urlscan.io logo urlscan.io
SecurityTrails logo

newsy.npa-ar.com Open in urlscan Pro
2606:4700:3036::ac43:a438  Public Scan

Go To Rescan Add Verdict Report
URL: https://newsy.npa-ar.com/
Submission: On December 12 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 1 countries across 14 domains to perform 127 HTTP transactions. The main IP is 2606:4700:3036::ac43:a438, located in United States and belongs to CLOUDFLARENET, US. The main domain is newsy.npa-ar.com.
TLS certificate: Issued by E1 on November 1st 2023. Valid for: 3 months.
This is the only time newsy.npa-ar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

23    2606:4700:3036::ac43:a438 (United States)

ASN13335 (CLOUDFLARENET, US)
newsy.npa-ar.com
news.npa-ar.com
5    2606:4700:3031::6815:fcd (United States)

ASN13335 (CLOUDFLARENET, US)
new.npa-ar.com
www.npa-ar.com
4    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
15    2607:f8b0:4004:c1f::9c (Washington, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2607:f8b0:4004:c1f::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
11    2607:f8b0:4004:c1d::9c (Washington, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2607:f8b0:4004:c1b::8a (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
14    2607:f8b0:4004:c1d::8a (Washington, United States)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
22    2607:f8b0:4004:c09::84 (Ashburn, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2607:f8b0:4004:c1b::93 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google.com
3    2607:f8b0:4004:c08::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2607:f8b0:4004:c06::5e (Washington, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    2607:f8b0:4004:c07::9c (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    35.236.111.14 (Los Angeles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 14.111.236.35.bc.googleusercontent.com
rtb.ads.us-west.travelaudience.com
2    2607:f8b0:4004:c1b::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    172.253.62.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f154.1e100.net
www.googleadservices.com
1    35.244.170.237 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 237.170.244.35.bc.googleusercontent.com
static.travelaudience.com
7    184.31.62.25 (Atlanta, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-62-25.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
1    129.80.52.16 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
mb.moatads.com
6    184.31.50.25 (Atlanta, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-50-25.deploy.static.akamaitechnologies.com
travel198849194933.s.moatpixel.com
Apex Domain
Subdomains		 Transfer
37 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
538 KB
28 npa-ar.com
newsy.npa-ar.com
new.npa-ar.com
www.npa-ar.com
news.npa-ar.com
470 KB
16 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1404
www.google.com — Cisco Umbrella Rank: 2
72 KB
11 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
125 KB
8 moatads.com
z.moatads.com — Cisco Umbrella Rank: 653
mb.moatads.com — Cisco Umbrella Rank: 766
px.moatads.com — Cisco Umbrella Rank: 594
115 KB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
79 KB
6 moatpixel.com
travel198849194933.s.moatpixel.com — Cisco Umbrella Rank: 41895
1 KB
5 travelaudience.com
rtb.ads.us-west.travelaudience.com — Cisco Umbrella Rank: 81318
static.travelaudience.com — Cisco Umbrella Rank: 49747
330 KB
4 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 138
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
257 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204
195 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
3 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
255 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
91 KB
127 14
Domain Requested by
22 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
newsy.npa-ar.com
22 newsy.npa-ar.com 4 redirects newsy.npa-ar.com
15 pagead2.googlesyndication.com newsy.npa-ar.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
14 fundingchoicesmessages.google.com pagead2.googlesyndication.com
11 googleads.g.doubleclick.net 2 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
6 travel198849194933.s.moatpixel.com
6 px.moatads.com rtb.ads.us-west.travelaudience.com
5 www.gstatic.com googleads.g.doubleclick.net
4 www.googleadservices.com
4 rtb.ads.us-west.travelaudience.com newsy.npa-ar.com
rtb.ads.us-west.travelaudience.com
4 www.googletagservices.com googleads.g.doubleclick.net
newsy.npa-ar.com
4 cdnjs.cloudflare.com newsy.npa-ar.com
cdnjs.cloudflare.com
4 new.npa-ar.com newsy.npa-ar.com
3 fonts.googleapis.com googleads.g.doubleclick.net
2 fonts.gstatic.com fonts.googleapis.com
2 www.google.com 1 redirects tpc.googlesyndication.com
1 mb.moatads.com z.moatads.com
1 z.moatads.com rtb.ads.us-west.travelaudience.com
1 static.travelaudience.com rtb.ads.us-west.travelaudience.com
1 www.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com newsy.npa-ar.com
1 news.npa-ar.com 1 redirects
1 www.npa-ar.com 1 redirects
127 23

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
news.google.com
www.npa-ar.com
Subject Issuer Validity Valid
npa-ar.com
E1		 2023-11-01 -
2024-01-30		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
rtb.ads.us-west.travelaudience.com
R3		 2023-12-11 -
2024-03-10		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
static.travelaudience.com
R3		 2023-12-05 -
2024-03-04		 3 months crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-25 -
2024-10-24		 a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-06-20 -
2024-07-20		 a year crt.sh

This page contains 16 frames:

Primary Page: https://newsy.npa-ar.com/
Frame ID: EA9C982658A5A196B395CBA584A7F50A
Requests: 50 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: 6EFE9984B95A54F5CE8F475875126F4E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4707420366058674&output=html&adk=1812271804&adf=3025194257&lmt=1702396436&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1048576%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x1080_l%7C236x1080_r&format=0x0&url=https%3A%2F%2Fnewsy.npa-ar.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702396436144&bpp=8&bdt=151&idt=131&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6202241435946&frm=20&pv=2&ga_vid=408590160.1702396436&ga_sid=1702396436&ga_hid=1746679130&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079920%2C31079922%2C44795921%2C95320884&oid=2&pvsid=1953804348250934&tmod=1148868593&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=164
Frame ID: 8903E7188319210EE60768F9A062C013
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E9F18146D02F168AE9E151BA07BB1E4E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 489EC6AEF139AA36B9F360E2ADAC5B1F
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: FD4B430722292D77F5177AE21D37EF8E
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: F94150B07D0804E9B35D382275A8062B
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 58DF0A7A97F749BE632AF2E06D393D57
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: CC3D2EAE925DB0A6F4A6EBE5968DAE51
Requests: 15 HTTP requests in this frame

Frame: https://rtb.ads.us-west.travelaudience.com/rtb?ads=30000487.0.0.70014672.0.0..0.US.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60023909.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=160&y=600&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUmDeFIJ4Za_CF9j7kPIPu9Gr6AGFsP3kc_Xl_IXRCsCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTQ3MDc0MjAzNjYwNTg2NzTIAQmpAnFU_MewG7I-qAMByAMCqgTzAU_Q-tkqG2ecCGItpq_zk10bc-BB91PDwUgsyNLajohdZDNetfjDp6npPKnjc6CY7_nqCnzJodiL-hSgPkLMy697xNIZLT-uXBWwNUkW5wcYMe3tpT15xU1xQHRNEW_AYzDVXm2LTmSQokHWXXOpEV-SC0e3kqLNclQ4LkMH6baGieNj8BISRNH59UZsKIWJGXZKiZnnSimiqCG1_ojoO3MKN966_U63qSZnmVlXou2Zgfu16kOp6igG1VLNDmHrHfQdOG_T5u4i42GpAL7Ea4f3ck7Ua1pxQtOur4XkLRA0lel5wXIUY9sfABAlDuvb3ekEOIAGh6j87_OIlMWyAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOliE_uv2oIqDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0vQcxTxoDP0wf1YkCjW4yddzQXvg%26client%3Dca-pub-4707420366058674%26adurl%3D&googlewinningprice=ZXiCFAAF4S8IRD3YAArou_9RHTdRQMNKebj9qw&wpc=EUR&site=newsy.npa-ar.com&slotvisibility=1&gcpm=1674741&gpos=1&bidder=bidder-rtb-production-8f594ccb8-qqzcf&dv=1&uuid=&suid=&brq=uX11VIB1bYllXuLOkYR2YZUJZ-is258itqRRjQ&ssp_id=0&l=ar&ts=1702396436&uc=US&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=3&hm=7TFA0Bl5k83q7dMPdrgz6ccAqlPszChMXnYqlFGr3bM=
Frame ID: 94F95660CCAB3F0FED0152FD55D6A53B
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Frame ID: C139E055CA89A20C2A1B7DD4B4998D16
Requests: 7 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: D02B256E74785BFAF1829D8C6787875C
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0A8AF06DC1D1D929A9E18157FA4FC2D5
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Frame ID: A7349C526EA74E4EB1DFE4DD32A58E50
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Frame ID: B664A6F333F51F1D789F311BB949608F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Frame ID: 19A56F4E9C5385537710E34D2A34AE21
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

نبأ العرب

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

127
Requests

94 %
HTTPS

70 %
IPv6

14
Domains

23
Subdomains

21
IPs

1
Countries

2271 kB
Transfer

5396 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://newsy.npa-ar.com/wp-includes/css/dist/block-library/style-rtl.min.css?ver=6.4.2 HTTP 301
  • https://new.npa-ar.com/wp-includes/css/dist/block-library/style-rtl.min.css?ver=6.4.2
Request Chain 2
  • https://newsy.npa-ar.com/wp-content/themes/boxnews/assets/css/bootstrap.rtl.min.css HTTP 301
  • https://new.npa-ar.com/wp-content/themes/boxnews/assets/css/bootstrap.rtl.min.css
Request Chain 6
  • https://www.npa-ar.com/wp-content/uploads/2022/08/%D9%86%D8%A8%D8%A3-%D8%A7%D9%84%D8%B9%D8%B1%D8%A8.png HTTP 301
  • https://news.npa-ar.com/wp-content/uploads/2022/08/%d9%86%d8%a8%d8%a3-%d8%a7%d9%84%d8%b9%d8%b1%d8%a8.png HTTP 301
  • https://newsy.npa-ar.com/wp-content/uploads/2022/08/%d9%86%d8%a8%d8%a3-%d8%a7%d9%84%d8%b9%d8%b1%d8%a8.png
Request Chain 8
  • https://newsy.npa-ar.com/wp-content/themes/boxnews/assets/js/style.js?ver=26.00 HTTP 301
  • https://new.npa-ar.com/wp-content/themes/boxnews/assets/js/style.js?ver=26.00
Request Chain 9
  • https://newsy.npa-ar.com/wp-content/themes/boxnews/assets/js/infinite-scroll.pkgd.min.js?ver=26.00 HTTP 301
  • https://new.npa-ar.com/wp-content/themes/boxnews/assets/js/infinite-scroll.pkgd.min.js?ver=26.00
Request Chain 84
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Ccjr8FIJ4Za7CF9j7kPIPu9Gr6AHk4vehdJmm_NKPEtzZHhABIKu8s0Bgycapi8Ck2A-gAaLqwp4ByAEBqAMByAPLBKoEggJP0H33EeBjSBpTF7xn_tl_53WcPAUv6izmtztx3_QCqNle6SuxDshPLO7HBGxN79BdKC5EqWS_KC6oPTQOV-3BY4-pXC4lwEzDwO9xWABioPVKPRRHY6QxAfeltX0nXRcRV9flbd8zb1yP_d56er-CNA6tz6H5TfpDWw0uOLHvU213OnbVcysmzOhImw6V6KFj5nthxX6-NrkSktFgvNZ7lG6h37tfZtBmXjgawFNH-g6TPD9gORbzZ5S3apfqU6-Cuh_eTB8iua1Mt1VRPVEisODC1SgLwesn7C4kf7kCT7MBWlJ58pKfEJuF1RFIfxeh9vJd6MZATc5oCLCuuU02TpjABKa5w5PHBIgFv7zxtU2SBQQIBBgBkgUECAUYBKAGAoAHxpW94QKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDf8QzSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WIT-6_agioMDmgkcaHR0cHM6Ly93d3cucHZpLmNvbS9wcm9kdWN0c4AKAcgLAaIMECoOCgzktLEC7rWxArW4sQLaDBEKCxDw3dGQoo728ekBEgIBA9gTDNAVAYAXAbIXHAoaCAASFHB1Yi00NzA3NDIwMzY2MDU4Njc0GACyGAMiAQA&sigh=MiLA80gkNg8&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaN7b3VLm8eggc7o3XYCQmt8bYN3lmXXUIXMfmrmyxIWqaekk_fvwNImtICnwareX9Q_4VzImOnXvOaINIsn7tzqh_OW-BIrj7kz6IYAQ&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3c45cface7229ecf0000000000000000%22,%222%22:%220xd9d600b20b4ff6150000000000000000%22,%223%22:%220x16ef5faa278c9ad80000000000000000%22,%224%22:%220x112bf0feebf85c0e0000000000000000%22,%225%22:%220xb93670853fa2a6470000000000000000%22},%22debug_key%22:%22486518231132893315%22,%22debug_reporting%22:true,%22destination%22:%22https://pvi.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22332444962%22],%2222%22:[%22true%22],%224%22:[%2212-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216972714713101226433%22}&andc=true
Request Chain 87
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CKa2dFIJ4ZbDCF9j7kPIPu9Gr6AHy05jJdM_C17f_EePq74OjPxABIKu8s0Bgycapi8Ck2A-gAcLpl5YDyAEJqAMByAPLBKoE-wFP0KYU8W6TeBdVPVtrOiOk4qqAr3pW0vrGh2YugmfWTQPNulHYsl4oMHOqytDrTKNl4JXW50PIZSv5HaUN80kJPo4Dyr4VCogFEgvecpkFAeX2xnD7cuD9iKa4_I3mwLbOol4398BV0exjmwwYjXobEyf0V_AaTwJBmo9ig6Xj_wumyvygBE7bPZ8D0hgbihKhlwtOb9T8AG5LKMNAzEFis4fwwfSVElynbcPKY9MIs6AmM7bow1iyaiF2-KlPBuU5aFqZIGez-2WPari3hpjPoSpIM27M45F1dKnKJP0zQgbrRL9gSBA8DDhJCpV0W70zj5LFzD8F3WZ0cMAE8c_SzbsEiAXOgOOHTKAGLoAHppboaagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEENbbatIIHwiAYRABGB8yAooCOgSAQIBASL39wTpYhP7r9qCKgwOaCRpodHRwOi8vV2VnbWFucy5jb20vaG9saWRheYAKAcgLAaIMECoOCgzktLEC7rWxArW4sQLaDBEKCxDQna7Bgezkh6YBEgIBA7gT5APYEwPQFQGYFgGAFwGyFxwKGggAEhRwdWItNDcwNzQyMDM2NjA1ODY3NBgAshgDIgEA&sigh=61iImJrqXFw&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaN7b3VLm8eggc7o3XYCQmt8bYN3lmXXUIXMfmrmyxIWqaekk_fvwNImtICnwareX9Q_4VzImOnXvOaINIsn7tzqh_OW-BIrj7kz6IYAQ&template_id=484&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd3b9c9f781fb3e6f0000000000000000%22,%222%22:%220x51306adfd4bd499e0000000000000000%22,%223%22:%220xfe072dfb03d6ae740000000000000000%22,%224%22:%220x578839e68cb152d30000000000000000%22,%225%22:%220xccc43a47bf97efbf0000000000000000%22},%22debug_key%22:%226148260928956673457%22,%22debug_reporting%22:true,%22destination%22:%22https://wegmans.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22851834050%22],%2222%22:[%22true%22],%224%22:[%2212-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225585906457133109249%22}&andc=true
Request Chain 94
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

127 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
newsy.npa-ar.com/ 		46 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newsy.npa-ar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3036::ac43:a438 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14ac42c67e9c07d1bad8bea9bab6232b82686aaf15c253a6a85c455ef8a4e1e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
834724943d788c57-EWR
Cache-Control
max-age=0
Cf-Railgun
direct (starting new WAN connection)
Connection
keep-alive
Content-Encoding
br
Content-Type
text/html; charset=UTF-8
Date
Tue, 12 Dec 2023 15:53:55 GMT
Expires
Tue, 12 Dec 2023 15:53:54 GMT
Link
<https://newsy.npa-ar.com/wp-json/>; rel="https://api.w.org/"
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zglgRfd4IxjuX5qnxVV9FdSyeerDOsPkLC0r7mC79Od4wrmOKyqoqdKgNYU3Py2kWKjqLezbLmQ%2FHEnf9ObZaIPlreWHDz3IeFTUHbQpZ2KHgL9gP611ifcQxebDkdH9n3UA%2F8GnfUde5PX%2BkQzN"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Nginx-Upstream-Cache-Status
MISS
X-Server-Powered-By
Engintron
X-Xss-Protection
1; mode=block
style-rtl.min.css
new.npa-ar.com/wp-includes/css/dist/block-library/
Redirect Chain
  • https://newsy.npa-ar.com/wp-includes/css/dist/block-library/style-rtl.min.css?ver=6.4.2
  • https://new.npa-ar.com/wp-includes/css/dist/block-library/style-rtl.min.css?ver=6.4.2
107 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://new.npa-ar.com/wp-includes/css/dist/block-library/style-rtl.min.css?ver=6.4.2
Requested by
Host: newsy.npa-ar.com
URL: https://newsy.npa-ar.com/
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:fcd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
195e8477d09f2cb72a658301e339cc931b55ad134ed59d65f1ad7fea9aa0520e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsy.npa-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 15:53:56 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Encoding
br
Transfer-Encoding
chunked
Connection
keep-alive
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
last-modified
Thu, 16 Nov 2023 15:28:09 GMT
Server
cloudflare
vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=54%2FvA9LIVwGd6cBwVKxMU3qboT3AWQOaj9aanThDrfo4rp8lwwFwB%2BjWrY5kbpdVyMAuDFjGvvkGM%2FXGJ5YmSPDvcEbSYSvwd19kBxVDhcVS0xCRkQc8qfb4rfscx36KE4%2BoOmNwMtdabbyzVg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css; charset=utf-8
Cache-Control
max-age=31536000
CF-RAY
8347249defd972a7-EWR
expires
Fri, 05 Jan 2024 17:55:28 GMT

