cytuk.qrehans.com Open in urlscan Pro
188.114.97.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cytuk.qrehans.com/
Submission: On June 16 via api (June 16th 2024, 5:06:45 pm UTC) from US — Scanned from NL

Summary HTTP 288 Redirects Links 51 Behaviour Indicators

Summary

This website contacted 48 IPs in 7 countries across 28 domains to perform 288 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is cytuk.qrehans.com.
TLS certificate: Issued by WE1 on June 11th 2024. Valid for: 3 months.

This is the only time cytuk.qrehans.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:600... 2a04:4e42:600::347	54113 (FASTLY) (FASTLY)
94	151.101.2.62 151.101.2.62	54113 (FASTLY) (FASTLY)
12	151.101.130.62 151.101.130.62	54113 (FASTLY) (FASTLY)
11	2606:4700::68... 2606:4700::6813:b134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
2	172.64.144.166 172.64.144.166	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	13.224.186.120 13.224.186.120	16509 (AMAZON-02) (AMAZON-02)
1	18.172.112.107 18.172.112.107	16509 (AMAZON-02) (AMAZON-02)
47	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
4	2600:9000:223... 2600:9000:223f:5600:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 4	18.244.18.38 18.244.18.38	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	3.161.77.50 3.161.77.50	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2600:9000:275... 2600:9000:275d:ee00:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.238.243.129 18.238.243.129	16509 (AMAZON-02) (AMAZON-02)
10	35.155.115.241 35.155.115.241	16509 (AMAZON-02) (AMAZON-02)
1	184.30.211.26 184.30.211.26	16625 (AKAMAI-AS) (AKAMAI-AS)
1	184.28.88.244 184.28.88.244	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:6ea0:c70... 2a02:6ea0:c700::22	60068 (CDN77 _) (CDN77 _)
5	178.250.1.8 178.250.1.8	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	18.239.88.34 18.239.88.34	16509 (AMAZON-02) (AMAZON-02)
1	2.19.217.101 2.19.217.101	16625 (AKAMAI-AS) (AKAMAI-AS)
1	199.232.215.52 199.232.215.52	54113 (FASTLY) (FASTLY)
2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:400c:c0b::9a	15169 (GOOGLE) (GOOGLE)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
7	34.149.193.192 34.149.193.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
1	52.17.99.225 52.17.99.225	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::ac43:48f0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2600:1f18:730... 2600:1f18:730:b150:e4d6:9677:b997:f53c	14618 (AMAZON-AES) (AMAZON-AES)
1	35.171.216.113 35.171.216.113	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700:10:... 2606:4700:10::6816:48ae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	52.5.81.134 52.5.81.134	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
10	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
4	151.101.194.62 151.101.194.62	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2600:1f18:1ac... 2600:1f18:1aca:4280:1ba5:6bde:5c8e:bd09	14618 (AMAZON-AES) (AMAZON-AES)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
288	48

1 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

cytuk.qrehans.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::347 (United States)

ASN54113 (FASTLY, US)

polyfill-fastly.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

94 151.101.2.62 (San Francisco, United States)

ASN54113 (FASTLY, US)

cpt-static.gannettdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.gannett-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.usatoday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 151.101.130.62 (San Francisco, United States)

ASN54113 (FASTLY, US)

www.gannett-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.usatoday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
atoms.usatoday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6813:b134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.144.166 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.186.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-120.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.172.112.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-112-107.fra60.r.cloudfront.net

cdn.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 151.101.129.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pm-widget.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
display.bidder.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:223f:5600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.244.18.38 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-38.fra56.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.161.77.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-77-50.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:275d:ee00:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.243.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-243-129.ams58.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 35.155.115.241 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-155-115-241.us-west-2.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.211.26 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-211-26.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.28.88.244 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-28-88-244.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::22 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)

topics.authorizedvault.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.250.1.8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.239.88.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-88-34.ams58.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.217.101 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-217-101.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.215.52 (United States)

ASN54113 (FASTLY, US)

apv-launcher.minute.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.149.193.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.193.149.34.bc.googleusercontent.com

traxex.gannettdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.99.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:48f0 (United States)

