%2F%2Fwww.newscon.org%2Fd3%2F&dt=Get%20link%204share%2C%20get%20link%20fshare%2C%201fichier%2C%20rapidgator%2C%20katfile%20...%20premium%20link%20generator&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=668
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-067DPYH9L6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c05::8a Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.newscon.org
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 19 Sep 2024 04:49:02 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 profitsence.js Show response
serving.profitsence.com/player/ 353 KB
110 KB 1496ms
182ms Script
application/javascript 95.217.58.251
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://serving.profitsence.com/player/profitsence.js
Requested by: Host: tags.profitsence.com
URL: https://tags.profitsence.com/scripts/profitSenceAdRotationV1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.217.58.251 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.251.58.217.95.clients.your-server.de
Software: nginx /
Resource Hash: bfd10978f925c773ed67664c1f0b0b243ed99abf55187b9c961f9f89529c2adb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: public, max-age=600
content-encoding: gzip
etag: W/"667a7210-58355"
date: Thu, 19 Sep 2024 04:49:03 GMT
content-type: application/javascript
last-modified: Tue, 25 Jun 2024 07:30:24 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 cmp2.js Show response
cmp.inmobi.com/tcfv2/ 454 KB
115 KB 27ms
27ms Script
text/javascript 2600:9000:223b:800:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=www.newscon.org
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/choice/5Fctf_7A488Hn/www.newscon.org/choice.js?tag_version=V3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223b:800:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6b2fbcf56b81553fd91d8ababd2313424528482d89594d7b541708878c9c7684

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 86400
content-encoding: gzip
etag: W/"ea02a14ea4ab855554e21044517f9595"
age: 2296
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
x-cache: Hit from cloudfront
x-amz-cf-id: sDJHvLNRfDDrkYMqaVqn340mlNMvSeZRzUxt24HyJBVTVZ2XCk-rxg==
date: Thu, 19 Sep 2024 04:10:47 GMT
content-type: text/javascript;charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 10 Sep 2024 07:59:11 GMT
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
via: 1.1 57441ee201b6bfb8ff8be48f8e002574.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: SIN2-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 35ms
33ms Script
text/javascript 2404:6800:4003:c05::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-57784662-9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::8a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
content-encoding: gzip
age: 2548
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Thu, 19 Sep 2024 06:06:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
date: Thu, 19 Sep 2024 04:06:34 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
server: Golfe2
vary: Accept-Encoding

GET
H2 200 vendor-list-trimmed-v1.json Show response
cmp.inmobi.com/GVL-v3/ 601 KB
67 KB 99ms
34ms XHR
application/json 2600:9000:223b:800:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/GVL-v3/vendor-list-trimmed-v1.json
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=www.newscon.org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223b:800:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1a1214ab20f3f1369383037c1f83a60fd3157e8d9ba7f24e13cca374bcc2ac38

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 3000
content-encoding: br
etag: W/"a7f09eed9294418320a7e492bdbb5ed0"
age: 23924
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
x-cache: Hit from cloudfront
x-amz-cf-id: 5AHXIAumrIzDEF9tK92UO8w7kcpZ9nfFFJbt1SpGwNBFGcMCKmVRNw==
date: Wed, 18 Sep 2024 22:10:19 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Thu, 12 Sep 2024 23:59:20 GMT
cache-control: max-age=86400
access-control-allow-credentials: true
via: 1.1 6ddfc55dbf10d9a646bfcdba6cd89472.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: SIN2-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 33ms
32ms XHR
text/plain 74.125.200.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1340903334&t=pageview&_s=1&dl=https%3A%2F%2Fwww.newscon.org%2Fd3%2F&ul=en-sg&de=UTF-8&dt=Get%20link%204share%2C%20get%20link%20fshare%2C%201fichier%2C%20rapidgator%2C%20katfile%20...%20premium%20link%20generator&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=924522342&gjid=916448412&cid=503464759.1726721342&tid=UA-57784662-9&_gid=1236398207.1726721343&_r=1&gtm=457e49h0za200&gcd=13l3l3l3l1l1&dma=0&tcfd=1000g&tag_exp=0&jsscut=1&z=2035649168

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f102.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.newscon.org
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
date: Thu, 19 Sep 2024 04:49:02 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 vendor-list-trimmed-v1.json Show response
cmp.inmobi.com/GVL-v3/ 601 KB
0 0ms
0ms XHR
application/json 2600:9000:223b:800:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/GVL-v3/vendor-list-trimmed-v1.json
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=www.newscon.org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223b:800:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1a1214ab20f3f1369383037c1f83a60fd3157e8d9ba7f24e13cca374bcc2ac38