Redirect headers

Date
Tue, 12 Dec 2023 15:53:56 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UhxVNque5dugVFHo2cEESrlE72ECiq1Ue1nftpvhSNTMhehkz%2Bss64W1KyVSEEjoR5p8AKBc92JeuSulYL5NIj3lPDc%2BjQd5RLkQJCwCZ1Ves2x%2FDCUdZdCRrO%2BWNOQBkQGOdHS8WR4oVCsb50QT"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html; charset=iso-8859-1
location
https://new.npa-ar.com/wp-includes/css/dist/block-library/style-rtl.min.css?ver=6.4.2
Cache-Control
max-age=31536000
CF-RAY
8347249d0f5c8c57-EWR
expires
Sun, 07 Jan 2024 13:47:59 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/ 		58 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Requested by
Host: newsy.npa-ar.com
URL: https://newsy.npa-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsy.npa-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 15:53:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
339839
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10491
last-modified
Mon, 05 Oct 2020 17:43:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f7b5b5f-e7d0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tsn57k7XoFsxSaAAvJVUsuTMuZevjx6%2F%2BA%2FYiRRKK9MRM5WNRbGPeGTR90Tl2EI2lEjolAdN71BaELT7I9mb6BYPADloWHzZ6KjPPidpYmls3vNfF9VaNIUYceTgWvbeGUGu84myFQEGWr%2Fe4xWQtAUz"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8347249d2e501821-EWR
expires
Sun, 01 Dec 2024 15:53:56 GMT
bootstrap.rtl.min.css
new.npa-ar.com/wp-content/themes/boxnews/assets/css/
Redirect Chain
  • https://newsy.npa-ar.com/wp-content/themes/boxnews/assets/css/bootstrap.rtl.min.css
  • https://new.npa-ar.com/wp-content/themes/boxnews/assets/css/bootstrap.rtl.min.css
150 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://new.npa-ar.com/wp-content/themes/boxnews/assets/css/bootstrap.rtl.min.css
Requested by
Host: newsy.npa-ar.com
URL: https://newsy.npa-ar.com/
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:fcd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b023b1d27287f33aa24ac8f77d5d5f2ca9688eba142a9656927bbd778894614
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsy.npa-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 15:53:56 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Encoding
br
Transfer-Encoding
chunked
Connection
keep-alive
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
last-modified
Wed, 16 Nov 2022 13:12:54 GMT
Server
cloudflare
vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eHr1qxHW0VfYOWpKzQ40wViq8Ik6GRuigpqTZdfiBS9G4Qi90KBIuux12KIfn45csluZeAXLzGDgjJmvIF7RKrkUQy5M26IBX2vv%2F%2B4xPEE72qzgay%2FeF%2BFMCUvvnmbo%2F12Lhg%2B5BQeUF2SbJA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css; charset=utf-8
Cache-Control
max-age=31536000
CF-RAY
8347249e3dfa41e1-EWR
expires
Sat, 16 Dec 2023 16:36:06 GMT

Redirect headers

Date
Tue, 12 Dec 2023 15:53:56 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1XDilavfFPwvo5%2F33lcuSt8UucD5kKLQic3GL%2B2hDn9X3asuj2mUd%2F%2B51FdCOCF882HUbe9z1mBO8lpgWmeiLFM1zX5%2F1F6EaAxsHpOnQSCPFtB960mtOzRxUtB6faMhOv06IT4Q%2FDFdezNrbEa0"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html; charset=iso-8859-1
location
https://new.npa-ar.com/wp-content/themes/boxnews/assets/css/bootstrap.rtl.min.css
Cache-Control
max-age=31536000
CF-RAY
8347249d2a82438e-EWR
expires
Sun, 07 Jan 2024 13:48:00 GMT
style.css
newsy.npa-ar.com/wp-content/themes/boxnews/ 		31 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsy.npa-ar.com/wp-content/themes/boxnews/style.css?ver=26.00
Requested by
Host: newsy.npa-ar.com
URL: https://newsy.npa-ar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3036::ac43:a438 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfe350c0f72aeed783d9eeff37ca9b36391334324ef62397b6e1bebaf324e530
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsy.npa-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 15:53:56 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Encoding
br
Cf-Polished
origSize=38497
Transfer-Encoding
chunked
Connection
keep-alive
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
Cf-Bgj
minify
last-modified
Wed, 16 Nov 2022 13:12:54 GMT
Server
cloudflare
vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nl2Appo0%2Bmw0e%2FvP8%2FzBHmL7J%2BTxLOd2h8RSN%2FHI6SZtjmE6voNSgkrjKxlEpCaRjg9uXw%2B0GEMbeXJmvl52rjcOQ%2BS3k1cJIODajYicUqgIL0ix4%2F36vFDg0eAnXJJHaKi2niamEaqF7tG0qTdR"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css; charset=utf-8
Cache-Control
max-age=31536000
CF-RAY
8347249d2eb142a9-EWR
expires
Sun, 07 Jan 2024 19:34:21 GMT
Greta_Arabic_Regular.otf
newsy.npa-ar.com/wp-content/themes/boxnews/assets/fonts/ 		376 KB
90 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://newsy.npa-ar.com/wp-content/themes/boxnews/assets/fonts/Greta_Arabic_Regular.otf
Requested by
Host: newsy.npa-ar.com
URL: https://newsy.npa-ar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3036::ac43:a438 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d791ce5dac426e6f09e019b704a5bb8d7bba3da761c1a54d9c506760682ddc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://newsy.npa-ar.com/
Origin
https://newsy.npa-ar.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 15:53:56 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Encoding
br
Transfer-Encoding
chunked
Connection
keep-alive
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
last-modified
Wed, 16 Nov 2022 13:12:54 GMT
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0JWHfCQgds%2BFP8D7lQlqbXjsoXwWG%2FVWaznw5PtSyp2yLA1tvuSg3itn1fAKXMVX8FBRI0qsC6k7g4snpQDcFr2FcW3lrWrwtFPNPOLyX6pOrluN5qfaqavDqrVLsiAxhCNj%2B%2FZRZYaa9C0LJYQ9"}],"group":"cf-nel","max_age":604800}
Content-Type
font/otf
access-control-allow-origin
*
Cache-Control
max-age=31536000
CF-RAY
8347249d2c5e41a3-EWR
expires
Wed, 07 Feb 2024 13:36:48 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: newsy.npa-ar.com
URL: https://newsy.npa-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f1d0262922fb2d07d631a1ffd02f42c0a093a2f41ab4d28de0e236fb50907f57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsy.npa-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 15:53:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51685
x-xss-protection
0
server
cafe
etag
720302948892244501
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 15:53:56 GMT
%d9%86%d8%a8%d8%a3-%d8%a7%d9%84%d8%b9%d8%b1%d8%a8.png
newsy.npa-ar.com/wp-content/uploads/2022/08/
Redirect Chain
  • https://www.npa-ar.com/wp-content/uploads/2022/08/%D9%86%D8%A8%D8%A3-%D8%A7%D9%84%D8%B9%D8%B1%D8%A8.png
  • https://news.npa-ar.com/wp-content/uploads/2022/08/%d9%86%d8%a8%d8%a3-%d8%a7%d9%84%d8%b9%d8%b1%d8%a8.png
  • https://newsy.npa-ar.com/wp-content/uploads/2022/08/%d9%86%d8%a8%d8%a3-%d8%a7%d9%84%d8%b9%d8%b1%d8%a8.png
28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsy.npa-ar.com/wp-content/uploads/2022/08/%d9%86%d8%a8%d8%a3-%d8%a7%d9%84%d8%b9%d8%b1%d8%a8.png
Requested by
Host: newsy.npa-ar.com
URL: https://newsy.npa-ar.com/
Protocol
HTTP/1.1
Server
2606:4700:3036::ac43:a438 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bad191f0a21aa3e894ee65aeca70ff5340dbdef5873e3d17866d3e4132702ae5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsy.npa-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 15:53:56 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Content-Length
28923
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
last-modified
Fri, 04 Nov 2022 21:31:39 GMT
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c5RsQk8Grzenfsdyrlznib8DgiudI8LZihdxEwZ8OwdcbbxmmSpK3zJ8tip3cDJz3G4sgBcGBR%2FNQV3ggpFJq1yO%2Bru%2Fxl0dTFwN9HSxkKgX8G%2FqGz3lJGi5uLumLqvvQ1sVV%2FuVsneIf05MTrp3"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=31536000
Accept-Ranges
bytes
CF-RAY
8347249f6a7a8c57-EWR
expires
Tue, 06 Feb 2024 19:49:17 GMT

Redirect headers

Date
Tue, 12 Dec 2023 15:53:56 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vOqoo7FXxDbLLVUjNAotC6D7GL0fk%2FQzD15NBDACbsqqzeW0UEAlPatixgjePRCuqQ6hpY36SkjX0IExm0gko%2BL6tb5gT7K8lH3wEHEo%2BVDCHEa5LHV9P3fFztWy9yXnge3Z%2FONVtjO2KV%2BXrP0%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html; charset=iso-8859-1
location
https://newsy.npa-ar.com/wp-content/uploads/2022/08/%d9%86%d8%a8%d8%a3-%d8%a7%d9%84%d8%b9%d8%b1%d8%a8.png
Cache-Control
max-age=31536000
CF-RAY
8347249e9ca732fa-EWR
expires
Wed, 07 Feb 2024 13:22:44 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: newsy.npa-ar.com
URL: https://newsy.npa-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsy.npa-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 15:53:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1049507
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27958
last-modified
Mon, 04 May 2020 23:01:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb09ed3-15d84"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GUUYRZMUZRr2o%2B%2Bl6jVraB7SGTVdeLBDfqkEBBda4J5EGcEw5uOLqlNAVOBmWWwyvJ2j0nYjtVgcjHqrRcad%2FxvRPMLMN5n5yFF96r7Zqnfzhfgeu6bJWDHq9Enm%2F9wcU84Z2oa3GPURG7eEZ8HEfN7S"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8347249d2e521821-EWR
expires
Sun, 01 Dec 2024 15:53:56 GMT
style.js
new.npa-ar.com/wp-content/themes/boxnews/assets/js/
Redirect Chain
  • https://newsy.npa-ar.com/wp-content/themes/boxnews/assets/js/style.js?ver=26.00
  • https://new.npa-ar.com/wp-content/themes/boxnews/assets/js/style.js?ver=26.00
6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://new.npa-ar.com/wp-content/themes/boxnews/assets/js/style.js?ver=26.00
Requested by
Host: newsy.npa-ar.com
URL: https://newsy.npa-ar.com/
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:fcd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3796a6aa057eb4a0aaa1de935cc95b1250f8eaa4f790e9c5896a60d29b60394b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsy.npa-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 15:53:56 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Encoding
br
Cf-Polished
origSize=7115
Transfer-Encoding
chunked
Connection
keep-alive
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
Cf-Bgj
minify
last-modified
Wed, 16 Nov 2022 13:12:54 GMT
Server
cloudflare
vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eDpJHxZpMt%2F2GrR8KJOuiX9zqWcyhPGD%2FuvOa85QCXVCi0703HiAcGQIm3JBVguOx6rfhJCLWPWs6DzU6A%2BxqlXaZuPbnC9xe2MxN3jr2ab1zKH7FqEMaT%2FMStJio0pOtFYQ0sfOpfpxAWeZtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=31536000
CF-RAY
8347249def0541bb-EWR
expires
Sun, 31 Dec 2023 11:44:48 GMT

Redirect headers

Date
Tue, 12 Dec 2023 15:53:56 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
186556
Transfer-Encoding
chunked
Connection
keep-alive
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9aQ811TKVI7cEF0uXo%2FuZyBfFNfmRzcN14t7%2FDaSfvdRj%2Bp1oC0fo2vSGEB2VLr7LEoRs4kew8%2FO4UPDhnV6fet%2BPg%2BEGvHechZBj3qqODzuAnH1TXNkiEYptpImWIzYYVrG7fA1uEraGS2wNlWO"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html; charset=iso-8859-1
location
https://new.npa-ar.com/wp-content/themes/boxnews/assets/js/style.js?ver=26.00
Cache-Control
max-age=31536000
CF-RAY
8347249d4f9d4340-EWR
expires
Sun, 07 Jan 2024 13:47:58 GMT
infinite-scroll.pkgd.min.js
new.npa-ar.com/wp-content/themes/boxnews/assets/js/
Redirect Chain
  • https://newsy.npa-ar.com/wp-content/themes/boxnews/assets/js/infinite-scroll.pkgd.min.js?ver=26.00
  • https://new.npa-ar.com/wp-content/themes/boxnews/assets/js/infinite-scroll.pkgd.min.js?ver=26.00
22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://new.npa-ar.com/wp-content/themes/boxnews/assets/js/infinite-scroll.pkgd.min.js?ver=26.00
Requested by
Host: newsy.npa-ar.com
URL: https://newsy.npa-ar.com/
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:fcd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c9e9d369b235905c32e3ae399f4499cc30e60a1180be631d548ca2f98099ac1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsy.npa-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 15:53:56 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Encoding
br
Transfer-Encoding
chunked
Connection
keep-alive
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
last-modified
Wed, 16 Nov 2022 13:12:54 GMT
Server
cloudflare
vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iW2qU4YY%2Fl8%2BhSW%2FZsl5pRXk4U4ZnbPX%2BqV5Xrmg2uqIMrsyndkK5clBEdwG30l0x6Tm98k3XH64gAR46NZRy2PXHZOd%2F2mFfQgGrRdDMdFwnwTSbDc7EQYUbXmO9qyDCCS9zSNS9TpV0qAJwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=31536000
CF-RAY
8347249e4b5015d7-EWR
expires
Sat, 16 Dec 2023 16:36:06 GMT