ASN13335 (CLOUDFLARENET, US)

snippet.minute.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b150:e4d6:9677:b997:f53c (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.171.216.113 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-216-113.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:48ae (United States)

ASN13335 (CLOUDFLARENET, US)

counter.snackly.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.5.81.134 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-81-134.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

0698c99672e8649c1c16907a6665e5d7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.194.62 (San Francisco, United States)

ASN54113 (FASTLY, US)

hlsmedia.gannett-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f18:1aca:4280:1ba5:6bde:5c8e:bd09 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
97	gannettdigital.com cpt-static.gannettdigital.com — Cisco Umbrella Rank: 42603 traxex.gannettdigital.com — Cisco Umbrella Rank: 14767	644 KB
61	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 885 pm-widget.taboola.com — Cisco Umbrella Rank: 3710 display.bidder.taboola.com — Cisco Umbrella Rank: 3773 trc.taboola.com — Cisco Umbrella Rank: 702 am-trc-events.taboola.com — Cisco Umbrella Rank: 17983 images.taboola.com — Cisco Umbrella Rank: 1559 pips.taboola.com — Cisco Umbrella Rank: 1698 cds.taboola.com — Cisco Umbrella Rank: 1785	866 KB
18	adsafeprotected.com cdn.adsafeprotected.com — Cisco Umbrella Rank: 4998 static.adsafeprotected.com — Cisco Umbrella Rank: 694 pixel.adsafeprotected.com — Cisco Umbrella Rank: 773 dt.adsafeprotected.com — Cisco Umbrella Rank: 684	128 KB
16	gannett-cdn.com www.gannett-cdn.com — Cisco Umbrella Rank: 14144 api.gannett-cdn.com — Cisco Umbrella Rank: 52682 hlsmedia.gannett-cdn.com — Cisco Umbrella Rank: 19880	4 MB
14	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 136 0698c99672e8649c1c16907a6665e5d7.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 172	259 KB
11	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 351 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 733 aax.amazon-adsystem.com — Cisco Umbrella Rank: 494	84 KB
11	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 378	231 KB
7	criteo.com bidder.criteo.com — Cisco Umbrella Rank: 663 gum.criteo.com — Cisco Umbrella Rank: 501	2 KB
7	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235 stats.g.doubleclick.net — Cisco Umbrella Rank: 132 googleads.g.doubleclick.net — Cisco Umbrella Rank: 63	177 KB
4	liadm.com 1 redirects b-code.liadm.com — Cisco Umbrella Rank: 4160 rp.liadm.com — Cisco Umbrella Rank: 1270 rp4.liadm.com — Cisco Umbrella Rank: 5799 i.liadm.com — Cisco Umbrella Rank: 575	38 KB
4	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 188	3 KB
4	usatoday.com user.usatoday.com Failed www.usatoday.com — Cisco Umbrella Rank: 18572 atoms.usatoday.com — Cisco Umbrella Rank: 48230	42 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 68 region1.google-analytics.com — Cisco Umbrella Rank: 2347	21 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 751	31 KB
2	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 538	138 KB
2	snackly.co counter.snackly.co — Cisco Umbrella Rank: 7074	287 B
2	minute.ly apv-launcher.minute.ly — Cisco Umbrella Rank: 5626 snippet.minute.ly — Cisco Umbrella Rank: 9341	40 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 3743 p1.parsely.com — Cisco Umbrella Rank: 2578	21 KB
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 2005	158 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 348	17 KB
1	teads.tv a.teads.tv — Cisco Umbrella Rank: 1746	405 B
1	authorizedvault.com topics.authorizedvault.com — Cisco Umbrella Rank: 8354
1	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 601
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1328	17 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 135	19 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	91 KB
1	polyfill-fastly.io polyfill-fastly.io — Cisco Umbrella Rank: 15608	361 B
1	qrehans.com cytuk.qrehans.com atoms.qrehans.com Failed	43 KB
288	28