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 3000
content-encoding: br
etag: W/"a7f09eed9294418320a7e492bdbb5ed0"
age: 23924
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
x-cache: Hit from cloudfront
x-amz-cf-id: 5AHXIAumrIzDEF9tK92UO8w7kcpZ9nfFFJbt1SpGwNBFGcMCKmVRNw==
date: Wed, 18 Sep 2024 22:10:19 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Thu, 12 Sep 2024 23:59:20 GMT
cache-control: max-age=86400
access-control-allow-credentials: true
via: 1.1 6ddfc55dbf10d9a646bfcdba6cd89472.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: SIN2-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 geoip Show response
cmp.inmobi.com/ 48 B
330 B 31ms
31ms XHR
application/json 2600:9000:223b:800:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/geoip
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=www.newscon.org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223b:800:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 16b7dfb1b5485e46b53e9b388e3baa11fe009ea91eb3071bc4af261950611e90

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer

Response headers

access-control-expose-headers: *
via: 1.1 6ddfc55dbf10d9a646bfcdba6cd89472.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: FunctionGeneratedResponse from cloudfront
content-length: 48
x-amz-cf-id: K5LyW-41jXpRIuxrlvLNdK_L0PHosU2Ip4PQhYAr-B6_8kAop5G8bA==
date: Thu, 19 Sep 2024 04:49:02 GMT
content-type: application/json
x-amz-cf-pop: SIN2-P2
server: CloudFront

GET
H2 200 cmp-list.json Show response
cmp.inmobi.com/GVL-v2/ 20 KB
5 KB 26ms
25ms XHR
application/json 2600:9000:223b:800:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/GVL-v2/cmp-list.json
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=www.newscon.org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223b:800:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bc7eff0d6c87d05b40da1a92e351883d527d9b01c86048e1a928c615e12c3025

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer

Response headers

access-control-max-age: 86400
content-encoding: gzip
etag: W/"882b1aa73e745edc4a069e617bd53000"
age: 6498
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: OKK9RGEh1B49-MXp2q6mg_VaWy1-TAzRkOgCBB2mYqWJQSMGoBx4jA==
date: Thu, 19 Sep 2024 03:00:45 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Thu, 19 Sep 2024 03:00:42 GMT
cache-control: max-age=172800
via: 1.1 6ddfc55dbf10d9a646bfcdba6cd89472.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: SIN2-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 cmp2ui-en.js Show response
cmp.inmobi.com/tcfv2/54/ 426 KB
106 KB 21ms
20ms Script
text/javascript 2600:9000:223b:800:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/tcfv2/54/cmp2ui-en.js
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=www.newscon.org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223b:800:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fae2d533b169d904322d752cbf220a9329b7f454e8081f119a784c4a9d4ae74b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 86400
content-encoding: gzip
etag: W/"cf3b901ccf6ab9efb61a4ff234947e96"
age: 116960
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
x-cache: Hit from cloudfront
x-amz-cf-id: cCeAlyWPY13R4cGca5WXupjWulMd2ZbtbIoqPnQWmfQcUSBYevSX2g==
date: Wed, 18 Sep 2024 12:45:23 GMT
content-type: text/javascript;charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 10 Sep 2024 07:58:57 GMT
cache-control: max-age=172800
cross-origin-resource-policy: cross-origin
via: 1.1 57441ee201b6bfb8ff8be48f8e002574.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: SIN2-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 purposes-national-en.json Show response
cmp.inmobi.com/us-mspa/v1/ 9 KB
2 KB 40ms
39ms XHR
application/json 2600:9000:223b:800:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/us-mspa/v1/purposes-national-en.json
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=www.newscon.org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223b:800:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e879eb5127bfbcada0bf0daef26a48cf681dd8fc96e03042f189d0b07bcd8f78