Redirect headers

Date
Tue, 12 Dec 2023 15:53:56 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OxWqZJUkwfsNjWTLjb82QnJaawZkRCHddYM8t6U0ViweiwGMSaTUCwBCadcY6KqorifoqspcOMmeoF%2FUo291EhfZrD8nzA8cmdhnt3Tj6jeul01JJYyYMS%2Fo%2BcwJ9zmkaoKa%2FsD5aoJVqWYvYVzf"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html; charset=iso-8859-1
location
https://new.npa-ar.com/wp-content/themes/boxnews/assets/js/infinite-scroll.pkgd.min.js?ver=26.00
Cache-Control
max-age=31536000
CF-RAY
8347249d49e141b4-EWR
expires
Sun, 07 Jan 2024 13:47:57 GMT
js
www.googletagmanager.com/gtag/ 		274 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-SZQR7EM7CF
Requested by
Host: newsy.npa-ar.com
URL: https://newsy.npa-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8e77ee76ea58ba3a2a994eb5a48ce35efed6b6ba0f722b0f307ac44136e90ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsy.npa-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 15:53:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92957
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 12 Dec 2023 15:53:56 GMT
3db1b81e-d9b3-4307-b43f-e78fd4e03dbd
https://newsy.npa-ar.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://newsy.npa-ar.com/3db1b81e-d9b3-4307-b43f-e78fd4e03dbd
Requested by
Host: newsy.npa-ar.com
URL: https://newsy.npa-ar.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/ 		398 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0a90312fefe9f75b6b8556c7890d4abe9908d92efdf75af65d1a192d19ecc879
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsy.npa-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 15:53:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137679
x-xss-protection
0
server
cafe
etag
12377527535816188630
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 15:53:56 GMT
%D9%82%D9%86%D8%A7%D8%A9-%D8%B7%D9%8A%D9%88%D8%B1-%D8%A7%D9%84%D8%AC%D9%86%D8%A9-800x500.jpg
newsy.npa-ar.com/wp-content/uploads/2023/12/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsy.npa-ar.com/wp-content/uploads/2023/12/%D9%82%D9%86%D8%A7%D8%A9-%D8%B7%D9%8A%D9%88%D8%B1-%D8%A7%D9%84%D8%AC%D9%86%D8%A9-800x500.jpg
Requested by
Host: newsy.npa-ar.com
URL: https://newsy.npa-ar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3036::ac43:a438 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23af37c238db1f35002c67ffb4ed1cab7a208eb1fea456867fa5a397dffa3b3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsy.npa-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 15:53:56 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Content-Length
69146
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
last-modified
Sat, 09 Dec 2023 11:15:29 GMT
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RuOlgnRJ2M0aNy2bK3gaa76VEJl9411bchR9j5sdGOw0c3oTZsobHoMaFeHohBggYvU6MBcnncd%2FYhQunhXXo0KHQBGdFQ3gST14aWx3l%2BGrpFZB27gsJyCt6%2B2o2V1v%2BRFoFdgt5dIiKnaEImR1"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
CF-RAY
8347249dfb8e438e-EWR
expires
Wed, 07 Feb 2024 11:15:42 GMT
%D9%82%D9%86%D8%A7%D8%A9-%D9%88%D9%86%D8%A7%D8%B3%D8%A9-360x360.jpg
newsy.npa-ar.com/wp-content/uploads/2023/12/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsy.npa-ar.com/wp-content/uploads/2023/12/%D9%82%D9%86%D8%A7%D8%A9-%D9%88%D9%86%D8%A7%D8%B3%D8%A9-360x360.jpg
Requested by
Host: newsy.npa-ar.com
URL: https://newsy.npa-ar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3036::ac43:a438 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f63ba96530d176cb3d229a186a5000c30593302b5c93a49c94846748158e6c8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsy.npa-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 15:53:56 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
186555
Connection
keep-alive
Content-Length
28978
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
last-modified
Sat, 09 Dec 2023 09:56:53 GMT
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qVZutg%2Fbin2tcmqyAPjEwZP3IWjcjcBcmrvWm6oidcceJuZAZFDZwd%2F0a%2BtMsqxoWzetak4rBcfWqbdNMhUMpaFRqMku3v0Frohq8XGwkK7EXPCQLaISeYb7Jb%2FK2ZA5PPx7HIEnDnevV4HUj4oe"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
CF-RAY
8347249e0ac941b4-EWR
expires
Wed, 07 Feb 2024 09:56:58 GMT
%D8%AA%D8%B1%D8%AF%D8%AF-%D9%82%D9%86%D8%A7%D8%A9-%D8%A7%D9%88%D9%86-%D8%AA%D8%A7%D9%8A%D9%85-%D8%B3%D8%A8%D9%88%D8%B1%D8%AA-%D8%A7%D9%84%D8%A7%D8%B1%D8%B6%D9%8A%D8%A9-2-360x360.jpg
newsy.npa-ar.com/wp-content/uploads/2023/12/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsy.npa-ar.com/wp-content/uploads/2023/12/%D8%AA%D8%B1%D8%AF%D8%AF-%D9%82%D9%86%D8%A7%D8%A9-%D8%A7%D9%88%D9%86-%D8%AA%D8%A7%D9%8A%D9%85-%D8%B3%D8%A8%D9%88%D8%B1%D8%AA-%D8%A7%D9%84%D8%A7%D8%B1%D8%B6%D9%8A%D8%A9-2-360x360.jpg
Requested by
Host: newsy.npa-ar.com
URL: https://newsy.npa-ar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3036::ac43:a438 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c45a8049f68a94c1f68e2dfbd4822a6f789c2e43e5a959d523c4af75c36f673a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsy.npa-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 15:53:56 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Content-Length
9021
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
last-modified
Fri, 08 Dec 2023 14:12:57 GMT
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A1XLHPVZEcILbrUtlsWT8kaADKqdb3ORZABLURIMf5tcDExsvYNL9cllc2gCwAAJS6KYD1iekCiyZg3WPx2ChXsVc%2F3QIZyCS2IIohDrFHnnuJwMoyXJeeqF1GUuQN3GQ8Y7r50RbqYoqngOng54"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
CF-RAY
8347249e2b0541b4-EWR
expires
Tue, 06 Feb 2024 14:12:59 GMT
%D8%AA%D8%B1%D8%AF%D8%AF-%D9%82%D9%86%D8%A7%D8%A9-dmc-360x360.jpg
newsy.npa-ar.com/wp-content/uploads/2023/12/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsy.npa-ar.com/wp-content/uploads/2023/12/%D8%AA%D8%B1%D8%AF%D8%AF-%D9%82%D9%86%D8%A7%D8%A9-dmc-360x360.jpg
Requested by
Host: newsy.npa-ar.com
URL: https://newsy.npa-ar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3036::ac43:a438 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
100cb93c46eec2a8900166932e5be20504320cb310a5ec5dff75bcad1d34fd55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsy.npa-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 15:53:56 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Content-Length
7476
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
last-modified
Fri, 08 Dec 2023 11:23:08 GMT
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NozspSIeJjzuDZyhydBjLX%2BsgV17camo%2FbwZRiYtuXSNxP7MVrDc8fPtoN%2BP9IKR4CsrO%2BjGXpZv8iDLKKVidHyc6YSsFiRcGJpsxVTYGKpTgyC4sNqJWIPxV%2FPjh7gmI4t5vhvfwnuJD4x51kP%2F"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
CF-RAY
8347249e9e2d41a3-EWR
expires
Tue, 06 Feb 2024 13:48:58 GMT
%D9%82%D9%86%D8%A7%D8%A9-%D8%A7%D9%84%D8%A3%D9%87%D9%84%D9%8A-360x360.jpg
newsy.npa-ar.com/wp-content/uploads/2023/12/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsy.npa-ar.com/wp-content/uploads/2023/12/%D9%82%D9%86%D8%A7%D8%A9-%D8%A7%D9%84%D8%A3%D9%87%D9%84%D9%8A-360x360.jpg
Requested by
Host: newsy.npa-ar.com
URL: https://newsy.npa-ar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3036::ac43:a438 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6048295087d54416739bad1466785885c003f8c3c98552454d1b7ed593050d9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsy.npa-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 15:53:56 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Content-Length
15678
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
last-modified
Fri, 08 Dec 2023 11:21:36 GMT
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ma7xin2%2BC3UbtOBh%2BJBM7DoEikBe0Of3Zk%2Fbg%2B55fZQBBwcD8lD%2B7MZm%2Bsy%2FIgsLgnCACvZR0bjgscMVt2G4iMkgJlr1DEfUfNhEKxJzre87RVl9Xey3%2B2WryhRxFwTUKxI5P%2B%2FHDiJ67Csm6fZF"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
CF-RAY
8347249ea84042a9-EWR
expires
Tue, 06 Feb 2024 13:48:58 GMT
%D9%82%D9%86%D8%A7%D8%A9-%D8%B7%D9%8A%D9%88%D8%B1-%D8%A7%D9%84%D8%AC%D9%86%D8%A9-360x360.jpg
newsy.npa-ar.com/wp-content/uploads/2023/12/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsy.npa-ar.com/wp-content/uploads/2023/12/%D9%82%D9%86%D8%A7%D8%A9-%D8%B7%D9%8A%D9%88%D8%B1-%D8%A7%D9%84%D8%AC%D9%86%D8%A9-360x360.jpg
Requested by
Host: newsy.npa-ar.com
URL: https://newsy.npa-ar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3036::ac43:a438 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32dd298ca028d53286d1af7858275a151acfd28e66f94ec55827c7df396b856f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsy.npa-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 15:53:56 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Content-Length
25769
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
last-modified
Sat, 09 Dec 2023 11:15:29 GMT
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TxbXuv%2FEpMcHhBF%2BXbIqbTjbg%2FXGTVbIN6QEb0A4%2FPM%2FUuYam571hvRomRfxE3s3pvpPkJL%2F896%2Fhe5fRF0ai3E0q2TuKBG7sDwIuavLKamK3alAnYhGcILG8v%2B2yU8X3wFKwGiScZ46CD607gvU"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
CF-RAY
8347249eb9a78c57-EWR
expires
Wed, 07 Feb 2024 11:15:35 GMT
%D8%AA%D8%B1%D8%AF%D8%AF-%D9%82%D9%86%D8%A7%D8%A9-CBC-%D8%B3%D9%81%D8%B1%D8%A9-360x360.jpg
newsy.npa-ar.com/wp-content/uploads/2023/12/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsy.npa-ar.com/wp-content/uploads/2023/12/%D8%AA%D8%B1%D8%AF%D8%AF-%D9%82%D9%86%D8%A7%D8%A9-CBC-%D8%B3%D9%81%D8%B1%D8%A9-360x360.jpg
Requested by
Host: newsy.npa-ar.com
URL: https://newsy.npa-ar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3036::ac43:a438 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
941c8872d1d2677e2aeee186087d9e9c9886fcf1067ab9541b4ce5138e5480ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsy.npa-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 15:53:56 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Content-Length
19650
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
last-modified
Fri, 08 Dec 2023 11:17:59 GMT
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vV%2FHgfqdUO8QAkpHFqRf%2Ff11p%2BGCeaCKvGD1GpPr4HALmBiN%2F0vUU1qWnJxqeUC5uT84qysLzG%2BlXUhRcd1sk5FV0DaCBmiKfEP%2Bbj9EGBiH2QSZs7VL%2FwWf8Lx%2FgSCgC7JAJk%2BNHddgaRwq647u"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
CF-RAY
8347249efce6438e-EWR
expires
Wed, 07 Feb 2024 13:22:45 GMT
%D8%AA%D8%B1%D8%AF%D8%AF-%D9%82%D9%86%D8%A7%D8%A9-%D9%86%D8%AC%D9%88%D9%85-%D8%A5%D9%81-%D8%A5%D9%85-%D8%A7%D9%84%D8%AC%D8%AF%D9%8A%D8%AF-2024-%D8%B9%D9%84%D9%89-%D8%A7%D9%84%D9%86%D8%A7%D9%8A%D9%8...
newsy.npa-ar.com/wp-content/uploads/2023/12/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsy.npa-ar.com/wp-content/uploads/2023/12/%D8%AA%D8%B1%D8%AF%D8%AF-%D9%82%D9%86%D8%A7%D8%A9-%D9%86%D8%AC%D9%88%D9%85-%D8%A5%D9%81-%D8%A5%D9%85-%D8%A7%D9%84%D8%AC%D8%AF%D9%8A%D8%AF-2024-%D8%B9%D9%84%D9%89-%D8%A7%D9%84%D9%86%D8%A7%D9%8A%D9%84-%D8%B3%D8%A7%D8%AA-Nogoum-FM-360x360.png
Requested by
Host: newsy.npa-ar.com
URL: https://newsy.npa-ar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3036::ac43:a438 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f56ce4338e30517753626db01341945a8a5597a939116cef3d8739608cbeb59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsy.npa-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 15:53:56 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Content-Length
26605
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
last-modified
Thu, 07 Dec 2023 21:53:51 GMT
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kvHj4TR6J5JN3LdQc6ShIzE6S2NWkiWmHvK5eph7jcIPeVwu%2B8xKUkzCxLsQPJMJSEQbHJbbHwCHiT6m2PEnONfGDAu8e02e6mG3uYdbrECE83J3HXD5BSbNovLGRhGzO9s9fjS1L4ivdy85dZle"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=31536000
Accept-Ranges
bytes
CF-RAY
8347249f1a374340-EWR
expires
Tue, 06 Feb 2024 13:48:58 GMT
%D9%82%D9%86%D8%A7%D8%A9-%D8%AF%D9%8A-%D8%A7%D9%85-%D8%B3%D9%8A-dmc-360x360.jpg
newsy.npa-ar.com/wp-content/uploads/2023/12/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsy.npa-ar.com/wp-content/uploads/2023/12/%D9%82%D9%86%D8%A7%D8%A9-%D8%AF%D9%8A-%D8%A7%D9%85-%D8%B3%D9%8A-dmc-360x360.jpg
Requested by
Host: newsy.npa-ar.com
URL: https://newsy.npa-ar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3036::ac43:a438 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8042c4882acd75919e0e9247fa914b5cd715fd157caa78462c8982989bbd66f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsy.npa-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 15:53:56 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
186554
Connection
keep-alive
Content-Length
8638
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
last-modified
Thu, 07 Dec 2023 13:10:22 GMT
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j5jxXfxd9jYXLhw4hOnZmCEyUfIusNENJVTIAdT8gwDjyao6%2BUHgZHfAxHwcczkm318v0UTwJGeBeM%2BaAuS%2Fq7bcIEhl2qMK%2BwvXLYGHa0krXZQxJhn2MOy0v%2FD58VwBymv9%2Fb6o49HdQyJgY2vT"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
CF-RAY
8347249f6f7241a3-EWR
expires
Tue, 06 Feb 2024 13:48:58 GMT
%D9%82%D9%86%D8%A7%D8%A9-%D8%A7%D9%85-%D8%A8%D9%8A-%D8%B3%D9%8A-3-%D9%8A%D9%88%D8%AA%D9%8A%D9%88%D8%A8-360x360.jpg
newsy.npa-ar.com/wp-content/uploads/2023/12/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsy.npa-ar.com/wp-content/uploads/2023/12/%D9%82%D9%86%D8%A7%D8%A9-%D8%A7%D9%85-%D8%A8%D9%8A-%D8%B3%D9%8A-3-%D9%8A%D9%88%D8%AA%D9%8A%D9%88%D8%A8-360x360.jpg
Requested by
Host: newsy.npa-ar.com
URL: https://newsy.npa-ar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3036::ac43:a438 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5adac4239779654faa206ed1af2a8623dd1399f1afd8be8b8dcb904342ad7918
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsy.npa-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 15:53:56 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Content-Length
8569
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
last-modified
Thu, 07 Dec 2023 10:26:24 GMT
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eLGQ3%2FHDdKTv6Sm7aysUPOoyiKKCH98Dl%2BCQbeB3ArwKFWyeFW5mh18Sfbf9rDjEgrr4NQaW0rMkItGQGt4vGffXLXc2ykuWk%2FWT7V5jBGwR02wRdxCdpDwJKwfYReXKMFkIh8S1VW6J6EZTfwo7"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
CF-RAY
8347249f68ea42a9-EWR
expires
Sat, 10 Feb 2024 05:59:30 GMT
%D9%82%D9%86%D8%A7%D8%A9-%D8%A7%D9%84%D8%B1%D8%AD%D9%85%D8%A9-%D9%8A%D9%88%D8%AA%D9%8A%D9%88%D8%A8-360x360.jpg
newsy.npa-ar.com/wp-content/uploads/2023/12/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsy.npa-ar.com/wp-content/uploads/2023/12/%D9%82%D9%86%D8%A7%D8%A9-%D8%A7%D9%84%D8%B1%D8%AD%D9%85%D8%A9-%D9%8A%D9%88%D8%AA%D9%8A%D9%88%D8%A8-360x360.jpg
Requested by
Host: newsy.npa-ar.com
URL: https://newsy.npa-ar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3036::ac43:a438 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaf5a1eb2566b095439027b0e55e6e54e80440a15902a8b00ccd1ed4274bc8ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsy.npa-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 15:53:56 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Content-Length
12435
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
last-modified
Thu, 07 Dec 2023 10:22:55 GMT
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GuJcabVnMeW8KLjGaNcVbexrZ3fo6llFyNpCAOcALJWcbWEFdU2cE6wq824AcPq5PtwobeKJRqJf1KN45i7yty4%2BqL9s7iUz4SU8182CFhPj7TaV41PoH4AUBCUrCFF45ORbJ60%2FScjJ%2B%2FywsT%2F3"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
CF-RAY
8347249f8fa341a3-EWR
expires
Tue, 06 Feb 2024 13:48:58 GMT
%D9%82%D9%86%D8%A7%D8%A9-%D8%A7%D9%85-%D8%A8%D9%8A-%D8%B3%D9%8A-Mbc-2-360x360.jpg
newsy.npa-ar.com/wp-content/uploads/2023/12/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsy.npa-ar.com/wp-content/uploads/2023/12/%D9%82%D9%86%D8%A7%D8%A9-%D8%A7%D9%85-%D8%A8%D9%8A-%D8%B3%D9%8A-Mbc-2-360x360.jpg
Requested by
Host: newsy.npa-ar.com
URL: https://newsy.npa-ar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3036::ac43:a438 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f91a1043abf86998d28bdd104007b7d4587a45a737462a1ea97e8149e2581274
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsy.npa-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 15:53:56 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Content-Length
19963
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
last-modified
Thu, 07 Dec 2023 10:20:39 GMT
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jvjd65XY%2F4iJCWCbrUjeAf2gd95opNOBGplMqzS57CPFgO%2FMI6YtWPF2JYgfvrWyInCKN1vAbidoaPTJj66JC8v5Aog4ze8cPRlkzTfMoAROYxls%2FfjIMk2CjAE613oEk8mthCqgF0lWx%2B%2FTDgYI"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
CF-RAY
8347249fde36438e-EWR
expires
Sat, 10 Feb 2024 05:59:30 GMT
%D8%AA%D8%B1%D8%AF%D8%AF-%D9%82%D9%86%D8%A7%D8%A9-%D9%85%D9%83%D9%85%D9%84%D9%8A%D9%86-360x360.jpg
newsy.npa-ar.com/wp-content/uploads/2023/12/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsy.npa-ar.com/wp-content/uploads/2023/12/%D8%AA%D8%B1%D8%AF%D8%AF-%D9%82%D9%86%D8%A7%D8%A9-%D9%85%D9%83%D9%85%D9%84%D9%8A%D9%86-360x360.jpg
Requested by
Host: newsy.npa-ar.com
URL: https://newsy.npa-ar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3036::ac43:a438 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c684c470808aee5c4bc84f7437d1268748cd92106476cdc607dd718ab0d24f78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsy.npa-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 15:53:56 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Content-Length
17179
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
last-modified
Thu, 07 Dec 2023 10:17:24 GMT
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rmb1DGRzdeosijt3uLp6VlnCNLeFCMXmm6OwFWo%2BdfM7UjixdacvgXOGtYeb0swTqC1s%2BU33YW9fHuJEtRlylY78yYIsC8K6%2FYMdVeQ7cvURX6%2BYuBO5Ew1a1lisa2GLhdQfpdeTMJehgq0XNUzi"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Accept-Ranges
bytes
CF-RAY
8347249ffb704340-EWR
expires
Tue, 06 Feb 2024 13:48:58 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de18f83fe5e106b0ff08097632c801d3b2a5744cb2040302314b3ed08d5c0c8e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Origin
https://newsy.npa-ar.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 15:53:56 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1227846
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
80300
last-modified
Mon, 05 Oct 2020 17:43:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f7b5b5f-139ac"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O8nPDtLDSIzPucv3HGixqntMzbec88uwikUtQvZ%2Bmar3nGlDN64x1%2BpmNlHPFj8VUL5K1nwONWY2FoipxaWw3XeWM9tv0g5Ox%2FH9AaXc%2FAkDTYgsV3Odu9P6QpEyWJDtDeroLsLy4IcNMpk3knmNwPFC"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8347249e0c2319b6-EWR
expires
Sun, 01 Dec 2024 15:53:56 GMT
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/ 		77 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7e82d9e917c569248435f4fc04d5d05b755a84ab795adcf89efe9783091b5f7
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Origin
https://newsy.npa-ar.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 15:53:56 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1229738
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
78460
last-modified
Mon, 05 Oct 2020 17:43:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f7b5b5f-1327c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g9At%2FYRjPvc12TDEkBD6gRf5MDg7XEXa8Pjf2okg47sPHmOcg0F3J6zVL9W2KkU%2BlWtGiQweOjPeqAwcnRSd2gNW4VNJFpVoi9ibgoD%2BsH96uDqRXBYuOtnl0wl27GwwvRC0awszRuRaHQ85v%2FOCE97U"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8347249e0c2019b6-EWR
expires
Sun, 01 Dec 2024 15:53:56 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 6EFE 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsy.npa-ar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
41047
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 04:29:49 GMT
etag
5585625838579639069
expires
Tue, 26 Dec 2023 04:29:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8903 		546 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4707420366058674&output=html&adk=1812271804&adf=3025194257&lmt=1702396436&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1048576%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x1080_l%7C236x1080_r&format=0x0&url=https%3A%2F%2Fnewsy.npa-ar.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702396436144&bpp=8&bdt=151&idt=131&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6202241435946&frm=20&pv=2&ga_vid=408590160.1702396436&ga_sid=1702396436&ga_hid=1746679130&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079920%2C31079922%2C44795921%2C95320884&oid=2&pvsid=1953804348250934&tmod=1148868593&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=164