	Domain	Requested by
90	cpt-static.gannettdigital.com	cytuk.qrehans.com cpt-static.gannettdigital.com
16	trc.taboola.com	cdn.taboola.com
12	images.taboola.com
12	cdn.taboola.com	cpt-static.gannettdigital.com cdn.taboola.com www.gannett-cdn.com
11	am-trc-events.taboola.com
11	cdn.cookielaw.org	cytuk.qrehans.com cdn.cookielaw.org
10	pagead2.googlesyndication.com	securepubads.g.doubleclick.net imasdk.googleapis.com cytuk.qrehans.com pagead2.googlesyndication.com
10	pixel.adsafeprotected.com	cytuk.qrehans.com cdn.adsafeprotected.com
9	www.gannett-cdn.com	cytuk.qrehans.com cpt-static.gannettdigital.com
7	traxex.gannettdigital.com	cpt-static.gannettdigital.com
7	aax.amazon-adsystem.com	c.amazon-adsystem.com
6	display.bidder.taboola.com	www.gannett-cdn.com
5	bidder.criteo.com	www.gannett-cdn.com
5	securepubads.g.doubleclick.net	cpt-static.gannettdigital.com securepubads.g.doubleclick.net imasdk.googleapis.com
4	hlsmedia.gannett-cdn.com	cpt-static.gannettdigital.com
4	sb.scorecardresearch.com	1 redirects cytuk.qrehans.com
4	static.adsafeprotected.com	cpt-static.gannettdigital.com pixel.adsafeprotected.com cytuk.qrehans.com
3	dt.adsafeprotected.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com cytuk.qrehans.com
3	www.usatoday.com	cpt-static.gannettdigital.com www.usatoday.com www.gannett-cdn.com
3	api.gannett-cdn.com	cpt-static.gannettdigital.com
3	c.amazon-adsystem.com	cpt-static.gannettdigital.com c.amazon-adsystem.com
2	static.criteo.net	www.gannett-cdn.com static.criteo.net
2	imasdk.googleapis.com	cpt-static.gannettdigital.com imasdk.googleapis.com
2	counter.snackly.co	snippet.minute.ly
2	gum.criteo.com	cdn.taboola.com static.criteo.net
2	pm-widget.taboola.com	cdn.taboola.com pm-widget.taboola.com
2	www.google-analytics.com	www.usatoday.com www.google-analytics.com
2	cdn.confiant-integrations.net	cpt-static.gannettdigital.com cdn.confiant-integrations.net
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	s0.2mdn.net	imasdk.googleapis.com
1	0698c99672e8649c1c16907a6665e5d7.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	i.liadm.com	b-code.liadm.com
1	rp4.liadm.com
1	rp.liadm.com	1 redirects
1	snippet.minute.ly	apv-launcher.minute.ly
1	p1.parsely.com	cytuk.qrehans.com
1	region1.google-analytics.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	apv-launcher.minute.ly	cdn.taboola.com
1	a.teads.tv	www.gannett-cdn.com
1	topics.authorizedvault.com	www.gannett-cdn.com
1	ads.pubmatic.com	www.gannett-cdn.com
1	secure.cdn.fastclick.net	cytuk.qrehans.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	b-code.liadm.com	www.usatoday.com
1	www.googleadservices.com	www.usatoday.com
1	cdn.parsely.com	www.usatoday.com
1	www.googletagmanager.com	www.usatoday.com
1	atoms.usatoday.com	cpt-static.gannettdigital.com
1	cdn.adsafeprotected.com	cpt-static.gannettdigital.com
1	polyfill-fastly.io	cytuk.qrehans.com
1	cytuk.qrehans.com
0	atoms.qrehans.com Failed	atoms.usatoday.com
0	user.usatoday.com Failed	cpt-static.gannettdigital.com
288	57

This site contains links to these domains. Also see Links.