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer

Response headers

access-control-max-age: 3000
content-encoding: br
etag: W/"1ef88c3d5b4b75c52c64d09ed72ed244"
age: 546
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: Qpd19fMm3FsJdbN0g-7ZQr5Upqjcpba889wtMvpAjAweTdrif-8D1A==
date: Thu, 19 Sep 2024 04:39:58 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Wed, 29 May 2024 09:03:51 GMT
cache-control: max-age=900
access-control-allow-credentials: true
via: 1.1 6ddfc55dbf10d9a646bfcdba6cd89472.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: SIN2-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 vendor-list-trimmed-v1.json Show response
cmp.inmobi.com/GVL-v3/ 601 KB
0 0ms
0ms XHR
application/json 2600:9000:223b:800:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/GVL-v3/vendor-list-trimmed-v1.json
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=www.newscon.org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223b:800:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1a1214ab20f3f1369383037c1f83a60fd3157e8d9ba7f24e13cca374bcc2ac38

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 3000
content-encoding: br
etag: W/"a7f09eed9294418320a7e492bdbb5ed0"
age: 23924
access-control-allow-methods: GET
x-amz-storage-class: INTELLIGENT_TIERING
x-cache: Hit from cloudfront
x-amz-cf-id: 5AHXIAumrIzDEF9tK92UO8w7kcpZ9nfFFJbt1SpGwNBFGcMCKmVRNw==
date: Wed, 18 Sep 2024 22:10:19 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Thu, 12 Sep 2024 23:59:20 GMT
cache-control: max-age=86400
access-control-allow-credentials: true
via: 1.1 6ddfc55dbf10d9a646bfcdba6cd89472.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: SIN2-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 google-atp-list.json Show response
cmp.inmobi.com/tcfv2/ 141 KB
34 KB 32ms
30ms XHR
application/json 2600:9000:223b:800:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/tcfv2/google-atp-list.json
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=www.newscon.org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223b:800:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c42e72e932c1ab4e2d8ad405bcf43330fe279a7049376f9865cd2f24f8b83be5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer

Response headers

access-control-max-age: 86400
content-encoding: gzip
etag: W/"21f69bfd1ea394bbb7f8098caad919cb"
age: 6515
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: HF04pE6nqyVpGc9ptzqi9laCDfy945SI26qQhHTX9ZvsW0k8qSuftQ==
date: Thu, 19 Sep 2024 03:00:29 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Thu, 19 Sep 2024 03:00:25 GMT
cache-control: max-age=172800
via: 1.1 6ddfc55dbf10d9a646bfcdba6cd89472.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: SIN2-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 / Show response
api.cmp.inmobi.com/ 2 B
101 B 547ms
171ms XHR
text/plain 52.59.78.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.cmp.inmobi.com/?log=%7B%22accountId%22%3A%225Fctf_7A488Hn%22%2C%22domain%22%3A%22www.newscon.org%22%2C%22publisher%22%3A%22newscon.org%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.54%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%222fGBlwWpa385NN4%2B2hJFSg%22%2C%22tagVersion%22%3A%22V3%22%2C%22gvlVersion%22%3A3%2C%22themeUuid%22%3A%227ef284a7-95ee-46c5-ab1d-53a80b077e2c%22%2C%22clientTimestamp%22%3A1726721343131%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-x4mgitt81nchoimt92b2%22%7D
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/54/cmp2ui-en.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.59.78.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-78-184.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer

Response headers

access-control-allow-origin: *
content-length: 2
date: Thu, 19 Sep 2024 04:49:03 GMT
content-type: text/plain; charset=utf-8

GET
H2 200 geoip Show response
cmp.inmobi.com/ 48 B
330 B 29ms
29ms XHR
application/json 2600:9000:223b:800:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/geoip
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/54/cmp2ui-en.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223b:800:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 16b7dfb1b5485e46b53e9b388e3baa11fe009ea91eb3071bc4af261950611e90

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer

Response headers

access-control-expose-headers: *
via: 1.1 6ddfc55dbf10d9a646bfcdba6cd89472.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: FunctionGeneratedResponse from cloudfront
content-length: 48
x-amz-cf-id: 2nWRLFEfibZgOlKcmG6I_pqvifgPMC-p27NO3jP33M3oaVGEeZ6Bmg==
date: Thu, 19 Sep 2024 04:49:03 GMT
content-type: application/json
x-amz-cf-pop: SIN2-P2
server: CloudFront