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5c398332ec8c1b24291b9b25ce82846f8fce6e1b0b6fc16cfa91e7e939341e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsy.npa-ar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
106573
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 15:53:56 GMT
expires
Tue, 12 Dec 2023 15:53:56 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
wp-emoji-release.min.js
newsy.npa-ar.com/wp-includes/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsy.npa-ar.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by
Host: newsy.npa-ar.com
URL: https://newsy.npa-ar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3036::ac43:a438 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsy.npa-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 15:53:56 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Encoding
br
Transfer-Encoding
chunked
Connection
keep-alive
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
MISS
last-modified
Wed, 29 Mar 2023 20:16:08 GMT
Server
cloudflare
vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qto9LYuXOwphuI3zJXJ9wQAzXU2hIV9w0B4ppm72FMvXNho6%2BRCFwIVtuYZ77LmqwZ1fFwPBuY9aMcmQ52SRpyczpW3CdboHDcjnaYXnEQPMDf1ljXWnDoc5agCfVih6mzrAuuLnpJV5GlECgPwY"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=31536000
CF-RAY
834724a02b4b8c57-EWR
expires
Sun, 07 Jan 2024 13:50:29 GMT
collect
www.google-analytics.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-SZQR7EM7CF&gtm=45je3bt0v9164611718&_p=1702396436347&gcd=11l1l1l1l1&dma=0&cid=408590160.1702396436&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702396436&sct=1&seg=0&dl=https%3A%2F%2Fnewsy.npa-ar.com%2F&dt=%D9%86%D8%A8%D8%A3%20%D8%A7%D9%84%D8%B9%D8%B1%D8%A8&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1846
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SZQR7EM7CF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsy.npa-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 15:53:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://newsy.npa-ar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
33f60cddb8e95752d5f94d0bfbbd7389cfc1ce6ccdc427337e5b710993db8718
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsy.npa-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 15:53:57 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12123
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/ 		160 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
627158b0d1c11f836661088237a074abb33ad4b6b595d1d85ed2a287b1d04091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsy.npa-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 15:53:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55985
x-xss-protection
0
server
cafe
etag
110831104352200035
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 15:53:57 GMT
ca-pub-4707420366058674
fundingchoicesmessages.google.com/i/ 		181 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-4707420366058674?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
155698f74eefce30a32ab5cb895d6d9426bf6e0237abad5d8ed79fe453d1b246
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-pUFfq-DzLqgoQTHGalRM1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsy.npa-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 15:53:57 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-pUFfq-DzLqgoQTHGalRM1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsy.npa-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 15:53:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 12 Dec 2023 15:53:57 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E9F1 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsy.npa-ar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
3535
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 14:55:02 GMT
expires
Wed, 11 Dec 2024 14:55:02 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 489E 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::93 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7299925e59a4ecd27d6771f377a48fc157df51655cd7d67b5ba13982291e7093
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-K4r1CA1Gd3MeiE5uHZheMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://newsy.npa-ar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-K4r1CA1Gd3MeiE5uHZheMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 15:53:57 GMT
expires
Tue, 12 Dec 2023 15:53:57 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame FD4B 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsy.npa-ar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
18270
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 10:49:27 GMT
etag
5585625838579639069
expires
Tue, 26 Dec 2023 10:49:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame F941 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsy.npa-ar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
18270
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 10:49:27 GMT
etag
5585625838579639069
expires
Tue, 26 Dec 2023 10:49:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 58DF 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsy.npa-ar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
18270
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 10:49:27 GMT
etag
5585625838579639069
expires
Tue, 26 Dec 2023 10:49:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame CC3D 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsy.npa-ar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
18270
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 10:49:27 GMT
etag
5585625838579639069
expires
Tue, 26 Dec 2023 10:49:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxVqouw9QbJ4pRVqRD4c8wnkaI6RQQgdCx0psdzxN6bUjAY_HJoqCxOORieXKranKZ8m-kGBTjEyKn709r10PwyIuy69LDoF6mh4pn6X3brM-7Oaw72NHU3QeDKnqfFrPqrCvC81eA==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVqouw9QbJ4pRVqRD4c8wnkaI6RQQgdCx0psdzxN6bUjAY_HJoqCxOORieXKranKZ8m-kGBTjEyKn709r10PwyIuy69LDoF6mh4pn6X3brM-7Oaw72NHU3QeDKnqfFrPqrCvC81eA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAyMzk2NDM3LDI0ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9uZXdzeS5ucGEtYXIuY29tLyIsbnVsbCxbWzgsImlISERFbG1wRC1nIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.iHHDElmpD-g.es5.O/am=wA/d=1/rs=AJlcJMzk8GcH-7RE6cgMeG7R6kUUZTN0qg/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
41e96007a2551be8d9bd02d201a85026707da11e15aedd7a1f15617bf84cb397
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-XnYOU0SNonUh7fF4UvdmNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsy.npa-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 15:53:57 GMT
content-security-policy
script-src 'report-sample' 'nonce-XnYOU0SNonUh7fF4UvdmNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
css2
fonts.googleapis.com/ Frame FD4B 		4 KB
744 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 12 Dec 2023 15:53:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 14:10:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 12 Dec 2023 15:53:57 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame FD4B 		205 B
649 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 15:49:43 GMT
x-content-type-options
nosniff
age
254
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 11 Dec 2024 15:49:43 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame FD4B 		604 B
693 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 15:52:48 GMT
x-content-type-options
nosniff
age
69
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 11 Dec 2024 15:52:48 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame FD4B 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 10:17:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
20200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6766
x-xss-protection
0
server
cafe
etag
14924840246271906451
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 10:17:17 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame FD4B 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:56:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
50265
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9210
x-xss-protection
0
server
cafe
etag
13914886398874665762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:56:12 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame F941 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:52:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
50471
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:52:46 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame F941 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:52:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
50471
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9318
x-xss-protection
0
server
cafe
etag
3562968281324141506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:52:46 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame F941 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:52:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
50472
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:52:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame F941 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:41:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
25972
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 08:41:05 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame F941 		203 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 15:53:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65486
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702315402350014"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 15:53:57 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame F941 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:02:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
424265
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 04:10:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 06 Mar 2024 18:02:52 GMT
css
fonts.googleapis.com/ Frame CC3D 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 12 Dec 2023 15:53:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 14:17:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 12 Dec 2023 15:53:57 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame CC3D 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:52:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
50471
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:52:46 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame CC3D 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:52:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
50471
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9318
x-xss-protection
0
server
cafe
etag
3562968281324141506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:52:46 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame CC3D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:52:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
50472
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:52:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame CC3D 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:41:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
25972
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 08:41:05 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame CC3D 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 15:53:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65486
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702315402350014"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 15:53:57 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame CC3D 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:02:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
424265
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 04:10:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 06 Mar 2024 18:02:52 GMT
rtb
rtb.ads.us-west.travelaudience.com/ Frame 94F9 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.ads.us-west.travelaudience.com/rtb?ads=30000487.0.0.70014672.0.0..0.US.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60023909.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=160&y=600&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUmDeFIJ4Za_CF9j7kPIPu9Gr6AGFsP3kc_Xl_IXRCsCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTQ3MDc0MjAzNjYwNTg2NzTIAQmpAnFU_MewG7I-qAMByAMCqgTzAU_Q-tkqG2ecCGItpq_zk10bc-BB91PDwUgsyNLajohdZDNetfjDp6npPKnjc6CY7_nqCnzJodiL-hSgPkLMy697xNIZLT-uXBWwNUkW5wcYMe3tpT15xU1xQHRNEW_AYzDVXm2LTmSQokHWXXOpEV-SC0e3kqLNclQ4LkMH6baGieNj8BISRNH59UZsKIWJGXZKiZnnSimiqCG1_ojoO3MKN966_U63qSZnmVlXou2Zgfu16kOp6igG1VLNDmHrHfQdOG_T5u4i42GpAL7Ea4f3ck7Ua1pxQtOur4XkLRA0lel5wXIUY9sfABAlDuvb3ekEOIAGh6j87_OIlMWyAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOliE_uv2oIqDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0vQcxTxoDP0wf1YkCjW4yddzQXvg%26client%3Dca-pub-4707420366058674%26adurl%3D&googlewinningprice=ZXiCFAAF4S8IRD3YAArou_9RHTdRQMNKebj9qw&wpc=EUR&site=newsy.npa-ar.com&slotvisibility=1&gcpm=1674741&gpos=1&bidder=bidder-rtb-production-8f594ccb8-qqzcf&dv=1&uuid=&suid=&brq=uX11VIB1bYllXuLOkYR2YZUJZ-is258itqRRjQ&ssp_id=0&l=ar&ts=1702396436&uc=US&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=3&hm=7TFA0Bl5k83q7dMPdrgz6ccAqlPszChMXnYqlFGr3bM=
Requested by
Host: newsy.npa-ar.com
URL: https://newsy.npa-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.236.111.14 Los Angeles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
14.111.236.35.bc.googleusercontent.com
Software
/
Resource Hash
8d879f0031373abada18300161553b90ebff283bc26e4b86a84fc95c73c69240
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 12 Dec 2023 15:53:57 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-engine-version
0.0.0
x-host
deliveryengine-rtb-production-5cb59c577-49n9x
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame C139 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: newsy.npa-ar.com
URL: https://newsy.npa-ar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:52:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
50472
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:52:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame C139 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: newsy.npa-ar.com
URL: https://newsy.npa-ar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:41:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
25972
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 08:41:05 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame C139 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: newsy.npa-ar.com
URL: https://newsy.npa-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 15:53:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65486
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702315402350014"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 15:53:57 GMT
6592766407814317453
tpc.googlesyndication.com/simgad/18214533447839849178/ Frame CC3D 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/18214533447839849178/6592766407814317453
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b3bc5925e6fbcefa6743b0b72e622d27ed9b6305af87e5a073b50643c1cc352
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:01:01 GMT
x-content-type-options
nosniff
age
39176
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61684
x-xss-protection
0
last-modified
Tue, 21 Nov 2023 17:30:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Dec 2024 05:01:01 GMT
15260784340103771975
tpc.googlesyndication.com/simgad/ Frame CC3D 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15260784340103771975?w=100&h=100&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
656c13a17ddd671fff5c5b81cbcd04809947a1d7a9dbf900a3c35ebc72e8b193
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 02:12:35 GMT
x-content-type-options
nosniff
age
49282
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2674
x-xss-protection
0
last-modified
Mon, 15 Nov 2021 16:40:00 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Dec 2024 02:12:35 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 489E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=1953804348250934&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
AGSKWxUICzTpv1Tnxkm_NqUdT3cOdqp-pJ5fCF2fmPKVm5xqMANIH25F0E3NfpjA4eH1uc-dOpqcS3B-dlvw_-xl6fZNqy6iZ4bjgLDW3YZvoxI0bczMK5g9kbQKxKNkhHJeWeXqGAombQ==
fundingchoicesmessages.google.com/f/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUICzTpv1Tnxkm_NqUdT3cOdqp-pJ5fCF2fmPKVm5xqMANIH25F0E3NfpjA4eH1uc-dOpqcS3B-dlvw_-xl6fZNqy6iZ4bjgLDW3YZvoxI0bczMK5g9kbQKxKNkhHJeWeXqGAombQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAyMzk2NDM3LDQyNTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vbmV3c3kubnBhLWFyLmNvbS8iLG51bGwsW1s4LCJpSEhERWxtcEQtZyJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.iHHDElmpD-g.es5.O/am=wA/d=1/rs=AJlcJMzk8GcH-7RE6cgMeG7R6kUUZTN0qg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dbbf4b2657fff7b99e88ee318cec9e2a4e353263296231966469a996c3539c44
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-HORVm9vJs8jmKjBFnR6W_w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsy.npa-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 15:53:57 GMT
content-security-policy
script-src 'report-sample' 'nonce-HORVm9vJs8jmKjBFnR6W_w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame E9F1 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:32:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
12113
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 12:32:04 GMT
truncated
/ Frame CC3D 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90312014d999a914fe05b30fdfd6d5217343b0b29562395b6e8d1b5c41646b9d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame D02B 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 12 Dec 2023 15:53:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 14:04:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 12 Dec 2023 15:53:57 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame D02B 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:52:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
50471
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:52:46 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame D02B 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:52:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
50471
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9318
x-xss-protection
0
server
cafe
etag
3562968281324141506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:52:46 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 0A8A 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
430
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 15:46:47 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame D02B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:52:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
50472
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:52:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame D02B 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:41:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
25972
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 08:41:05 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame D02B 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 15:53:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65486
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702315402350014"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 15:53:57 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame D02B 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:02:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
424265
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 04:10:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 06 Mar 2024 18:02:52 GMT
18398784446628957738
tpc.googlesyndication.com/daca_images/simgad/ Frame F941 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/18398784446628957738?w=360&h=720&tw=1&q=75
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bdfb0fa1a29bcca7676f3d39951d6e448c72ad3a9cf6525c6dead05a096db08b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 15:53:57 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31184
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 08:48:50 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 19 Dec 2023 15:53:57 GMT
truncated
/ Frame F941 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b25129aeffb8db31cc9d2e0d64d9093e09e38ac820b31fdb875fa59b944a857