Domain
holidaymarketplace.usatoday.com
www.usatoday.com
www.facebook.com
twitter.com
help.usatoday.com
cm.usatoday.com
www.gannett.com
www.twitter.com
go.snapchat.com
www.instagram.com
www.linkedin.com
www.pinterest.com
www.onetrust.com
popup.taboola.com
www.verisure.nl
track.constant-track.com
www.alarmsysteem-samenstellen.nl

Subject Issuer	Validity	Valid
qrehans.com WE1	`2024-06-11` - `2024-09-09`	3 months	crt.sh
polyfill-fastly.net Certainly Intermediate R1	`2024-06-02` - `2024-07-02`	a month	crt.sh
usatoday.com R3	`2024-05-28` - `2024-08-26`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
*.g.doubleclick.net WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
confiant-integrations.net GTS CA 1P5	`2024-05-14` - `2024-08-12`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
*.adsafeprotected.com Amazon RSA 2048 M03	`2024-04-21` - `2025-05-19`	a year	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2024-04-25` - `2025-05-24`	a year	crt.sh
*.google-analytics.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.parsely.com Amazon RSA 2048 M03	`2024-04-05` - `2025-05-04`	a year	crt.sh
*.googleadservices.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.liadm.com Amazon RSA 2048 M03	`2023-12-02` - `2024-12-29`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2024-02-28` - `2025-03-29`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2023-10-03` - `2024-10-03`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-26` - `2024-11-26`	a year	crt.sh
1657490710.rsc.cdn77.org E5	`2024-06-11` - `2024-09-09`	3 months	crt.sh
*.bidder.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-12` - `2024-12-12`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-04-15` - `2024-07-10`	3 months	crt.sh
alt1-3ps.amazon-adsystem.com Amazon RSA 2048 M03	`2024-03-29` - `2025-04-28`	a year	crt.sh
teads.tv R10	`2024-06-11` - `2024-09-09`	3 months	crt.sh
*.minute.ly R3	`2024-05-17` - `2024-08-15`	3 months	crt.sh
*.gannettdigital.com R3	`2024-06-05` - `2024-09-03`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh
minute.ly E1	`2024-05-30` - `2024-08-28`	3 months	crt.sh
snackly.co E1	`2024-05-27` - `2024-08-25`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
gannettinnovation.com R3	`2024-05-30` - `2024-08-28`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.doubleclick.net WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-04-25` - `2024-07-19`	3 months	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M03	`2024-04-25` - `2025-05-23`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://cytuk.qrehans.com/
Frame ID: DFA000D2688FA1AAC4A6A8DE0AA4B5FB
Requests: 331 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Frame ID: 0B7842DD2D7F5BEE6FDF64AB7105821A
Requests: 1 HTTP requests in this frame

Frame: https://topics.authorizedvault.com/topicsapi.html?bidder=rtbhouse
Frame ID: 6AD4B1EF9FFCD21915AA3B36FBD705EB
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Frame ID: 11657C7CF6773F486AF12FABED54DFAA
Requests: 1 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-01aa?duid=f1ebb61b416b--01j0h07qzyzssf3cfaja1f97er&euns=0&s=&gpp_s=DBABBg~BUoAAAKA.QA&gpp_as=8&version=v2.14.3&cd=.qrehans.com
Frame ID: E67BD116542AD4A8F8ED1D7B1A568FFE
Requests: 1 HTTP requests in this frame