GET
H2 200 1 Show response
serving.stat-rock.com/v1/placements/F5aQI1N7FoIE/code/js/ 4 KB
1 KB 515ms
177ms XHR
application/json 144.76.128.227
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://serving.stat-rock.com/v1/placements/F5aQI1N7FoIE/code/js/1?url=https%3A%2F%2Fwww.newscon.org%2Fd3%2F&b=0.8535626879410616
Requested by: Host: serving.profitsence.com
URL: https://serving.profitsence.com/player/profitsence.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.76.128.227 Mainz, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ap16.adplayer.pro
Software: nginx /
Resource Hash: a432a015f1cd9f6c3c73a8bca53a8d305e8af398e75b21370c024107a11c07a9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: */*
Referer

Response headers

srvf: 144.76.128.227
cache-control: no-store, no-cache, must-revalidate
srvb: 127.0.0.1:8082
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: OPTIONS, GET
access-control-allow-origin: https://www.newscon.org
date: Thu, 19 Sep 2024 04:49:04 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx

GET
H2 200 pwa.png
www.newscon.org/static/img/ 15 KB
15 KB 9ms
8ms Other
image/png 51.79.250.224
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newscon.org/static/img/pwa.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 51.79.250.224 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS: vps-c0ef9e6e.vps.ovh.ca
Software: nginx /
Resource Hash: 7409660bc78140b7f76a54a661cd00889a25fe2d16002bfd66eeb76fd5422a48

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.newscon.org/d3/

Response headers

cache-control: max-age=2592000, max-age=2629746, public
etag: "631d75e9-3a6c"
expires: Sat, 19 Oct 2024 04:49:04 GMT
accept-ranges: bytes
content-length: 14956
date: Thu, 19 Sep 2024 04:49:04 GMT
content-type: image/png
last-modified: Sun, 11 Sep 2022 05:45:13 GMT
server: nginx

GET
DATA 200
OK truncated
/ 630 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 422 KB
145 KB 11ms
6ms Script
text/javascript 2404:6800:4003:c01::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: serving.profitsence.com
URL: https://serving.profitsence.com/player/profitsence.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54324bcceff03dbc7a1482a4589a321dc190a1419ef190553b8351d7c7648716

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: private, max-age=900, stale-while-revalidate=3600
content-encoding: gzip
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
x-content-type-options: nosniff
expires: Thu, 19 Sep 2024 04:49:04 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 147748
date: Thu, 19 Sep 2024 04:49:04 GMT
x-xss-protection: 0
content-type: text/javascript
vary: Accept-Encoding
server: sffe

GET
H3 200 ProfitSence_Video_Player_Favicon.png
tags.profitsence.com/assets/images/ 4 KB
4 KB 57ms
57ms Image
image/png 172.67.170.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.profitsence.com/assets/images/ProfitSence_Video_Player_Favicon.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5becb5d3cc04965964731286f783fc878476c2808f387982f6390b07172c05c3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cf-cache-status: HIT
etag: "f16-66364c3c-cfba5;;;"
age: 555224
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k2vX30%2FolvilFAsp4gStGYTKo%2Bgn8hzh2DzerzAJlixgPMtXz7h8W61br1h1d29%2Fhnq3KTBvaFh9knVMnk%2FhQSePo6A8nnONy49yJfaNjAOIQDNhDMD6MMyjaVfa2TYu6PGtiV3Ybg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 16 May 2024 05:39:25 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 19 Sep 2024 04:49:05 GMT
content-type: image/png
last-modified: Sat, 04 May 2024 14:54:52 GMT
vary: Accept-Encoding
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8c56f27649dc0510-HKG
accept-ranges: bytes
content-length: 3862
server: cloudflare

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ 35 B
168 B 170ms
170ms Image
image/gif 144.76.128.227
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?id=1726721344951.7183&type=INIT&placementId=F5aQI1N7FoIE&tagId=&message=&u=https%3A%2F%2Fwww.newscon.org%2Fd3%2F&t=545&v=120&w=EBuDqZA_EQ-d&width=640&z=p%3Apl%3Bv%3AinPage%3B&r=0.7727594126531767
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.76.128.227 Mainz, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ap16.adplayer.pro
Software: nginx /
Resource Hash: abb9eded59e356b99a573d6bce7be0919e04dbe6cc4197a73f656f323697ee69

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.newscon.org
Referer

Response headers

srvf: 144.76.128.227
access-control-allow-origin: https://www.newscon.org
srvb: 127.0.0.1:8082
content-length: 35
date: Thu, 19 Sep 2024 04:49:05 GMT
content-type: image/gif
server: nginx

GET
H3 200 ima_ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 911 B
220 B 13ms
13ms XHR
application/json 74.125.200.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fwww.newscon.org%2Fd3%2F