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
pagead2.googlesyndication.com/bg/ Frame A734 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Requested by
Host: newsy.npa-ar.com
URL: https://newsy.npa-ar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 06:04:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
553742
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19719
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Dec 2024 06:04:55 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CC3D 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:29:45 GMT
x-content-type-options
nosniff
age
26652
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Dec 2024 08:29:45 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CC3D 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:38:41 GMT
x-content-type-options
nosniff
age
22516
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Dec 2024 09:38:41 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame F941
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Ccjr8FIJ4Za7CF9j7kPIPu9Gr6AHk4vehdJmm_NKPEtzZHhABIKu8s0Bgycapi8Ck2A-gAaLqwp4ByAEBqAMByAPLBKoEggJP0H33EeBjSBpTF7xn_tl_53WcPAUv6izmtztx3_QCqNle6Su...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3c45cface7229ecf0000000000000000%22,%222%22:%220xd9d600b20b4ff6150000000000000000%22,%223%22:%220x16ef5f...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3c45cface7229ecf0000000000000000%22,%222%22:%220xd9d600b20b4ff6150000000000000000%22,%223%22:%220x16ef5faa278c9ad80000000000000000%22,%224%22:%220x112bf0feebf85c0e0000000000000000%22,%225%22:%220xb93670853fa2a6470000000000000000%22},%22debug_key%22:%22486518231132893315%22,%22debug_reporting%22:true,%22destination%22:%22https://pvi.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22332444962%22],%2222%22:[%22true%22],%224%22:[%2212-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216972714713101226433%22}&andc=true
Protocol
H3
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 15:53:57 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x3c45cface7229ecf0000000000000000","2":"0xd9d600b20b4ff6150000000000000000","3":"0x16ef5faa278c9ad80000000000000000","4":"0x112bf0feebf85c0e0000000000000000","5":"0xb93670853fa2a6470000000000000000"},"debug_key":"486518231132893315","debug_reporting":true,"destination":"https://pvi.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["332444962"],"22":["true"],"4":["12-12"],"6":["true"]},"priority":"500","source_event_id":"16972714713101226433"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 12 Dec 2023 15:53:57 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 12 Dec 2023 15:53:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x3c45cface7229ecf0000000000000000","2":"0xd9d600b20b4ff6150000000000000000","3":"0x16ef5faa278c9ad80000000000000000","4":"0x112bf0feebf85c0e0000000000000000","5":"0xb93670853fa2a6470000000000000000"},"debug_key":"486518231132893315","debug_reporting":true,"destination":"https://pvi.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["332444962"],"22":["true"],"4":["12-12"],"6":["true"]},"priority":"500","source_event_id":"16972714713101226433"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame E9F1 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?NaIr5w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 15:53:57 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3c45cface7229ecf0000000000000000%22,%222%22:%220xd9d600b20b4ff6150000000000000000%22,%223%22:%220x16ef5faa278c9ad80000000000000000%22,%224%22:%220x112bf0feebf85c0e0000000000000000%22,%225%22:%220xb93670853fa2a6470000000000000000%22},%22debug_key%22:%22486518231132893315%22,%22debug_reporting%22:true,%22destination%22:%22https://pvi.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22332444962%22],%2222%22:[%22true%22],%224%22:[%2212-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216972714713101226433%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 12 Dec 2023 15:53:57 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame CC3D
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CKa2dFIJ4ZbDCF9j7kPIPu9Gr6AHy05jJdM_C17f_EePq74OjPxABIKu8s0Bgycapi8Ck2A-gAcLpl5YDyAEJqAMByAPLBKoE-wFP0KYU8W6TeBdVPVtrOiOk4qqAr3pW0vrGh2YugmfWTQP...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd3b9c9f781fb3e6f0000000000000000%22,%222%22:%220x51306adfd4bd499e0000000000000000%22,%223%22:%220xfe072d...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd3b9c9f781fb3e6f0000000000000000%22,%222%22:%220x51306adfd4bd499e0000000000000000%22,%223%22:%220xfe072dfb03d6ae740000000000000000%22,%224%22:%220x578839e68cb152d30000000000000000%22,%225%22:%220xccc43a47bf97efbf0000000000000000%22},%22debug_key%22:%226148260928956673457%22,%22debug_reporting%22:true,%22destination%22:%22https://wegmans.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22851834050%22],%2222%22:[%22true%22],%224%22:[%2212-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225585906457133109249%22}&andc=true
Protocol
H3
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 15:53:58 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0xd3b9c9f781fb3e6f0000000000000000","2":"0x51306adfd4bd499e0000000000000000","3":"0xfe072dfb03d6ae740000000000000000","4":"0x578839e68cb152d30000000000000000","5":"0xccc43a47bf97efbf0000000000000000"},"debug_key":"6148260928956673457","debug_reporting":true,"destination":"https://wegmans.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["851834050"],"22":["true"],"4":["12-12"],"6":["true"]},"priority":"500","source_event_id":"5585906457133109249"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 12 Dec 2023 15:53:58 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 12 Dec 2023 15:53:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xd3b9c9f781fb3e6f0000000000000000","2":"0x51306adfd4bd499e0000000000000000","3":"0xfe072dfb03d6ae740000000000000000","4":"0x578839e68cb152d30000000000000000","5":"0xccc43a47bf97efbf0000000000000000"},"debug_key":"6148260928956673457","debug_reporting":true,"destination":"https://wegmans.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["851834050"],"22":["true"],"4":["12-12"],"6":["true"]},"priority":"500","source_event_id":"5585906457133109249"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
pagead2.googlesyndication.com/bg/ Frame B664 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Requested by
Host: newsy.npa-ar.com
URL: https://newsy.npa-ar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 06:04:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
553742
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19719
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Dec 2024 06:04:55 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd3b9c9f781fb3e6f0000000000000000%22,%222%22:%220x51306adfd4bd499e0000000000000000%22,%223%22:%220xfe072dfb03d6ae740000000000000000%22,%224%22:%220x578839e68cb152d30000000000000000%22,%225%22:%220xccc43a47bf97efbf0000000000000000%22},%22debug_key%22:%226148260928956673457%22,%22debug_reporting%22:true,%22destination%22:%22https://wegmans.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22851834050%22],%2222%22:[%22true%22],%224%22:[%2212-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225585906457133109249%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 12 Dec 2023 15:53:58 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
el.ashx
rtb.ads.us-west.travelaudience.com/ Frame 94F9 		631 B
758 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.ads.us-west.travelaudience.com/el.ashx?__trackerRequestId=0.02757947068270052&adPos=&ai1=1%3B30000487%3B0%3B1%3B%3B%3B0%3B-1%3B%3B%3B%3B7sOMk32o1KNqb38Y2MsA0w%3D%3D%3B60023909%3B999%252c1%3B%3B%3B2%3B4%3B50005204%3B7sOMk32o1KNqb38Y2MsA0w%3D%3D%3BEUR%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B70014672%3BuX11VIB1bYllXuLOkYR2YZUJZ-is258itqRRjQ%3BEUR%3B2%3B%3B%3B%3B%3B0%3B%3B&aid=&an=&ask=&at=1&bc=1&bd=bidder-rtb-production-8f594ccb8-qqzcf&bnr=0&brq=uX11VIB1bYllXuLOkYR2YZUJZ-is258itqRRjQ&di=&did=-1&dnt=&dv=1&ed=&ev=ic&fm=160x600&gcpm=1674741&gctr=&ia=0&id5Decr=&id5Encr=&id5PID=&id5Src=&iid=&ilt=&ir=0&ld=&mai=&mat=1&mid=&na=&no=&oo=&pb=90000&pos_old=&rg=3&rts=&salt=02&sc=&site=newsy.npa-ar.com&ssp=0&sv=1&tsf=&ua=&uc=US&ucy=&uuid=E50A7D5E-E71F-48DD-9B00-B91637BCCB15&view=&vrt=&vw=&wp=ZXiCFAAF4S8IRD3YAArou_9RHTdRQMNKebj9qw
Requested by
Host: rtb.ads.us-west.travelaudience.com
URL: https://rtb.ads.us-west.travelaudience.com/rtb?ads=30000487.0.0.70014672.0.0..0.US.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60023909.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=160&y=600&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUmDeFIJ4Za_CF9j7kPIPu9Gr6AGFsP3kc_Xl_IXRCsCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTQ3MDc0MjAzNjYwNTg2NzTIAQmpAnFU_MewG7I-qAMByAMCqgTzAU_Q-tkqG2ecCGItpq_zk10bc-BB91PDwUgsyNLajohdZDNetfjDp6npPKnjc6CY7_nqCnzJodiL-hSgPkLMy697xNIZLT-uXBWwNUkW5wcYMe3tpT15xU1xQHRNEW_AYzDVXm2LTmSQokHWXXOpEV-SC0e3kqLNclQ4LkMH6baGieNj8BISRNH59UZsKIWJGXZKiZnnSimiqCG1_ojoO3MKN966_U63qSZnmVlXou2Zgfu16kOp6igG1VLNDmHrHfQdOG_T5u4i42GpAL7Ea4f3ck7Ua1pxQtOur4XkLRA0lel5wXIUY9sfABAlDuvb3ekEOIAGh6j87_OIlMWyAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOliE_uv2oIqDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0vQcxTxoDP0wf1YkCjW4yddzQXvg%26client%3Dca-pub-4707420366058674%26adurl%3D&googlewinningprice=ZXiCFAAF4S8IRD3YAArou_9RHTdRQMNKebj9qw&wpc=EUR&site=newsy.npa-ar.com&slotvisibility=1&gcpm=1674741&gpos=1&bidder=bidder-rtb-production-8f594ccb8-qqzcf&dv=1&uuid=&suid=&brq=uX11VIB1bYllXuLOkYR2YZUJZ-is258itqRRjQ&ssp_id=0&l=ar&ts=1702396436&uc=US&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=3&hm=7TFA0Bl5k83q7dMPdrgz6ccAqlPszChMXnYqlFGr3bM=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.236.111.14 Los Angeles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
14.111.236.35.bc.googleusercontent.com
Software
/
Resource Hash
25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.ads.us-west.travelaudience.com/rtb?ads=30000487.0.0.70014672.0.0..0.US.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60023909.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=160&y=600&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUmDeFIJ4Za_CF9j7kPIPu9Gr6AGFsP3kc_Xl_IXRCsCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTQ3MDc0MjAzNjYwNTg2NzTIAQmpAnFU_MewG7I-qAMByAMCqgTzAU_Q-tkqG2ecCGItpq_zk10bc-BB91PDwUgsyNLajohdZDNetfjDp6npPKnjc6CY7_nqCnzJodiL-hSgPkLMy697xNIZLT-uXBWwNUkW5wcYMe3tpT15xU1xQHRNEW_AYzDVXm2LTmSQokHWXXOpEV-SC0e3kqLNclQ4LkMH6baGieNj8BISRNH59UZsKIWJGXZKiZnnSimiqCG1_ojoO3MKN966_U63qSZnmVlXou2Zgfu16kOp6igG1VLNDmHrHfQdOG_T5u4i42GpAL7Ea4f3ck7Ua1pxQtOur4XkLRA0lel5wXIUY9sfABAlDuvb3ekEOIAGh6j87_OIlMWyAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOliE_uv2oIqDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0vQcxTxoDP0wf1YkCjW4yddzQXvg%26client%3Dca-pub-4707420366058674%26adurl%3D&googlewinningprice=ZXiCFAAF4S8IRD3YAArou_9RHTdRQMNKebj9qw&wpc=EUR&site=newsy.npa-ar.com&slotvisibility=1&gcpm=1674741&gpos=1&bidder=bidder-rtb-production-8f594ccb8-qqzcf&dv=1&uuid=&suid=&brq=uX11VIB1bYllXuLOkYR2YZUJZ-is258itqRRjQ&ssp_id=0&l=ar&ts=1702396436&uc=US&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=3&hm=7TFA0Bl5k83q7dMPdrgz6ccAqlPszChMXnYqlFGr3bM=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 15:53:58 GMT
content-encoding
gzip
x-engine-version
0.0.0
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
content-type
image/jpeg
x-host
deliveryengine-rtb-production-5cb59c577-49n9x
160x600.gif
static.travelaudience.com/img/import/dubai_main/ Frame 94F9 		304 KB
305 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.travelaudience.com/img/import/dubai_main/160x600.gif
Requested by
Host: rtb.ads.us-west.travelaudience.com
URL: https://rtb.ads.us-west.travelaudience.com/rtb?ads=30000487.0.0.70014672.0.0..0.US.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60023909.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=160&y=600&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUmDeFIJ4Za_CF9j7kPIPu9Gr6AGFsP3kc_Xl_IXRCsCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTQ3MDc0MjAzNjYwNTg2NzTIAQmpAnFU_MewG7I-qAMByAMCqgTzAU_Q-tkqG2ecCGItpq_zk10bc-BB91PDwUgsyNLajohdZDNetfjDp6npPKnjc6CY7_nqCnzJodiL-hSgPkLMy697xNIZLT-uXBWwNUkW5wcYMe3tpT15xU1xQHRNEW_AYzDVXm2LTmSQokHWXXOpEV-SC0e3kqLNclQ4LkMH6baGieNj8BISRNH59UZsKIWJGXZKiZnnSimiqCG1_ojoO3MKN966_U63qSZnmVlXou2Zgfu16kOp6igG1VLNDmHrHfQdOG_T5u4i42GpAL7Ea4f3ck7Ua1pxQtOur4XkLRA0lel5wXIUY9sfABAlDuvb3ekEOIAGh6j87_OIlMWyAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOliE_uv2oIqDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0vQcxTxoDP0wf1YkCjW4yddzQXvg%26client%3Dca-pub-4707420366058674%26adurl%3D&googlewinningprice=ZXiCFAAF4S8IRD3YAArou_9RHTdRQMNKebj9qw&wpc=EUR&site=newsy.npa-ar.com&slotvisibility=1&gcpm=1674741&gpos=1&bidder=bidder-rtb-production-8f594ccb8-qqzcf&dv=1&uuid=&suid=&brq=uX11VIB1bYllXuLOkYR2YZUJZ-is258itqRRjQ&ssp_id=0&l=ar&ts=1702396436&uc=US&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=3&hm=7TFA0Bl5k83q7dMPdrgz6ccAqlPszChMXnYqlFGr3bM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.170.237 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
237.170.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
60475c955eceb3ae9f485b265cf01faabc87eb86dd122678966d094e54c96a5f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.ads.us-west.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 15:01:14 GMT
age
3164
x-guploader-uploadid
ABPtcPpq3YniVHo6DvcV0B6oRiXf5fwgv23k1TyYoCzXw7PUb4dU7mcJByeWvGLA72wgxZ6lWplyotGHHD10t0deYJEDl6hXZJei
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
311172
last-modified
Fri, 21 Jul 2023 00:01:16 GMT
server
UploadServer
etag
"9c6b4228454a1184bfb914922b2c7410"
vary
Origin
x-goog-generation
1689897676820350
x-goog-hash
crc32c=S6sM3Q==, md5=nGtCKEVKEYS/uRSSKyx0EA==
content-type
image/gif
cache-control
public, max-age=3600
x-goog-stored-content-length
311172
accept-ranges
bytes
expires
Tue, 12 Dec 2023 16:01:14 GMT
moatad.js
z.moatads.com/travel198849194933/ Frame 94F9 		334 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/travel198849194933/moatad.js
Requested by
Host: rtb.ads.us-west.travelaudience.com
URL: https://rtb.ads.us-west.travelaudience.com/rtb?ads=30000487.0.0.70014672.0.0..0.US.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60023909.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=160&y=600&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUmDeFIJ4Za_CF9j7kPIPu9Gr6AGFsP3kc_Xl_IXRCsCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTQ3MDc0MjAzNjYwNTg2NzTIAQmpAnFU_MewG7I-qAMByAMCqgTzAU_Q-tkqG2ecCGItpq_zk10bc-BB91PDwUgsyNLajohdZDNetfjDp6npPKnjc6CY7_nqCnzJodiL-hSgPkLMy697xNIZLT-uXBWwNUkW5wcYMe3tpT15xU1xQHRNEW_AYzDVXm2LTmSQokHWXXOpEV-SC0e3kqLNclQ4LkMH6baGieNj8BISRNH59UZsKIWJGXZKiZnnSimiqCG1_ojoO3MKN966_U63qSZnmVlXou2Zgfu16kOp6igG1VLNDmHrHfQdOG_T5u4i42GpAL7Ea4f3ck7Ua1pxQtOur4XkLRA0lel5wXIUY9sfABAlDuvb3ekEOIAGh6j87_OIlMWyAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOliE_uv2oIqDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0vQcxTxoDP0wf1YkCjW4yddzQXvg%26client%3Dca-pub-4707420366058674%26adurl%3D&googlewinningprice=ZXiCFAAF4S8IRD3YAArou_9RHTdRQMNKebj9qw&wpc=EUR&site=newsy.npa-ar.com&slotvisibility=1&gcpm=1674741&gpos=1&bidder=bidder-rtb-production-8f594ccb8-qqzcf&dv=1&uuid=&suid=&brq=uX11VIB1bYllXuLOkYR2YZUJZ-is258itqRRjQ&ssp_id=0&l=ar&ts=1702396436&uc=US&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=3&hm=7TFA0Bl5k83q7dMPdrgz6ccAqlPszChMXnYqlFGr3bM=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.62.25 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-62-25.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
46fca6dc6e672a29d25c9bf87c1402e9ba22990aa214ab0d8c848fdc40862df6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.ads.us-west.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 15:53:58 GMT
content-encoding
gzip
last-modified
Mon, 04 Dec 2023 07:33:51 GMT
server
AmazonS3
x-amz-request-id
2PCT72NF7CM0RBSQ
etag
"9521db5e6c70e50593db6744649776f6"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=47344
accept-ranges
bytes
content-length
115798
x-amz-id-2
yq/uKHgwwJWFYg/p42RKYyLu/x1kRfkQaqBvPOe6HWv/T95MfVP3s0axvta3PWba8s7BPrJz228=
creative.js
rtb.ads.us-west.travelaudience.com/js/ Frame 94F9 		56 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb.ads.us-west.travelaudience.com/js/creative.js?version=0.0.0
Requested by
Host: rtb.ads.us-west.travelaudience.com
URL: https://rtb.ads.us-west.travelaudience.com/rtb?ads=30000487.0.0.70014672.0.0..0.US.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60023909.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=160&y=600&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUmDeFIJ4Za_CF9j7kPIPu9Gr6AGFsP3kc_Xl_IXRCsCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTQ3MDc0MjAzNjYwNTg2NzTIAQmpAnFU_MewG7I-qAMByAMCqgTzAU_Q-tkqG2ecCGItpq_zk10bc-BB91PDwUgsyNLajohdZDNetfjDp6npPKnjc6CY7_nqCnzJodiL-hSgPkLMy697xNIZLT-uXBWwNUkW5wcYMe3tpT15xU1xQHRNEW_AYzDVXm2LTmSQokHWXXOpEV-SC0e3kqLNclQ4LkMH6baGieNj8BISRNH59UZsKIWJGXZKiZnnSimiqCG1_ojoO3MKN966_U63qSZnmVlXou2Zgfu16kOp6igG1VLNDmHrHfQdOG_T5u4i42GpAL7Ea4f3ck7Ua1pxQtOur4XkLRA0lel5wXIUY9sfABAlDuvb3ekEOIAGh6j87_OIlMWyAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOliE_uv2oIqDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0vQcxTxoDP0wf1YkCjW4yddzQXvg%26client%3Dca-pub-4707420366058674%26adurl%3D&googlewinningprice=ZXiCFAAF4S8IRD3YAArou_9RHTdRQMNKebj9qw&wpc=EUR&site=newsy.npa-ar.com&slotvisibility=1&gcpm=1674741&gpos=1&bidder=bidder-rtb-production-8f594ccb8-qqzcf&dv=1&uuid=&suid=&brq=uX11VIB1bYllXuLOkYR2YZUJZ-is258itqRRjQ&ssp_id=0&l=ar&ts=1702396436&uc=US&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=3&hm=7TFA0Bl5k83q7dMPdrgz6ccAqlPszChMXnYqlFGr3bM=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.236.111.14 Los Angeles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
14.111.236.35.bc.googleusercontent.com
Software
/
Resource Hash
3c13e191e7e8caf6b1ce1bfc91659268705deae4739ece88d794a1cece629718
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.ads.us-west.travelaudience.com/rtb?ads=30000487.0.0.70014672.0.0..0.US.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60023909.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=160&y=600&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUmDeFIJ4Za_CF9j7kPIPu9Gr6AGFsP3kc_Xl_IXRCsCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTQ3MDc0MjAzNjYwNTg2NzTIAQmpAnFU_MewG7I-qAMByAMCqgTzAU_Q-tkqG2ecCGItpq_zk10bc-BB91PDwUgsyNLajohdZDNetfjDp6npPKnjc6CY7_nqCnzJodiL-hSgPkLMy697xNIZLT-uXBWwNUkW5wcYMe3tpT15xU1xQHRNEW_AYzDVXm2LTmSQokHWXXOpEV-SC0e3kqLNclQ4LkMH6baGieNj8BISRNH59UZsKIWJGXZKiZnnSimiqCG1_ojoO3MKN966_U63qSZnmVlXou2Zgfu16kOp6igG1VLNDmHrHfQdOG_T5u4i42GpAL7Ea4f3ck7Ua1pxQtOur4XkLRA0lel5wXIUY9sfABAlDuvb3ekEOIAGh6j87_OIlMWyAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOliE_uv2oIqDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0vQcxTxoDP0wf1YkCjW4yddzQXvg%26client%3Dca-pub-4707420366058674%26adurl%3D&googlewinningprice=ZXiCFAAF4S8IRD3YAArou_9RHTdRQMNKebj9qw&wpc=EUR&site=newsy.npa-ar.com&slotvisibility=1&gcpm=1674741&gpos=1&bidder=bidder-rtb-production-8f594ccb8-qqzcf&dv=1&uuid=&suid=&brq=uX11VIB1bYllXuLOkYR2YZUJZ-is258itqRRjQ&ssp_id=0&l=ar&ts=1702396436&uc=US&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=3&hm=7TFA0Bl5k83q7dMPdrgz6ccAqlPszChMXnYqlFGr3bM=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
public
date
Tue, 12 Dec 2023 15:53:58 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Tue, 12 Dec 2023 08:42:13 GMT
etag
W/"65781ce5-e1cc"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
max-age=86400, public
expires
Wed, 13 Dec 2023 15:53:58 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 0A8A