Frame: https://0698c99672e8649c1c16907a6665e5d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 634CCCC4B921532EE9487AC1CF619A1A
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.646.1_en.html
Frame ID: 53EDF9CD91C1B80BCD87079D36187404
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: DA9E77D612B39C95EEDFF2D3FFDF2739
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 01D6591DE0D03BFEC387235D13AB8753
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstW8l8VvUWe9CMr7ADz8WzPlaFRwo7ZRXXsM9TRWluLNp2OlUWkAaA-Rz9rD_dBJk_Db4_dnnGn_dapH4mpvveRqGZ4N39O-jXSol_qCYaDvQsm22YSgN3YXeQjsjn7-9lnTVsGp_ZVW_xoQmwg7GlqvWh96Bmb445ez28JKJzN-JGAw83PcpS9ML0uC2lQopeE3YqLrD4XlW9vqyTK6Meal3f_y53m5St4cGZDMrgemnjSADkjSM6ji74YYBZynMi6BBQRY8SkyhFUvXybfCMjP1JWkGv9ulQjtr8SA0xSdBXghdFK5Wd8m6h9qawd5Ol5C3Lpd9JWEvbXi13YCeDWnZpMek8h77bH2rfbQluBC90h4JubQlsQRAP6ckHcnNyH9gol0HYDgeHJ-qkPkm1IzV2k9gdvXVdW&sig=Cg0ArKJSzEAP30PECc0fEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: A501A585C6236C26499E729DAB0193B9
Requests: 9 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=922805&campId=300x250&pubId=13220208&chanId=21828218001&placementId=6696889610&pubCreative=138469914919&pubOrder=3532696752&cb=953615724&adsafe_par&impId=caff72f5-2c02-11ef-b54c-0a6d20ac7927&custom2=direct&custom3=story
Frame ID: FD70E862869853653FFE2F3F31DEDBF0
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.4.js
Frame ID: 41CC1EAC91923924C54708E862A47A55
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=cytuk.qrehans.com&gpp=DBABBg~BUoAAAKA.QA&gpp_sid=8
Frame ID: 3BB4A5F3BBC338D067E4633016BFA0FB
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/scripts/prebid_iframe_sync.html?gpp=%5Bobject%20Object%5D
Frame ID: 812081B4DA94370D5BF50523D867CD4B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Healthy eating: How to eat healthy for a healthy weight and lifestyle

Detected technologies

Prototype (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Page Statistics

288
Requests

95 %
HTTPS

40 %
IPv6

28
Domains

57
Subdomains

48
IPs

7
Countries

7432 kB
Transfer

14946 kB
Size

34
Cookies

51 Outgoing links

These are links going to different origins than the main page.

URL: https://holidaymarketplace.usatoday.com/
Title: Holidays

Search URL Search Domain Scan URL

URL: https://www.usatoday.com/comics/
Title: Comics

Search URL Search Domain Scan URL

URL: https://www.usatoday.com/life/womankind/
Title: Womankind

Search URL Search Domain Scan URL

URL: https://www.usatoday.com/staff/11795921002/daryl-austin/
Title: Daryl Austin

Search URL Search Domain Scan URL

URL: https://www.usatoday.com/story/life/2023/04/23/what-is-healthiest-oil-cooking/11668161002/
Title: healthy eating

Search URL Search Domain Scan URL

URL: https://www.usatoday.com/story/life/2023/04/09/what-is-the-healthiest-rice/11615353002/
Title: one's first healthy eating goal

Search URL Search Domain Scan URL

URL: https://www.usatoday.com/story/life/food-dining/2023/01/20/what-is-the-healthiest-low-calorie-cheese/10441811002/
Title: healthy foods you also enjoy,

Search URL Search Domain Scan URL

URL: https://www.usatoday.com/story/life/2023/03/19/what-is-the-healthiest-vegetable/11367488002/
Title: Use veggies as a snack

Search URL Search Domain Scan URL

URL: https://www.usatoday.com/story/life/2023/03/12/what-is-the-healthiest-fruit/11383241002/
Title: fruit

Search URL Search Domain Scan URL

URL: https://www.usatoday.com/story/life/health-wellness/2023/04/26/how-much-protein-egg-yolks-whites-and-weight-loss-benefits/11727501002/
Title: protein

Search URL Search Domain Scan URL

URL: https://www.usatoday.com/story/life/food-dining/2023/09/03/what-are-the-healthiest-fats/70652341007/
Title: fat

Search URL Search Domain Scan URL

URL: https://www.usatoday.com/story/news/health/2023/01/21/diets-weight-loss-smart-eating/11070290002/
Title: effect of a fad diet

Search URL Search Domain Scan URL

URL: https://www.usatoday.com/story/life/2023/04/02/what-is-the-healthiest-nut/11392199002/
Title: nuts

Search URL Search Domain Scan URL

URL: https://www.usatoday.com/story/life/food-dining/2024/01/07/healthiest-way-to-eat-eggs/72000310007/
Title: eggs

Search URL Search Domain Scan URL

URL: https://www.usatoday.com/story/news/nation-now/2017/06/16/coconut-oil-isnt-healthy-its-never-been-healthy/402719001/
Title: coconut oils

Search URL Search Domain Scan URL

URL: https://www.usatoday.com/story/life/food-dining/2023/03/26/what-is-the-healthiest-fast-food/11467771002/
Title: fast-food places.