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f154.1e100.net

Software

cafe /

Resource Hash

22a08b7892a5d6e15823916802363eccfe756df8be0cb2f7c910557c230bc518

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Thu, 19 Sep 2024 04:49:05 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 195
date: Thu, 19 Sep 2024 04:49:05 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 bridge3.667.0_en.html
imasdk.googleapis.com/js/core/ Frame 78F9 0
0 15ms
6ms Document
text/html 2404:6800:4003:c01::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.667.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 46828
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 258070
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Wed, 18 Sep 2024 15:48:37 GMT
expires: Thu, 18 Sep 2025 15:48:37 GMT
last-modified: Tue, 17 Sep 2024 16:42:00 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 46ms
12ms Script
text/javascript 2404:6800:4003:c0f::94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::94 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: private, max-age=900
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Thu, 19 Sep 2024 04:49:05 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 16746
date: Thu, 19 Sep 2024 04:49:05 GMT
x-xss-protection: 0
content-type: text/javascript
vary: Accept-Encoding
server: sffe

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ 35 B
168 B 169ms
169ms Image
image/gif 144.76.128.227
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?id=1726721344951.7183&type=OPPORTUNITY&placementId=F5aQI1N7FoIE&tagId=ZthGbHiGZ7yd&vtId=UjAfgyrDU2cr&message=&u=https%3A%2F%2Fwww.newscon.org%2Fd3%2F&t=617&v=120&w=EBuDqZA_EQ-d&width=640&z=p%3Apl%3Bpt%3APRE%3Bv%3AinPage%3Bc%3Agoogima%3Bt%3Aurl%3B&r=0.5490540935623061
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.76.128.227 Mainz, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ap16.adplayer.pro
Software: nginx /
Resource Hash: abb9eded59e356b99a573d6bce7be0919e04dbe6cc4197a73f656f323697ee69

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.newscon.org
Referer

Response headers

srvf: 144.76.128.227
access-control-allow-origin: https://www.newscon.org
srvb: 127.0.0.1:8082
content-length: 35
date: Thu, 19 Sep 2024 04:49:05 GMT
content-type: image/gif
server: nginx

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame F882 40 KB
14 KB 37ms
7ms Script
text/javascript 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f156.1e100.net

Software

sffe /

Resource Hash

5b9cfa0283d9a9f6a909df2b61c9933c11130343f08aec96cdd8f49c29972526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
age: 3220
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
x-content-type-options: nosniff
expires: Thu, 19 Sep 2024 04:55:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Sep 2024 03:55:25 GMT
last-modified: Thu, 11 Apr 2024 19:10:13 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=3600
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
accept-ranges: bytes
content-length: 13943
x-xss-protection: 0
server: sffe

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ 35 B
168 B 168ms
168ms Image
image/gif 144.76.128.227
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?id=1726721344951.7183&type=REQUEST&placementId=F5aQI1N7FoIE&tagId=ZthGbHiGZ7yd&vtId=UjAfgyrDU2cr&message=&u=https%3A%2F%2Fwww.newscon.org%2Fd3%2F&t=636&v=120&w=EBuDqZA_EQ-d&width=640&z=p%3Apl%3Bpt%3APRE%3Bv%3AinPage%3Bc%3Agoogima%3Bt%3Aurl%3B&r=0.974753930417404
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.76.128.227 Mainz, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ap16.adplayer.pro
Software: nginx /
Resource Hash: abb9eded59e356b99a573d6bce7be0919e04dbe6cc4197a73f656f323697ee69

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.newscon.org
Referer

Response headers

srvf: 144.76.128.227
access-control-allow-origin: https://www.newscon.org
srvb: 127.0.0.1:8082
content-length: 35
date: Thu, 19 Sep 2024 04:49:05 GMT
content-type: image/gif
server: nginx