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 15:53:58 GMT
expires
Tue, 12 Dec 2023 15:53:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 15:53:58 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
pagead2.googlesyndication.com/bg/ Frame 19A5 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Requested by
Host: newsy.npa-ar.com
URL: https://newsy.npa-ar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 06:04:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
553743
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19719
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Dec 2024 06:04:55 GMT
n.js
mb.moatads.com/ Frame 94F9 		70 B
248 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/n.js?e=35&ol=4121390287&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm~GefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-gPi8rBsiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-epp8RG4580cdYQ%3D%3D&sc=1&os=1-KA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=0&qe=0&qh=1600&qg=1200&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=TRAVELAUDIENCE_DISPLAY1&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fgoogleads.g.doubleclick.net&lp=https%3A%2F%2Fnewsy.npa-ar.com&t=1702396438236&de=15009374249&m=0&ar=cc84ca2002d-clean&iw=34392e3&q=2&cb=0&ym=0&cu=1702396438236&ll=2&lm=3&ln=1&r=0&em=0&en=0&d=30000487%3A50005204%3A60023909%3A70014672&zMoatSSP=0&zMoatDeal=-1&zMoatSubdomain=newsy.npa-ar.com&zMoatIMPID=uX11VIB1bYllXuLOkYR2YZUJZ-is258itqRRjQ&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fnewsy.npa-ar.com&id=0&ii=2&bo=googleads.g.doubleclick.net&bd=160x600&zMoatOrigSlicer1=googleads.g.doubleclick.net&zMoatOrigSlicer2=160x600&zMoatDomain=npa-ar.com&gw=travel198849194933&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A0&jk=-1&jm=-1&fs=206701&na=1425967793&cs=0&ord=1702396438236&jv=1714947118&callback=DOMlessLLDcallback_66016287
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/travel198849194933/moatad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
129.80.52.16 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
32226bc104134cd5b411d58d5539cd49e20074a2c1e0ab86ec272d755ed228bb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.ads.us-west.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 15:53:58 GMT
server
istio-envoy
etag
"339cadae348181e2bae188a79cb11cdedf89d5ea"
content-type
text/html; charset=UTF-8
cache-control
max-age=900
x-envoy-upstream-service-time
12
timing-allow-origin
*
content-length
70
pixel.gif
px.moatads.com/ Frame 94F9 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=TRAVELAUDIENCE_DISPLAY1&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fgoogleads.g.doubleclick.net&lp=https%3A%2F%2Fnewsy.npa-ar.com&t=1702396438236&de=15009374249&m=0&ar=cc84ca2002d-clean&iw=34392e3&q=3&cb=0&ym=0&cu=1702396438236&ll=2&lm=3&ln=1&r=0&em=0&en=0&d=30000487%3A50005204%3A60023909%3A70014672&zMoatSSP=0&zMoatDeal=-1&zMoatSubdomain=newsy.npa-ar.com&zMoatIMPID=uX11VIB1bYllXuLOkYR2YZUJZ-is258itqRRjQ&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fnewsy.npa-ar.com&id=0&ii=2&bo=googleads.g.doubleclick.net&bd=160x600&zMoatOrigSlicer1=googleads.g.doubleclick.net&zMoatOrigSlicer2=160x600&zMoatDomain=npa-ar.com&gw=travel198849194933&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A0&jk=-1&jm=-1&fs=206701&na=1195937374&cs=0
Requested by
Host: rtb.ads.us-west.travelaudience.com
URL: https://rtb.ads.us-west.travelaudience.com/rtb?ads=30000487.0.0.70014672.0.0..0.US.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60023909.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=160&y=600&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUmDeFIJ4Za_CF9j7kPIPu9Gr6AGFsP3kc_Xl_IXRCsCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTQ3MDc0MjAzNjYwNTg2NzTIAQmpAnFU_MewG7I-qAMByAMCqgTzAU_Q-tkqG2ecCGItpq_zk10bc-BB91PDwUgsyNLajohdZDNetfjDp6npPKnjc6CY7_nqCnzJodiL-hSgPkLMy697xNIZLT-uXBWwNUkW5wcYMe3tpT15xU1xQHRNEW_AYzDVXm2LTmSQokHWXXOpEV-SC0e3kqLNclQ4LkMH6baGieNj8BISRNH59UZsKIWJGXZKiZnnSimiqCG1_ojoO3MKN966_U63qSZnmVlXou2Zgfu16kOp6igG1VLNDmHrHfQdOG_T5u4i42GpAL7Ea4f3ck7Ua1pxQtOur4XkLRA0lel5wXIUY9sfABAlDuvb3ekEOIAGh6j87_OIlMWyAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOliE_uv2oIqDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0vQcxTxoDP0wf1YkCjW4yddzQXvg%26client%3Dca-pub-4707420366058674%26adurl%3D&googlewinningprice=ZXiCFAAF4S8IRD3YAArou_9RHTdRQMNKebj9qw&wpc=EUR&site=newsy.npa-ar.com&slotvisibility=1&gcpm=1674741&gpos=1&bidder=bidder-rtb-production-8f594ccb8-qqzcf&dv=1&uuid=&suid=&brq=uX11VIB1bYllXuLOkYR2YZUJZ-is258itqRRjQ&ssp_id=0&l=ar&ts=1702396436&uc=US&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=3&hm=7TFA0Bl5k83q7dMPdrgz6ccAqlPszChMXnYqlFGr3bM=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.62.25 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-62-25.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.ads.us-west.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 12 Dec 2023 15:53:58 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 15:53:58 GMT
js-err
rtb.ads.us-west.travelaudience.com/ Frame 94F9 		35 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.ads.us-west.travelaudience.com/js-err?description=Uncaught%20TypeError%3A%20s.default.global._toCookies%20is%20not%20a%20function&url=https%3A%2F%2Frtb.ads.us-west.travelaudience.com%2Fjs%2Fcreative.js%3Fversion%3D0.0.0&line=1&col=23399&parent_url=https%3A%2F%2Frtb.ads.us-west.travelaudience.com%2Frtb%3Fads%3D30000487.0.0.70014672.0.0..0.US.-1..7sOMk32o1KNqb38Y2MsA0w%253D%253D.60023909.OTk5JTJjMQ%3D%3D...7sOMk32o1KNqb38Y2MsA0w%253D%253D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ%3D%3D.2.0%26p%3D90000%26x%3D160%26y%3D600%26click%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCUmDeFIJ4Za_CF9j7kPIPu9Gr6AGFsP3kc_Xl_IXRCsCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTQ3MDc0MjAzNjYwNTg2NzTIAQmpAnFU_MewG7I-qAMByAMCqgTzAU_Q-tkqG2ecCGItpq_zk10bc-BB91PDwUgsyNLajohdZDNetfjDp6npPKnjc6CY7_nqCnzJodiL-hSgPkLMy697xNIZLT-uXBWwNUkW5wcYMe3tpT15xU1xQHRNEW_AYzDVXm2LTmSQokHWXXOpEV-SC0e3kqLNclQ4LkMH6baGieNj8BISRNH59UZsKIWJGXZKiZnnSimiqCG1_ojoO3MKN966_U63qSZnmVlXou2Zgfu16kOp6igG1VLNDmHrHfQdOG_T5u4i42GpAL7Ea4f3ck7Ua1pxQtOur4XkLRA0lel5wXIUY9sfABAlDuvb3ekEOIAGh6j87_OIlMWyAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOliE_uv2oIqDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0vQcxTxoDP0wf1YkCjW4yddzQXvg%2526client%253Dca-pub-4707420366058674%2526adurl%253D%26googlewinningprice%3DZXiCFAAF4S8IRD3YAArou_9RHTdRQMNKebj9qw%26wpc%3DEUR%26site%3Dnewsy.npa-ar.com%26slotvisibility%3D1%26gcpm%3D1674741%26gpos%3D1%26bidder%3Dbidder-rtb-production-8f594ccb8-qqzcf%26dv%3D1%26uuid%3D%26suid%3D%26brq%3DuX11VIB1bYllXuLOkYR2YZUJZ-is258itqRRjQ%26ssp_id%3D0%26l%3Dar%26ts%3D1702396436%26uc%3DUS%26at%3D1%26ia%3D0%26mai%3D%26mat%3D1%26ir%3D0%26an%3D%26rg%3D3%26hm%3D7TFA0Bl5k83q7dMPdrgz6ccAqlPszChMXnYqlFGr3bM%3D
Requested by
Host: rtb.ads.us-west.travelaudience.com
URL: https://rtb.ads.us-west.travelaudience.com/rtb?ads=30000487.0.0.70014672.0.0..0.US.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60023909.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=160&y=600&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUmDeFIJ4Za_CF9j7kPIPu9Gr6AGFsP3kc_Xl_IXRCsCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTQ3MDc0MjAzNjYwNTg2NzTIAQmpAnFU_MewG7I-qAMByAMCqgTzAU_Q-tkqG2ecCGItpq_zk10bc-BB91PDwUgsyNLajohdZDNetfjDp6npPKnjc6CY7_nqCnzJodiL-hSgPkLMy697xNIZLT-uXBWwNUkW5wcYMe3tpT15xU1xQHRNEW_AYzDVXm2LTmSQokHWXXOpEV-SC0e3kqLNclQ4LkMH6baGieNj8BISRNH59UZsKIWJGXZKiZnnSimiqCG1_ojoO3MKN966_U63qSZnmVlXou2Zgfu16kOp6igG1VLNDmHrHfQdOG_T5u4i42GpAL7Ea4f3ck7Ua1pxQtOur4XkLRA0lel5wXIUY9sfABAlDuvb3ekEOIAGh6j87_OIlMWyAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOliE_uv2oIqDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0vQcxTxoDP0wf1YkCjW4yddzQXvg%26client%3Dca-pub-4707420366058674%26adurl%3D&googlewinningprice=ZXiCFAAF4S8IRD3YAArou_9RHTdRQMNKebj9qw&wpc=EUR&site=newsy.npa-ar.com&slotvisibility=1&gcpm=1674741&gpos=1&bidder=bidder-rtb-production-8f594ccb8-qqzcf&dv=1&uuid=&suid=&brq=uX11VIB1bYllXuLOkYR2YZUJZ-is258itqRRjQ&ssp_id=0&l=ar&ts=1702396436&uc=US&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=3&hm=7TFA0Bl5k83q7dMPdrgz6ccAqlPszChMXnYqlFGr3bM=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.236.111.14 Los Angeles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
14.111.236.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://rtb.ads.us-west.travelaudience.com/rtb?ads=30000487.0.0.70014672.0.0..0.US.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60023909.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=160&y=600&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUmDeFIJ4Za_CF9j7kPIPu9Gr6AGFsP3kc_Xl_IXRCsCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTQ3MDc0MjAzNjYwNTg2NzTIAQmpAnFU_MewG7I-qAMByAMCqgTzAU_Q-tkqG2ecCGItpq_zk10bc-BB91PDwUgsyNLajohdZDNetfjDp6npPKnjc6CY7_nqCnzJodiL-hSgPkLMy697xNIZLT-uXBWwNUkW5wcYMe3tpT15xU1xQHRNEW_AYzDVXm2LTmSQokHWXXOpEV-SC0e3kqLNclQ4LkMH6baGieNj8BISRNH59UZsKIWJGXZKiZnnSimiqCG1_ojoO3MKN966_U63qSZnmVlXou2Zgfu16kOp6igG1VLNDmHrHfQdOG_T5u4i42GpAL7Ea4f3ck7Ua1pxQtOur4XkLRA0lel5wXIUY9sfABAlDuvb3ekEOIAGh6j87_OIlMWyAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOliE_uv2oIqDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0vQcxTxoDP0wf1YkCjW4yddzQXvg%26client%3Dca-pub-4707420366058674%26adurl%3D&googlewinningprice=ZXiCFAAF4S8IRD3YAArou_9RHTdRQMNKebj9qw&wpc=EUR&site=newsy.npa-ar.com&slotvisibility=1&gcpm=1674741&gpos=1&bidder=bidder-rtb-production-8f594ccb8-qqzcf&dv=1&uuid=&suid=&brq=uX11VIB1bYllXuLOkYR2YZUJZ-is258itqRRjQ&ssp_id=0&l=ar&ts=1702396436&uc=US&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=3&hm=7TFA0Bl5k83q7dMPdrgz6ccAqlPszChMXnYqlFGr3bM=
Origin
https://rtb.ads.us-west.travelaudience.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 15:53:58 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
access-control-allow-methods
GET
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
access-control-allow-origin
https://rtb.ads.us-west.travelaudience.com
content-type
image/gif
truncated
/ Frame C139 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e471fc88236ac46741e935032e11c640578197b1f45f15df0cef16eb78edbef1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame C139 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CmXXbFIJ4Za_CF9j7kPIPu9Gr6AGFsP3kc_Xl_IXRCsCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTQ3MDc0MjAzNjYwNTg2NzTIAQmpAnFU_MewG7I-qAMByAMCqgTwAU_Q-tkqG2ecCGItpq_zk10bc-BB91PDwUgsyNLajohdZDNetfjDp6npPKnjc6CY7_nqCnzJodiL-hSgPkLMy697xNIZLT-uXBWwNUkW5wcYMe3tpT15xU1xQHRNEW_AYzDVXm2LTmSQokHWXXOpEV-SC0e3kqLNclQ4LkMH6baGieNj8BISRNH59UZsKIWJGXZKiZnnSimiqCG1_ojoO3MKN966_U63qSZnmVlXou2Zgfu16kOp6igG1VLNDmHrHfQdOG_T5u4i42HrAp9W-SkYe9E7c7fOXQo5nKHugBoajWiCZm3N_kUxLAi1hRzSQoAGh6j87_OIlMWyAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOliE_uv2oIqDA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi00NzA3NDIwMzY2MDU4Njc0GAA&sigh=VFgYfUCO4Z0&uach_m=%5BUACH%5D&cid=CAQSTwDICaaN7b3VLm8eggc7o3XYCQmt8bYN3lmXXUIXMfmrmyxIWqaekk_fvwNImtICnwareX9Q_4VzImOnXvOaINIsn7tzqh_OW-BIrj7kz6IYAQ&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 12 Dec 2023 15:53:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame C139 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=58&version=r20231207&sample=0.01
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 15:53:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=1953804348250934&bg=!sLOls_zNAAY3kmNgF5I7ADQBe5WfOKJ59Xo9BHDbd31KivsoYpZmm83ddbTPxE_9Ih50I549JjApbU36oiAiROjgohJyAgAAAfxSAAAABGgBB5kC5z6dv2J7ze9yBZ8XRBP_pGZQgNnrPAUS3ldgViKRcAW_hnB6wTrcLAhIfZydKdkq_lGoBOXoaX_JUNrY1Eu02c93ZkTk3AK-Hqn2rlmKecr1Xg8oxPH9UTS1IUqIAKdZiJhak326CSEwPLjsbI8CHLznb_LswcY5JCpxbd8yAoVvZX_XpQFEPoX4-5wYdp4T9Q-rOd-YY-F9KQSt5_g2iqVANySx9WhKbcsBXumph1YoF7fTX3MccsYAaU55sqE_5UMJiQlDl5WCeR5XDExPcMvC7NLXhNgJpg6QdFvVTP4H5eXDQvqJ0UzPQ0MCV7RovJ7PrBILImOlyRgVx_YqGuc_K-fkmqjX4YHFdJnyksjzvbW6iT1X-yMTzzStfSyB3D0DoGCm_NKAWedq-W7_E1p4Md_wq0i-libP_X-P_Oqu50XwjuaCF6pzpDxkxw7b_XM5bQVyrgs0bMmMs8fPv_v9Hn5QpITN7SjqDgAJheuEkgZYogMZXqOvcFhOIAMB0o5TS5KXn8GsYM7pJ6HDO2d2roLmLaTwrg84_GeUIgFXeE8AD6n_4tqSJmmcGITU_yXzOJ6DoO1tMyLj-e5uziEOBp94pt90BI8AF_eQYHBh9V03OK9OlUb_wUbqwiD7qTA7otwEuzbtFbCf517ZINOi1xEAmtBoNzSI06H61G-4eB6QwsHuDILNjhgVU_7w9yuXDBmQWbBsuP71Jh4lQUXGG2OOQkinUuhFtLpZGVEOPZylEFAQtLPuBGwGhsraiz_edwhTnLGJPW62hy5I1Uq1WirAqfxTqieIeC-lREOqnUsPFLBKbbs-yI5rLip477RfM9B1K54P8ShLtmlLlqT13ooD_Ev_jPuLxkWVlnNmRuHLfmqHm3fkU0RaYgpHAq35ApGtdyFUV2q_RfRN2c8mKqVUhr58u0QKhKv4TrG2IlKg9kZKMESJ0OHJQ7EwldochnEAKkGRTYRsZ2BCyyCRD0w3OzcQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsy.npa-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=0.8066109416390659
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-PjXv9lbOdezwbPPWAX-4Qg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsy.npa-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 15:53:58 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-PjXv9lbOdezwbPPWAX-4Qg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=2.4149859377391056
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-MlQRcy6IAD9gJ7T32CRDog' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsy.npa-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 15:53:58 GMT
content-security-policy
script-src 'report-sample' 'nonce-MlQRcy6IAD9gJ7T32CRDog' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxX_88fEnMAqXz16hnYN56nE0ZWTDteEW9tx8C_4it-WPxL7iND08TtPOUDKz6SskFyDRFhEUoRkrd46m9VF_BpkNTU1k-6J3GarNhZZ93IfBCSu4i8_xb4t4Yro0hxmfs8oQz2RUA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX_88fEnMAqXz16hnYN56nE0ZWTDteEW9tx8C_4it-WPxL7iND08TtPOUDKz6SskFyDRFhEUoRkrd46m9VF_BpkNTU1k-6J3GarNhZZ93IfBCSu4i8_xb4t4Yro0hxmfs8oQz2RUA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.iHHDElmpD-g.es5.O/am=wA/d=1/rs=AJlcJMzk8GcH-7RE6cgMeG7R6kUUZTN0qg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_VitCiKA-Stk2WtB0fpnvw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://newsy.npa-ar.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 15:53:58 GMT
content-security-policy
script-src 'report-sample' 'nonce-_VitCiKA-Stk2WtB0fpnvw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://newsy.npa-ar.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F941 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstvdhy-_U37mZc15khEXUjiKM5FSbz73TxQFsAKGM50Q_uJ2ptdtPNy357nyI26q4X4oZiEmhJR181AoYyxNr-fhVuLTWYKAj76_YEw5p5WEhrOd5hwZwzh-7bNUFNrEKVcOQqATn3rLgraWa713zCaH9XkfLzEtK5296EhG6h16wk6yRIeCVY&sai=AMfl-YS-LfZMjq8JojQi3oko1UMHYzm_S1phtKmioLJ2B4aNL22tglHFrWaLSg5FRjLw3Tur74kV6ejzARbKxnD1waAtThFhn4ULEBJbK5hBXIKrBL6E39qDvER4qWu-ehVsVCmHR7vMepK9ZEYC3QVTwA&sig=Cg0ArKJSzNGhqvvVmkvkEAE&cid=CAQSTwDICaaN7b3VLm8eggc7o3XYCQmt8bYN3lmXXUIXMfmrmyxIWqaekk_fvwNImtICnwareX9Q_4VzImOnXvOaINIsn7tzqh_OW-BIrj7kz6IYAQ&id=lidar2&mcvt=1000&p=-50,0,450,200&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20231211&bin=7&avms=nio&bs=0,0&mc=0.8&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702396437212&rpt=459&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 15:53:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
travel198849194933.s.moatpixel.com/ Frame 94F9 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=175&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=newsy.npa-ar.com&L1id=30000487&L2id=50005204&L3id=60023909&L4id=70014672&S1id=googleads.g.doubleclick.net&S2id=160x600&ord=1702396438236&r=15009374249&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatSubdomain=newsy.npa-ar.com&zMoatIMPID=uX11VIB1bYllXuLOkYR2YZUJZ-is258itqRRjQ&bedc=1&nosend&q=1&nu=0&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.50.25 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-50-25.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.ads.us-west.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 15:53:58 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 15:53:58 GMT
pixel.gif
travel198849194933.s.moatpixel.com/ Frame 94F9 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=175&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=newsy.npa-ar.com&L1id=30000487&L2id=50005204&L3id=60023909&L4id=70014672&S1id=googleads.g.doubleclick.net&S2id=160x600&ord=1702396438236&r=15009374249&t=nht&os=0&fi2=0&div1=0&ait=0&zMoatSubdomain=newsy.npa-ar.com&zMoatIMPID=uX11VIB1bYllXuLOkYR2YZUJZ-is258itqRRjQ&bedc=1&nosend&q=2&nu=0&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.50.25 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-50-25.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.ads.us-west.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 15:53:58 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 15:53:58 GMT
pixel.gif
px.moatads.com/ Frame 94F9 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fstatic.travelaudience.com%2Fimg%2Fimport%2Fdubai_main%2F160x600.gif&i=TRAVELAUDIENCE_DISPLAY1&ol=4121390287&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm~GefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-gPi8rBsiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-epp8RG4580cdYQ%3D%3D&sc=1&os=1-KA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=160&qe=600&qh=1600&qg=1200&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=600&w=160&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fnewsy.npa-ar.com&id=0&ii=2&f=1&j=https%3A%2F%2Fgoogleads.g.doubleclick.net&lp=https%3A%2F%2Fnewsy.npa-ar.com&t=1702396438236&de=15009374249&cu=1702396438236&m=594&ar=cc84ca2002d-clean&iw=34392e3&cb=0&ym=0&ll=2&lm=3&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=600&le=1&lf=119&lg=1&lh=12&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A1217%3A1217%3A1043%3A943&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=175&cd=0&ah=175&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=30000487%3A50005204%3A60023909%3A70014672&bo=googleads.g.doubleclick.net&bd=160x600&gw=travel198849194933&zMoatOrigSlicer1=googleads.g.doubleclick.net&zMoatOrigSlicer2=160x600&zMoatDomain=npa-ar.com&zMoatSubdomain=newsy.npa-ar.com&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=uX11VIB1bYllXuLOkYR2YZUJZ-is258itqRRjQ&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&jk=2&jm=-1&tc=0&fs=206701&na=1924236452&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.62.25 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-62-25.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.ads.us-west.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 12 Dec 2023 15:53:58 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 15:53:58 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame CC3D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstKWP0BJG7GRda64v9rqjV56oWVgNQ3Z9B8K1dq_2G5CAXKtZlOLiKxEEnl3B9R69HIsZjat1zukP7WXi5pkrER_zujk6owrN2E35HgC9nOYaR2KkoMgJB47FiBsTepzGDhkAQJ-vnw5N-hdnERUBc_4eKz5fWhZPGK_8w08ygUgJw6XI09ehho1pnaIQKyQ8OaAxgG4t47UEoOHY-bobC0V7Y4SEFiKAja7IVGAfMlK6avtBalXbN5STFoI8FYqkJ8UrSgaExERcbSN6JY9xneArg2RIwFZ2OZTSRNd1ztF_i6il-Q5HiUkKAXHnZmYH4JnhGNrU6JiCeBDoWaoAf4Fd9O3TwE1SE3B1cFx1Qj4EjysRzUcN2Wp1-MQW2Dn695ZpBcTzKW8GSJfp1oLkANrD4ZWPIPYQGXv43MOw57tNCNjNAKvabm-QQl3nHLlgHRqsK3BvSgpn9hjJm6ckB7muBjqbJgjXLmjrJc_qjjuteOfgzga1efE9VseBbQVvnrGLmLRrAbK2rVNaNQwG46QGEvdH_FNjSyeUCMmOcUL_daDUui7g2NtrSwnAWHgyV7wWVRX01WpBFGETdP_gj-IGKBU01-KEevZC-Ms1nNM_hGFsD8dckIfCw6pAiHC1vh0_4mXTsvBFT0MYL3E7rQM0nYfdg38S8docTRBnzPFiUQhV0CJ2bLrRe8s_HcK__HPRbpDq6CIBIEXesY81NQ_zQdNukoEDpupLeGzLZp7M6xPf195YrdZcCczGmJ-RXKv0IGwphgV_0scYq0MCJTWriKHXuBq-MCt2TldszRLdkDkPBMXIB8nqF2Jd9hSXqWAzURVJ8JcKLtUkxN94GwKjJD8y3aE2QQ4TdJLayXsiXJFcWkU83xbjOc6MO2NkKa8pqsq4F8Xrc4zkKA-E4pKQpbZ6HH2NXSMYCMdESv-8-hMBQp7v03ENbYQCC037CdrGBqIc4-F7nTN-3xJNCjX5CSQzPxKCCMOSCSa9PUD0eV1oawUeyMMMMWkne42yr4GMzIDStO9UxAGpQFLtFy-8LjxVa8OsSZ8509Pi6fShlEZ7opKnX_-uGADXMiKn77LTqkTdVZigtaxdMyCp4rbjc5_EJL39uJrHjFXSqzD-6uIx2QpgBFyb6dz6hxsWsVwv5HlxILVs3jRZjMempqVdsrmgo3E_qlnIGq7_lBwlJ9_uOCUPTju0EXrB3HBWTq-BKXkChQ1Sc9NsCvqphaO13T5YA&sai=AMfl-YSFImRuXB0w7KpHMi4uuU-63YG7WoYJU9UsAB963Gx2PECVuE-AP_73-JCedl-Eb15QLSkheO7ZeW0KGO4brt_pBJev0HoJW1gW1FH7MWE1ayP5hJolEOlY_iE5py4-jX79JYCmgmkc0WKjxW2ts47UmY-OQYvLjFaUIss&sig=Cg0ArKJSzI1zWJea4LByEAE&cid=CAQSTwDICaaN7b3VLm8eggc7o3XYCQmt8bYN3lmXXUIXMfmrmyxIWqaekk_fvwNImtICnwareX9Q_4VzImOnXvOaINIsn7tzqh_OW-BIrj7kz6IYAQ&id=lidar2&mcvt=1019&p=0,0,124,1005&mtos=348,876,1019,1019,1019&tos=348,528,143,0,0&v=20231211&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702396437219&rpt=595&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 15:53:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