Search URL Search Domain Scan URL

URL: https://www.usatoday.com/story/life/health-wellness/2023/08/18/is-sea-salt-good-for-you-which-salt-is-the-healthiest/70449886007/
Title: sodium

Search URL Search Domain Scan URL

URL: https://www.usatoday.com/story/life/food-dining/2023/09/03/what-are-the-healthiest-fats/70652341007/#:~:text=According%20to%20the%20Dietary%20Guidelines,stroke%20and%20type%202%20diabetes.
Title: healthy fats

Search URL Search Domain Scan URL

URL: https://www.usatoday.com/story/life/food-dining/2023/07/02/what-is-the-healthiest-meat/70350561007/
Title: meat

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/feed?app_id=215046668549694&redirect_uri=https://cytuk.qrehans.com/&link=https://www.usatoday.com/story/life/health-wellness/2023/04/28/how-eat-healthy-tips-healthiest-foods-and-unhealthy-ones-avoid/11758541002/&name=Tips%20for%20healthy%20eating%3A%20Experts%20say%20take%20baby%20steps%2C%20keep%20recipes%20simple
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Tips%20for%20healthy%20eating%3A%20Experts%20say%20take%20baby%20steps%2C%20keep%20recipes%20simple%20https://www.usatoday.com/story/life/health-wellness/2023/04/28/how-eat-healthy-tips-healthiest-foods-and-unhealthy-ones-avoid/11758541002/%20via%20@usatoday
Title: Twitter

Search URL Search Domain Scan URL

URL: https://help.usatoday.com/
Title: Help

Search URL Search Domain Scan URL

URL: https://cm.usatoday.com/terms/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://cm.usatoday.com/about-your-subscription/
Title: Subscription Terms & Conditions

Search URL Search Domain Scan URL

URL: https://cm.usatoday.com/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.usatoday.com/sitemap/
Title: Site Map

Search URL Search Domain Scan URL

URL: http://cm.usatoday.com/accessibility/
Title: Accessibility

Search URL Search Domain Scan URL

URL: http://cm.usatoday.com/ethical-conduct/
Title: Our Ethical Principles

Search URL Search Domain Scan URL

URL: https://www.gannett.com/responsible-disclosure-program/
Title: Responsible Disclosure

Search URL Search Domain Scan URL

URL: http://cm.usatoday.com/your-privacy-choices/
Title: Your Privacy Choices

Search URL Search Domain Scan URL

URL: https://www.facebook.com/usatoday

Search URL Search Domain Scan URL

URL: https://www.twitter.com/usatoday

Search URL Search Domain Scan URL

URL: https://go.snapchat.com/add/usatoday

Search URL Search Domain Scan URL

URL: https://www.instagram.com/usatoday

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/company/usa-today

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/usatoday/

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/

Search URL Search Domain Scan URL

URL: https://www.usatoday.com/videos/news/politics/2024/06/14/white-house-bashes-claims-joe-biden-lost-g7-event/74098603007/

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=usatodaydemo&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://www.verisure.nl/lp/calculator-nl/
Title: Verisure®

Search URL Search Domain Scan URL

URL: https://www.usatoday.com/videos/sports/boxing/2024/06/12/highlights-from-tank-davis-vs-frank-martin-presser/74078198007/

Search URL Search Domain Scan URL

URL: https://www.usatoday.com/story/entertainment/celebrities/2024/06/02/rupert-murdoch-wedding-married-elena-zhukova/73948520007/

Search URL Search Domain Scan URL

URL: https://www.usatoday.com/story/news/politics/2024/06/11/hunter-biden-prosecution-jury-waste-of-taxpayer-dollars/74064113007/

Search URL Search Domain Scan URL

URL: https://www.usatoday.com/videos/sports/2024/06/12/rory-mcilroy-divorce-called-off-couple-resolve-differences-golf/74067627007/