GET
H2 200 bridge3.667.0_en.html
imasdk.googleapis.com/js/core/ Frame 7C77 0
0 0ms
0ms Document
text/html 2404:6800:4003:c01::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.667.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 46828
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 258070
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Wed, 18 Sep 2024 15:48:37 GMT
expires: Thu, 18 Sep 2025 15:48:37 GMT
last-modified: Tue, 17 Sep 2024 16:42:00 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ 35 B
168 B 170ms
169ms Image
image/gif 144.76.128.227
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?d=1&id=1726721344951.7183&type=OPPORTUNITY&placementId=F5aQI1N7FoIE&tagId=mB7VqtPlmYTI&vtId=zTj1i1eozPDJ&message=&u=https%3A%2F%2Fwww.newscon.org%2Fd3%2F&t=1709&v=120&w=EBuDqZA_EQ-d&width=640&z=p%3Apl%3Bpt%3APRE%3Bv%3AinPage%3Bc%3Agoogima%3Bt%3Aurl%3B&r=0.46221461007724374
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.76.128.227 Mainz, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ap16.adplayer.pro
Software: nginx /
Resource Hash: abb9eded59e356b99a573d6bce7be0919e04dbe6cc4197a73f656f323697ee69

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.newscon.org
Referer

Response headers

srvf: 144.76.128.227
access-control-allow-origin: https://www.newscon.org
srvb: 127.0.0.1:8082
content-length: 35
date: Thu, 19 Sep 2024 04:49:06 GMT
content-type: image/gif
server: nginx

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 51E5 40 KB
0 37ms
7ms Script
text/javascript 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f156.1e100.net

Software

sffe /

Resource Hash

5b9cfa0283d9a9f6a909df2b61c9933c11130343f08aec96cdd8f49c29972526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
age: 3220
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
x-content-type-options: nosniff
expires: Thu, 19 Sep 2024 04:55:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Sep 2024 03:55:25 GMT
last-modified: Thu, 11 Apr 2024 19:10:13 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=3600
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
accept-ranges: bytes
content-length: 13943
x-xss-protection: 0
server: sffe

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ 35 B
168 B 169ms
168ms Image
image/gif 144.76.128.227
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?d=1&id=1726721344951.7183&type=REQUEST&placementId=F5aQI1N7FoIE&tagId=mB7VqtPlmYTI&vtId=zTj1i1eozPDJ&message=&u=https%3A%2F%2Fwww.newscon.org%2Fd3%2F&t=1721&v=120&w=EBuDqZA_EQ-d&width=640&z=p%3Apl%3Bpt%3APRE%3Bv%3AinPage%3Bc%3Agoogima%3Bt%3Aurl%3B&r=0.251698826041713
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.76.128.227 Mainz, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ap16.adplayer.pro
Software: nginx /
Resource Hash: abb9eded59e356b99a573d6bce7be0919e04dbe6cc4197a73f656f323697ee69

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.newscon.org
Referer

Response headers

srvf: 144.76.128.227
access-control-allow-origin: https://www.newscon.org
srvb: 127.0.0.1:8082
content-length: 35
date: Thu, 19 Sep 2024 04:49:06 GMT
content-type: image/gif
server: nginx

GET
H2 200 bridge3.667.0_en.html
imasdk.googleapis.com/js/core/ Frame 6885 0
0 0ms
0ms Document
text/html 2404:6800:4003:c01::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.667.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 46828
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 258070
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Wed, 18 Sep 2024 15:48:37 GMT
expires: Thu, 18 Sep 2025 15:48:37 GMT
last-modified: Tue, 17 Sep 2024 16:42:00 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ 35 B
168 B 173ms
171ms Image
image/gif 144.76.128.227
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?d=1&id=1726721344951.7183&type=OPPORTUNITY&placementId=F5aQI1N7FoIE&tagId=hcnNfQHihE4H&vtId=Fd1UbsvTFM2N&message=&u=https%3A%2F%2Fwww.newscon.org%2Fd3%2F&t=2477&v=120&w=EBuDqZA_EQ-d&width=640&z=p%3Apl%3Bpt%3APRE%3Bv%3AinPage%3Bc%3Agoogima%3Bt%3Aurl%3B&r=0.3055004715341785
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.76.128.227 Mainz, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ap16.adplayer.pro
Software: nginx /
Resource Hash: abb9eded59e356b99a573d6bce7be0919e04dbe6cc4197a73f656f323697ee69

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.newscon.org
Referer

Response headers

srvf: 144.76.128.227
access-control-allow-origin: https://www.newscon.org
srvb: 127.0.0.1:8082
content-length: 35
date: Thu, 19 Sep 2024 04:49:06 GMT
content-type: image/gif
server: nginx

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame F7F0 40 KB
0 1ms
1ms Script
text/javascript 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f156.1e100.net