travel198849194933.s.moatpixel.com/ Frame 94F9 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=18&fi=1&apd=210&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=newsy.npa-ar.com&L1id=30000487&L2id=50005204&L3id=60023909&L4id=70014672&S1id=googleads.g.doubleclick.net&S2id=160x600&ord=1702396438236&r=15009374249&t=hdn&os=1&fi2=0&div1=0&ait=0&zMoatSubdomain=newsy.npa-ar.com&zMoatIMPID=uX11VIB1bYllXuLOkYR2YZUJZ-is258itqRRjQ&bedc=1&nosend&q=3&nu=0&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.50.25 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-50-25.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.ads.us-west.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 15:53:58 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 15:53:58 GMT
pixel.gif
travel198849194933.s.moatpixel.com/ Frame 94F9 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=18&fi=1&apd=210&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=newsy.npa-ar.com&L1id=30000487&L2id=50005204&L3id=60023909&L4id=70014672&S1id=googleads.g.doubleclick.net&S2id=160x600&ord=1702396438236&r=15009374249&t=fv&os=1&fi2=0&div1=0&ait=0&zMoatSubdomain=newsy.npa-ar.com&zMoatIMPID=uX11VIB1bYllXuLOkYR2YZUJZ-is258itqRRjQ&bedc=1&nosend&q=4&nu=0&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.50.25 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-50-25.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.ads.us-west.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 15:53:58 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 15:53:58 GMT
pixel.gif
px.moatads.com/ Frame 94F9 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=4121390287&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm~GefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-gPi8rBsiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-epp8RG4580cdYQ%3D%3D&sc=1&os=1-KA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=160&qe=600&qh=1600&qg=1200&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&h=600&w=160&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fnewsy.npa-ar.com&id=0&ii=2&f=1&j=https%3A%2F%2Fgoogleads.g.doubleclick.net&lp=https%3A%2F%2Fnewsy.npa-ar.com&t=1702396438236&de=15009374249&cu=1702396438236&m=618&ar=cc84ca2002d-clean&iw=34392e3&cb=0&ym=0&ll=2&lm=3&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=600&le=1&lf=119&lg=1&lh=12&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A1217%3A1217%3A1043%3A943&aa=0&ad=18&cn=0&gk=18&gl=0&ik=18&ic=18&ez=1&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=175&cd=175&ah=175&am=175&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=30000487%3A50005204%3A60023909%3A70014672&bo=googleads.g.doubleclick.net&bd=160x600&gw=travel198849194933&zMoatOrigSlicer1=googleads.g.doubleclick.net&zMoatOrigSlicer2=160x600&zMoatDomain=npa-ar.com&zMoatSubdomain=newsy.npa-ar.com&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=uX11VIB1bYllXuLOkYR2YZUJZ-is258itqRRjQ&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=2&jm=-1&tc=0&fs=206701&na=2078659221&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.62.25 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-62-25.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.ads.us-west.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 12 Dec 2023 15:53:58 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 15:53:58 GMT
ad468x80.
fundingchoicesmessages.google.com/f/AGSKWxVzHgNrGfe49KUZR2dlEN2X0I-M5xJGMVqhHaLeenNITQedoerAO-SspAjYiJbJxKT8n-p8x-iiTdkAOza-73ucLeFCQwoiAoTuEVuW-1ywH6qC4igNYCtujI0ZMYmunMJLen0-fuwuVBfiJr6CAYWR1xvZY... 		54 B
108 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVzHgNrGfe49KUZR2dlEN2X0I-M5xJGMVqhHaLeenNITQedoerAO-SspAjYiJbJxKT8n-p8x-iiTdkAOza-73ucLeFCQwoiAoTuEVuW-1ywH6qC4igNYCtujI0ZMYmunMJLen0-fuwuVBfiJr6CAYWR1xvZYUW3AWMwE4cwMBQamOGn1kTPq-ycgJxD/_/adscripts1./writelayerad.-side-ad._banner_ad_/ad468x80.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.iHHDElmpD-g.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxKmWI5tEmdXDH3NrfDDO7eIZ-ACA/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e24fe6a0070c6d896784d9bd272533a00fe59ad9b460f3cd0775c6182ce7743e
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-5oFHJ4qLDfOBJEebMR77ZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsy.npa-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 15:53:59 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-5oFHJ4qLDfOBJEebMR77ZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
rum.js
pagead2.googlesyndication.com/pagead/js/ 		64 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.iHHDElmpD-g.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxKmWI5tEmdXDH3NrfDDO7eIZ-ACA/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61fccfdc6707e6432998da73d67d285fad858d68d59c9eb2657930772fb2cbd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsy.npa-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 15:32:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
1289
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24502
x-xss-protection
0
server
cafe
etag
8172479049841164170
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 16:32:30 GMT
AGSKWxX_88fEnMAqXz16hnYN56nE0ZWTDteEW9tx8C_4it-WPxL7iND08TtPOUDKz6SskFyDRFhEUoRkrd46m9VF_BpkNTU1k-6J3GarNhZZ93IfBCSu4i8_xb4t4Yro0hxmfs8oQz2RUA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX_88fEnMAqXz16hnYN56nE0ZWTDteEW9tx8C_4it-WPxL7iND08TtPOUDKz6SskFyDRFhEUoRkrd46m9VF_BpkNTU1k-6J3GarNhZZ93IfBCSu4i8_xb4t4Yro0hxmfs8oQz2RUA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.iHHDElmpD-g.es5.O/am=wA/d=1/rs=AJlcJMzk8GcH-7RE6cgMeG7R6kUUZTN0qg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-usl6jGdM8ueC7wDZq_QEnQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://newsy.npa-ar.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 15:53:59 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-usl6jGdM8ueC7wDZq_QEnQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://newsy.npa-ar.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C139 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsssoFL5bQBKenq-n1ShG6Ao79cUwPQCAvr_-BLGCJzM_fEfP48gewZXr-ziavcj_ESZzMdD_TP4lLMUgOjNhBSuOEszYOHqgHbmc5dUXMfF2JBBJeWhZSER&sig=Cg0ArKJSzI0NA5kcgGqLEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231211&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702396437366&rpt=335&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 15:53:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxX_88fEnMAqXz16hnYN56nE0ZWTDteEW9tx8C_4it-WPxL7iND08TtPOUDKz6SskFyDRFhEUoRkrd46m9VF_BpkNTU1k-6J3GarNhZZ93IfBCSu4i8_xb4t4Yro0hxmfs8oQz2RUA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX_88fEnMAqXz16hnYN56nE0ZWTDteEW9tx8C_4it-WPxL7iND08TtPOUDKz6SskFyDRFhEUoRkrd46m9VF_BpkNTU1k-6J3GarNhZZ93IfBCSu4i8_xb4t4Yro0hxmfs8oQz2RUA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.iHHDElmpD-g.es5.O/am=wA/d=1/rs=AJlcJMzk8GcH-7RE6cgMeG7R6kUUZTN0qg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-aluvdoe4mpU3cv2ObMIV2w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://newsy.npa-ar.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 15:53:59 GMT
content-security-policy
script-src 'report-sample' 'nonce-aluvdoe4mpU3cv2ObMIV2w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://newsy.npa-ar.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxX_88fEnMAqXz16hnYN56nE0ZWTDteEW9tx8C_4it-WPxL7iND08TtPOUDKz6SskFyDRFhEUoRkrd46m9VF_BpkNTU1k-6J3GarNhZZ93IfBCSu4i8_xb4t4Yro0hxmfs8oQz2RUA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX_88fEnMAqXz16hnYN56nE0ZWTDteEW9tx8C_4it-WPxL7iND08TtPOUDKz6SskFyDRFhEUoRkrd46m9VF_BpkNTU1k-6J3GarNhZZ93IfBCSu4i8_xb4t4Yro0hxmfs8oQz2RUA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.iHHDElmpD-g.es5.O/am=wA/d=1/rs=AJlcJMzk8GcH-7RE6cgMeG7R6kUUZTN0qg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ntuD068If2_7o_DX9UIewg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://newsy.npa-ar.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 15:53:59 GMT
content-security-policy
script-src 'report-sample' 'nonce-ntuD068If2_7o_DX9UIewg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://newsy.npa-ar.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxX_88fEnMAqXz16hnYN56nE0ZWTDteEW9tx8C_4it-WPxL7iND08TtPOUDKz6SskFyDRFhEUoRkrd46m9VF_BpkNTU1k-6J3GarNhZZ93IfBCSu4i8_xb4t4Yro0hxmfs8oQz2RUA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX_88fEnMAqXz16hnYN56nE0ZWTDteEW9tx8C_4it-WPxL7iND08TtPOUDKz6SskFyDRFhEUoRkrd46m9VF_BpkNTU1k-6J3GarNhZZ93IfBCSu4i8_xb4t4Yro0hxmfs8oQz2RUA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.iHHDElmpD-g.es5.O/am=wA/d=1/rs=AJlcJMzk8GcH-7RE6cgMeG7R6kUUZTN0qg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-RKlInqY-d7VUrc43BH1GkA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://newsy.npa-ar.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 15:53:59 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-RKlInqY-d7VUrc43BH1GkA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://newsy.npa-ar.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVG8nzTSZMjqG9PGaKgfNC2tGnD5pPsKeEGDUz6YHLZDeLTaqM1Ov8WKZs8wiAdoXDahJIQgQn2wSl645HleoO5k14ZjfYaX3VZfceDSsgqiimTSVounyitJGfrMHkUBn7gWYSTNQ==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVG8nzTSZMjqG9PGaKgfNC2tGnD5pPsKeEGDUz6YHLZDeLTaqM1Ov8WKZs8wiAdoXDahJIQgQn2wSl645HleoO5k14ZjfYaX3VZfceDSsgqiimTSVounyitJGfrMHkUBn7gWYSTNQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAyMzk2NDM5LDUxNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9uZXdzeS5ucGEtYXIuY29tLyIsbnVsbCxbWzgsImlISERFbG1wRC1nIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.iHHDElmpD-g.es5.O/am=wA/d=1/rs=AJlcJMzk8GcH-7RE6cgMeG7R6kUUZTN0qg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
588f09c7e08c0be53c10a73b95f9d9547ae71e29f5ebd3c21bd4c567f521b70a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-42cDxYqQwbZigZD5ToaSiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newsy.npa-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 15:53:59 GMT
content-security-policy
script-src 'report-sample' 'nonce-42cDxYqQwbZigZD5ToaSiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXJ1h06b0RP-ORSwMx8zuEwdErnkgTw_gbQICScmo_r3j6d_E26s-QHnvI7XqOG4PxTt-3C78WFe2Zrb1ej_6qkWOD62NiNcI9YQgiM6Ea_EQLA6U29r9Tp_pWasnBrOWtUiUrvDQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXJ1h06b0RP-ORSwMx8zuEwdErnkgTw_gbQICScmo_r3j6d_E26s-QHnvI7XqOG4PxTt-3C78WFe2Zrb1ej_6qkWOD62NiNcI9YQgiM6Ea_EQLA6U29r9Tp_pWasnBrOWtUiUrvDQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.iHHDElmpD-g.es5.O/am=wA/d=1/rs=AJlcJMzk8GcH-7RE6cgMeG7R6kUUZTN0qg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-SQkfPqRd9DB-ERSJzMtp-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://newsy.npa-ar.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 15:53:59 GMT
content-security-policy
script-src 'report-sample' 'nonce-SQkfPqRd9DB-ERSJzMtp-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://newsy.npa-ar.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxX_88fEnMAqXz16hnYN56nE0ZWTDteEW9tx8C_4it-WPxL7iND08TtPOUDKz6SskFyDRFhEUoRkrd46m9VF_BpkNTU1k-6J3GarNhZZ93IfBCSu4i8_xb4t4Yro0hxmfs8oQz2RUA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX_88fEnMAqXz16hnYN56nE0ZWTDteEW9tx8C_4it-WPxL7iND08TtPOUDKz6SskFyDRFhEUoRkrd46m9VF_BpkNTU1k-6J3GarNhZZ93IfBCSu4i8_xb4t4Yro0hxmfs8oQz2RUA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.iHHDElmpD-g.es5.O/am=wA/d=1/rs=AJlcJMzk8GcH-7RE6cgMeG7R6kUUZTN0qg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nJXHnCIhqnwmIzZt4eLXhg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://newsy.npa-ar.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 15:53:59 GMT
content-security-policy
script-src 'report-sample' 'nonce-nJXHnCIhqnwmIzZt4eLXhg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://newsy.npa-ar.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ Frame 94F9 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=4121390287&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm~GefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-gPi8rBsiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-epp8RG4580cdYQ%3D%3D&sc=1&os=1-KA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=160&qe=600&qh=1600&qg=1200&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=600&w=160&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fnewsy.npa-ar.com&id=0&ii=2&f=1&j=https%3A%2F%2Fgoogleads.g.doubleclick.net&lp=https%3A%2F%2Fnewsy.npa-ar.com&t=1702396438236&de=15009374249&cu=1702396438236&m=1623&ar=cc84ca2002d-clean&iw=34392e3&cb=0&ym=0&ll=2&lm=3&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=600&le=1&lf=119&lg=1&lh=12&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A1217%3A1217%3A1043%3A943&aa=1&ad=1024&cn=18&gn=1&gk=1024&gl=18&ik=1024&ic=1024&ez=1&co=1024&cp=1015&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1015&cd=175&ah=1015&am=175&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=30000487%3A50005204%3A60023909%3A70014672&bo=googleads.g.doubleclick.net&bd=160x600&gw=travel198849194933&zMoatOrigSlicer1=googleads.g.doubleclick.net&zMoatOrigSlicer2=160x600&zMoatDomain=npa-ar.com&zMoatSubdomain=newsy.npa-ar.com&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=uX11VIB1bYllXuLOkYR2YZUJZ-is258itqRRjQ&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=4&jm=-1&tc=0&fs=206701&na=1468329793&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.62.25 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-62-25.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.ads.us-west.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 12 Dec 2023 15:53:59 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 15:53:59 GMT
pixel.gif
travel198849194933.s.moatpixel.com/ Frame 94F9 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1015&tet=1024&fi=1&apd=1216&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=newsy.npa-ar.com&L1id=30000487&L2id=50005204&L3id=60023909&L4id=70014672&S1id=googleads.g.doubleclick.net&S2id=160x600&ord=1702396438236&r=15009374249&t=iv&os=1&fi2=0&div1=1&ait=0&zMoatSubdomain=newsy.npa-ar.com&zMoatIMPID=uX11VIB1bYllXuLOkYR2YZUJZ-is258itqRRjQ&bedc=1&nosend&q=5&nu=0&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.50.25 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-50-25.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.ads.us-west.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 15:53:59 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 15:53:59 GMT
pixel.gif
px.moatads.com/ Frame 94F9 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=4121390287&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm~GefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-gPi8rBsiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-epp8RG4580cdYQ%3D%3D&sc=1&os=1-KA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=160&qe=600&qh=1600&qg=1200&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=600&w=160&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fnewsy.npa-ar.com&id=0&ii=2&f=1&j=https%3A%2F%2Fgoogleads.g.doubleclick.net&lp=https%3A%2F%2Fnewsy.npa-ar.com&t=1702396438236&de=15009374249&cu=1702396438236&m=1624&ar=cc84ca2002d-clean&iw=34392e3&cb=0&ym=0&ll=2&lm=3&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=600&le=1&lf=119&lg=1&lh=12&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A1217%3A1217%3A1043%3A943&aa=1&ad=1024&cn=1024&gn=1&gk=1024&gl=1024&ik=1024&ic=1024&ez=1&co=1024&cp=1015&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1015&cd=1015&ah=1015&am=1015&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=30000487%3A50005204%3A60023909%3A70014672&bo=googleads.g.doubleclick.net&bd=160x600&gw=travel198849194933&zMoatOrigSlicer1=googleads.g.doubleclick.net&zMoatOrigSlicer2=160x600&zMoatDomain=npa-ar.com&zMoatSubdomain=newsy.npa-ar.com&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=uX11VIB1bYllXuLOkYR2YZUJZ-is258itqRRjQ&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=4&jm=-1&tc=0&fs=206701&na=2126142621&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.62.25 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-62-25.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.ads.us-west.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 12 Dec 2023 15:53:59 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 15:53:59 GMT
pixel.gif
px.moatads.com/ Frame 94F9 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=4121390287&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm~GefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-gPi8rBsiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-epp8RG4580cdYQ%3D%3D&sc=1&os=1-KA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=160&qe=600&qh=1600&qg=1200&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=600&w=160&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fnewsy.npa-ar.com&id=0&ii=2&f=1&j=https%3A%2F%2Fgoogleads.g.doubleclick.net&lp=https%3A%2F%2Fnewsy.npa-ar.com&t=1702396438236&de=15009374249&cu=1702396438236&m=1624&ar=cc84ca2002d-clean&iw=34392e3&cb=0&ym=0&ll=2&lm=3&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=600&le=1&lf=119&lg=1&lh=12&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A1217%3A1217%3A1043%3A943&aa=1&ad=1024&cn=1024&gn=1&gk=1024&gl=1024&ik=1024&ic=1024&ez=1&co=1024&cp=1015&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1015&cd=1015&ah=1015&am=1015&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=30000487%3A50005204%3A60023909%3A70014672&bo=googleads.g.doubleclick.net&bd=160x600&gw=travel198849194933&zMoatOrigSlicer1=googleads.g.doubleclick.net&zMoatOrigSlicer2=160x600&zMoatDomain=npa-ar.com&zMoatSubdomain=newsy.npa-ar.com&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=uX11VIB1bYllXuLOkYR2YZUJZ-is258itqRRjQ&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=4&jm=-1&tc=0&fs=206701&na=222185251&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.62.25 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-62-25.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.ads.us-west.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 12 Dec 2023 15:53:59 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 15:53:59 GMT
pixel.gif
travel198849194933.s.moatpixel.com/ Frame 94F9 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1015&tet=4836&fi=1&apd=5028&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=newsy.npa-ar.com&L1id=30000487&L2id=50005204&L3id=60023909&L4id=70014672&S1id=googleads.g.doubleclick.net&S2id=160x600&ord=1702396438236&r=15009374249&t=page5&os=1&fi2=1&div1=1&ait=0&zMoatSubdomain=newsy.npa-ar.com&zMoatIMPID=uX11VIB1bYllXuLOkYR2YZUJZ-is258itqRRjQ&bedc=1&nosend&q=6&nu=0&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.50.25 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-50-25.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.ads.us-west.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 15:54:03 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 15:54:03 GMT

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| documentPictureInPicture object| _wpemojiSettings object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| $ function| jQuery object| a4h_js_vars function| calcAdminbarOffset function| jQueryBridget function| EvEmitter object| fizzyUIUtils function| InfiniteScroll function| imagesLoaded function| gtag object| dataLayer object| google_tag_manager number| headerOffset function| onYouTubeIframeAPIReady object| twemoji object| wp object| google_llp object| googlefc boolean| adsbygoogle_ama_fc_has_run object| GoogleGcLKhOms object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| Y2ZkOGQ5ZDk0MmY0YWVmZGxvYWRlcl9qcw== string| Y2ZkOGQ5ZDk0MmY0YWVmZGNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| googletag object| google_image_requests boolean| e240e4e1-01a8-436b-babb-01654c993d78 object| _google_rum_ns_ undefined| google_rum_values

9 Cookies

Domain/Path Name / Value
.npa-ar.com/ Name: _ga_SZQR7EM7CF
Value: GS1.1.1702396436.1.0.1702396436.0.0.0
.npa-ar.com/ Name: _ga
Value: GA1.1.408590160.1702396436
.npa-ar.com/ Name: __gads
Value: ID=cf377ea0e7fa1718:T=1702396436:RT=1702396436:S=ALNI_MaKhzcnJ98g5Lf7jabEON6lVzXhDg
.npa-ar.com/ Name: __gpi
Value: UID=00000da8ccf42120:T=1702396436:RT=1702396436:S=ALNI_MZiZ4s5ThC7ADg2RM8G-g7FWbDwaA
.doubleclick.net/ Name: IDE
Value: AHWqTUmnwAHs7I3Wc34QVjszrpRckvJ7vBCLCYmvqxStHOKsPtslDoee3l8lgCUSdjg
.travelaudience.com/ Name: _tracker
Value: %7B%22pb%22%3A%2290000%22%2C%22UUID%22%3A%22E50A7D5E-E71F-48DD-9B00-B91637BCCB15%22%7D
.googleadservices.com/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: DSID
Value: NO_DATA
.npa-ar.com/ Name: FCNEC
Value: %5B%5B%22AKsRol9b1wBGImYrI2NMAOP5R6kppG7HokP3x41ydacpgdcHORTAf1RS0KDP_mdgK5O_HbsZ92HN7MIunSX7DzQ5QBhjDDcCKyDKDmV09kVODsO4gPX8uhaanxY_woTovOkFfCr8_rzrRBoiIVtyXOkFqMXsj8KBUw%3D%3D%22%5D%5D

2 Console Messages

Source Level URL
Text
violation error URL: https://z.moatads.com/travel198849194933/moatad.js(Line 139)
Message:
Permissions policy violation: accelerometer is not allowed in this document.
javascript warning URL: https://z.moatads.com/travel198849194933/moatad.js(Line 139)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
mb.moatads.com
new.npa-ar.com
news.npa-ar.com
newsy.npa-ar.com
pagead2.googlesyndication.com
px.moatads.com
rtb.ads.us-west.travelaudience.com
static.travelaudience.com
tpc.googlesyndication.com
travel198849194933.s.moatpixel.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.npa-ar.com
z.moatads.com
129.80.52.16
172.253.62.154
184.31.50.25
184.31.62.25
2606:4700:3031::6815:fcd
2606:4700:3036::ac43:a438
2606:4700::6811:180e
2607:f8b0:4004:c06::5e
2607:f8b0:4004:c07::9c
2607:f8b0:4004:c08::5f
2607:f8b0:4004:c09::84
2607:f8b0:4004:c1b::5e
2607:f8b0:4004:c1b::8a
2607:f8b0:4004:c1b::93
2607:f8b0:4004:c1d::8a
2607:f8b0:4004:c1d::9c
2607:f8b0:4004:c1f::61
2607:f8b0:4004:c1f::9c
35.236.111.14
35.244.170.237
0a90312fefe9f75b6b8556c7890d4abe9908d92efdf75af65d1a192d19ecc879
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
100cb93c46eec2a8900166932e5be20504320cb310a5ec5dff75bcad1d34fd55
14ac42c67e9c07d1bad8bea9bab6232b82686aaf15c253a6a85c455ef8a4e1e8
155698f74eefce30a32ab5cb895d6d9426bf6e0237abad5d8ed79fe453d1b246
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
195e8477d09f2cb72a658301e339cc931b55ad134ed59d65f1ad7fea9aa0520e
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
23af37c238db1f35002c67ffb4ed1cab7a208eb1fea456867fa5a397dffa3b3a
25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32226bc104134cd5b411d58d5539cd49e20074a2c1e0ab86ec272d755ed228bb
32dd298ca028d53286d1af7858275a151acfd28e66f94ec55827c7df396b856f
33f60cddb8e95752d5f94d0bfbbd7389cfc1ce6ccdc427337e5b710993db8718
3796a6aa057eb4a0aaa1de935cc95b1250f8eaa4f790e9c5896a60d29b60394b
3b25129aeffb8db31cc9d2e0d64d9093e09e38ac820b31fdb875fa59b944a857
3c13e191e7e8caf6b1ce1bfc91659268705deae4739ece88d794a1cece629718
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
41e96007a2551be8d9bd02d201a85026707da11e15aedd7a1f15617bf84cb397
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
46fca6dc6e672a29d25c9bf87c1402e9ba22990aa214ab0d8c848fdc40862df6
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
588f09c7e08c0be53c10a73b95f9d9547ae71e29f5ebd3c21bd4c567f521b70a
5adac4239779654faa206ed1af2a8623dd1399f1afd8be8b8dcb904342ad7918
5b023b1d27287f33aa24ac8f77d5d5f2ca9688eba142a9656927bbd778894614
5c398332ec8c1b24291b9b25ce82846f8fce6e1b0b6fc16cfa91e7e939341e98
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d791ce5dac426e6f09e019b704a5bb8d7bba3da761c1a54d9c506760682ddc8
60475c955eceb3ae9f485b265cf01faabc87eb86dd122678966d094e54c96a5f
6048295087d54416739bad1466785885c003f8c3c98552454d1b7ed593050d9b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61fccfdc6707e6432998da73d67d285fad858d68d59c9eb2657930772fb2cbd9
627158b0d1c11f836661088237a074abb33ad4b6b595d1d85ed2a287b1d04091
656c13a17ddd671fff5c5b81cbcd04809947a1d7a9dbf900a3c35ebc72e8b193
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b3bc5925e6fbcefa6743b0b72e622d27ed9b6305af87e5a073b50643c1cc352
6f56ce4338e30517753626db01341945a8a5597a939116cef3d8739608cbeb59
7299925e59a4ecd27d6771f377a48fc157df51655cd7d67b5ba13982291e7093
7c9e9d369b235905c32e3ae399f4499cc30e60a1180be631d548ca2f98099ac1
8042c4882acd75919e0e9247fa914b5cd715fd157caa78462c8982989bbd66f6
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8d879f0031373abada18300161553b90ebff283bc26e4b86a84fc95c73c69240
8e77ee76ea58ba3a2a994eb5a48ce35efed6b6ba0f722b0f307ac44136e90ecd
90312014d999a914fe05b30fdfd6d5217343b0b29562395b6e8d1b5c41646b9d
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
941c8872d1d2677e2aeee186087d9e9c9886fcf1067ab9541b4ce5138e5480ae
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
bad191f0a21aa3e894ee65aeca70ff5340dbdef5873e3d17866d3e4132702ae5
bdfb0fa1a29bcca7676f3d39951d6e448c72ad3a9cf6525c6dead05a096db08b
c45a8049f68a94c1f68e2dfbd4822a6f789c2e43e5a959d523c4af75c36f673a
c684c470808aee5c4bc84f7437d1268748cd92106476cdc607dd718ab0d24f78
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfe350c0f72aeed783d9eeff37ca9b36391334324ef62397b6e1bebaf324e530
d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
dbbf4b2657fff7b99e88ee318cec9e2a4e353263296231966469a996c3539c44
de18f83fe5e106b0ff08097632c801d3b2a5744cb2040302314b3ed08d5c0c8e
e24fe6a0070c6d896784d9bd272533a00fe59ad9b460f3cd0775c6182ce7743e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e471fc88236ac46741e935032e11c640578197b1f45f15df0cef16eb78edbef1
e7e82d9e917c569248435f4fc04d5d05b755a84ab795adcf89efe9783091b5f7
eaf5a1eb2566b095439027b0e55e6e54e80440a15902a8b00ccd1ed4274bc8ce
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1d0262922fb2d07d631a1ffd02f42c0a093a2f41ab4d28de0e236fb50907f57
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f63ba96530d176cb3d229a186a5000c30593302b5c93a49c94846748158e6c8b
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f91a1043abf86998d28bdd104007b7d4587a45a737462a1ea97e8149e2581274