Software

sffe /

Resource Hash

5b9cfa0283d9a9f6a909df2b61c9933c11130343f08aec96cdd8f49c29972526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
age: 3220
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
x-content-type-options: nosniff
expires: Thu, 19 Sep 2024 04:55:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Sep 2024 03:55:25 GMT
last-modified: Thu, 11 Apr 2024 19:10:13 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=3600
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
accept-ranges: bytes
content-length: 13943
x-xss-protection: 0
server: sffe

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ 35 B
168 B 171ms
170ms Image
image/gif 144.76.128.227
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?d=1&id=1726721344951.7183&type=REQUEST&placementId=F5aQI1N7FoIE&tagId=hcnNfQHihE4H&vtId=Fd1UbsvTFM2N&message=&u=https%3A%2F%2Fwww.newscon.org%2Fd3%2F&t=2490&v=120&w=EBuDqZA_EQ-d&width=640&z=p%3Apl%3Bpt%3APRE%3Bv%3AinPage%3Bc%3Agoogima%3Bt%3Aurl%3B&r=0.9009081014550826
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.76.128.227 Mainz, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ap16.adplayer.pro
Software: nginx /
Resource Hash: abb9eded59e356b99a573d6bce7be0919e04dbe6cc4197a73f656f323697ee69

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.newscon.org
Referer

Response headers

srvf: 144.76.128.227
access-control-allow-origin: https://www.newscon.org
srvb: 127.0.0.1:8082
content-length: 35
date: Thu, 19 Sep 2024 04:49:07 GMT
content-type: image/gif
server: nginx

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 30ms
30ms Fetch
text/plain 74.125.200.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-067DPYH9L6&gtm=45je49h0v874882467za200&_p=1726721341815&gcd=13l3l3l3l1l1&npa=0&dma=0&tcfd=10000&tag_exp=0&cid=503464759.1726721342&ul=en-sg&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEAI&_s=2&sid=1726721342&sct=1&seg=0&dl=https%3A%2F%2Fwww.newscon.org%2Fd3%2F&dt=Get%20link%204share%2C%20get%20link%20fshare%2C%201fichier%2C%20rapidgator%2C%20katfile%20...%20premium%20link%20generator&en=scroll&epn.percent_scrolled=90&_et=8&tfd=5677
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-067DPYH9L6&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.200.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sa-in-f102.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.newscon.org
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 19 Sep 2024 04:49:07 GMT
content-type: text/plain
server: Golfe2

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.newscon.org/d3	1969-12-31 23:59:59	Name: testcookie Value: 1
www.newscon.org/	1970-01-21 09:14:41	Name: django_language Value: en
www.newscon.org/	1970-01-20 23:58:50	Name: sessionid Value: eyJfbGFuZ3VhZ2UiOiJlbiJ9:1sr96D:TGFheI4d-wIgUxJKJtdOUy18YpQ1qwx67M8dqDjgmPI
.newscon.org/	1970-01-21 09:14:41	Name: _ga_067DPYH9L6 Value: GS1.1.1726721342.1.0.1726721342.0.0.0
.newscon.org/	1970-01-21 09:14:41	Name: _ga Value: GA1.2.503464759.1726721342
.newscon.org/	1970-01-20 23:40:07	Name: _gid Value: GA1.2.1236398207.1726721343
.newscon.org/	1970-01-20 23:38:41	Name: _gat_gtag_UA_57784662_9 Value: 1
.www.newscon.org/	1970-01-21 09:00:17	Name: usprivacy Value: 1---

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	Message: A bad HTTP response code (404) was received when fetching the script.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.cmp.inmobi.com
cdnjs.cloudflare.com
cmp.inmobi.com
imasdk.googleapis.com
newscon.net
pagead2.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
serving.profitsence.com
serving.stat-rock.com
tags.profitsence.com
unpkg.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.newscon.org
142.251.175.156
144.76.128.227
172.67.170.41
2404:6800:4003:c00::61
2404:6800:4003:c01::5f
2404:6800:4003:c03::5e
2404:6800:4003:c05::8a
2404:6800:4003:c0f::94
2600:9000:223b:800:1b:cadc:ef40:93a1
2606:4700:3033::ac43:aa29
2606:4700::6811:180e
2606:4700::6811:f6cb
51.79.250.224
52.59.78.184
74.125.200.102
74.125.200.105
74.125.200.154
74.125.200.99
95.217.58.251
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0968837a337df2748ab54477ea6203a095da6b9c51cd4c33694d8cc0df38faa5
16b7dfb1b5485e46b53e9b388e3baa11fe009ea91eb3071bc4af261950611e90
1a1214ab20f3f1369383037c1f83a60fd3157e8d9ba7f24e13cca374bcc2ac38
22a08b7892a5d6e15823916802363eccfe756df8be0cb2f7c910557c230bc518
23c7ce5c8fe7a91ccaa3d15a800ad5186faf19d7ee61e43948fdc9767c0742c8
3afdccf9f0dd4c0a891584211e9006905551d8cb90c0c64663cee7a3c2feb797
3c8cb49f3e2f94dc2521361a4d7b5d6156ed611ba25da3e67921ee5f907b1ef8
4943e91f7f53318d481ca07297395abbc52541c2be55d7276ecda152cd7ad9c3
54324bcceff03dbc7a1482a4589a321dc190a1419ef190553b8351d7c7648716
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5b9cfa0283d9a9f6a909df2b61c9933c11130343f08aec96cdd8f49c29972526
5becb5d3cc04965964731286f783fc878476c2808f387982f6390b07172c05c3
60f89923f5d8de745bd47a363d1d5dbd7cd0924192f8ec30bf65cee2f575ebc6
6526af87d06c443d8c396322e77d1789ab7fea474b7ca35183a5ea13b4b5c4ff
6b2fbcf56b81553fd91d8ababd2313424528482d89594d7b541708878c9c7684
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7409660bc78140b7f76a54a661cd00889a25fe2d16002bfd66eeb76fd5422a48
7c9e9d369b235905c32e3ae399f4499cc30e60a1180be631d548ca2f98099ac1
94d49d382861a206a7c2c07456a6ba7fdba3c6ff22f8fbb23e90c72ffa0acb43
a2db6f5816e22bc5c271d00a5f39c5bed544219fa9ec6620e9028704c58799a1
a432a015f1cd9f6c3c73a8bca53a8d305e8af398e75b21370c024107a11c07a9
a5967fdaf1d23974f34a00ea435e9617381f65d4e6b98a1109631a1851d26776
a6187f739d9614daece8600e68f18b4aef7008db7f172339ae903ea0cae7221c
abb9eded59e356b99a573d6bce7be0919e04dbe6cc4197a73f656f323697ee69
b3321646b267b08b6cf88cc952315c4e04e1f5b5275f31f7f195fbf203da8428
b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2
b961d9ad6b6aae8d1def1387fc5b53d2ebaa6f262e8d9fabcd512299dfc68eee
bc7eff0d6c87d05b40da1a92e351883d527d9b01c86048e1a928c615e12c3025
bfd10978f925c773ed67664c1f0b0b243ed99abf55187b9c961f9f89529c2adb
c42e72e932c1ab4e2d8ad405bcf43330fe279a7049376f9865cd2f24f8b83be5
c74835aa9ce7202c93e6ec8d3de6d700c93968d78ee1aec606f3e46d2dcc9895
cf852c4319bc0c0fd4cac6a3b4ba61bc80c4cef8a8a646e238d15a9b08899976
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d397112399ea2c51ae330174a2db972adc0b2a8edd90f9bff7f249ce0f0bbe99
d8090ca250ec22513c900d02355211826e6614674839a19e8401935fc2b30402
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
d8fefb6ef3eb57a87850a6890b72010d3a2b39c0f1e02160f993c392ebd6414a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfdc8b42a711c151b1ec53aeb71a0dc609833d1225c07bf9cc88bd29c201b6c9
dff4fa840b02caf2b7d59fdce38a1658db0682f41e315ac1100871a09b95014b
e879eb5127bfbcada0bf0daef26a48cf681dd8fc96e03042f189d0b07bcd8f78
fae2d533b169d904322d752cbf220a9329b7f454e8081f119a784c4a9d4ae74b

www.newscon.org Open in urlscan Pro 51.79.250.224 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

59 Requests

100 %HTTPS

47 %IPv6

15 Domains

18 Subdomains

20 IPs

4 Countries

1351 kBTransfer

6182 kBSize

8 Cookies

1 Outgoing links

Page URL History

Redirected requests

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.newscon.org Open in urlscan Pro
51.79.250.224 Public Scan

Screenshot
Live screenshot

Full Image

59
Requests

100 %
HTTPS

47 %
IPv6

15
Domains

18
Subdomains

20
IPs

4
Countries

1351 kB
Transfer

6182 kB
Size

8
Cookies

59 HTTP transactions
1 data transactions