Search URL Search Domain Scan URL

URL: https://www.usatoday.com/story/news/nation/2024/06/15/southern-baptists-votes-on-women-in-vitro-fertilization-at-meeting/74108180007/

Search URL Search Domain Scan URL

URL: https://track.constant-track.com/a72cb867-6449-4241-9db9-226843f85afa
Title: trapliften | Zoek Advertenties

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=usatodaydemo&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%205:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://www.alarmsysteem-samenstellen.nl/test-een-alarmsysteem/
Title: Alarmsysteem Samenstellen®

Search URL Search Domain Scan URL

URL: https://www.usatoday.com/videos/money/2024/05/28/5-purchases-you-should-never-put-on-your-credit-card/73190964007/

Search URL Search Domain Scan URL

URL: https://www.usatoday.com/story/sports/golf/2024/06/11/rory-mcilroy-calls-off-divorce-wife-erica-stoll/74065152007/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://sb.scorecardresearch.com/cs/6035223/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 176

https://rp.liadm.com/j?dtstmp=1718557597821&aid=a-01aa&se=e30&duid=f1ebb61b416b--01j0h07qzyzssf3cfaja1f97er&tv=v2.14.3&pu=https%3A%2F%2Fcytuk.qrehans.com%2F&wpn=lc-bundle&gpp_s=DBABBg~BUoAAAKA.QA&gpp_as=8&cd=.qrehans.com&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9Ik1hbnkgcGVvcGxlIHdvbmRlciBob3cgdG8gZWF0IGhlYWx0aHkuIEV4cGVydHMgb2ZmZXIgdGlwcyBhbmQgb3V0bGluZSB0aGUgaGVhbHRoaWVzdCBmb29kcywgdW5oZWFsdGhpZXN0IGZvb2RzIGFuZCBob3cgdG8gZ2V0IHN0YXJ0ZWQuIj48dGl0bGU-SGVhbHRoeSBlYXRpbmc6IEhvdyB0byBlYXQgaGVhbHRoeSBmb3IgYSBoZWFsdGh5IHdlaWdodCBhbmQgbGlmZXN0eWxlPC90aXRsZT48bGluayByZWw9ImNhbm9uaWNhbCIgaHJlZj0iaHR0cHM6Ly93d3cudXNhdG9kYXkuY29tL3N0b3J5L2xpZmUvaGVhbHRoLXdlbGxuZXNzLzIwMjMvMDQvMjgvaG93LWVhdC1oZWFsdGh5LXRpcHMtaGVhbHRoaWVzdC1mb29kcy1hbmQtdW5oZWFsdGh5LW9uZXMtYXZvaWQvMTE3NTg1NDEwMDIvIj48aDEgY2xhc3M9ImRpc3BsYXktMiIgc3R5bGU9ImZvbnQtc2l6ZToxOHB4O2xpbmUtaGVpZ2h0OjIxcHgiPlRpcHMgZm9yIGhlYWx0aHkgZWF0aW5nOiBFeHBlcnRzIHNheSB0YWtlIGJhYnkgc3RlcHMsIGtlZXAgcmVjaXBlcyBzaW1wbGU8L2gxPjx0aXRsZT5CYWNrIEJ1dHRvbjwvdGl0bGU-PHRpdGxlPlNlYXJjaCBJY29uPC90aXRsZT48dGl0bGU-RmlsdGVyIEljb248L3RpdGxlPg HTTP 302
https://rp4.liadm.com/j?se=e30&duid=f1ebb61b416b--01j0h07qzyzssf3cfaja1f97er&aid=a-01aa&cd=.qrehans.com&dtstmp=1718557597821&tv=v2.14.3&wpn=lc-bundle&gpp_as=8&i6=MmEwMDoxNjMwOjI6MWMwMjo6Mw%3D%3D&n3pc=true&gpp_s=DBABBg~BUoAAAKA.QA&pu=https%3A%2F%2Fcytuk.qrehans.com%2F&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9Ik1hbnkgcGVvcGxlIHdvbmRlciBob3cgdG8gZWF0IGhlYWx0aHkuIEV4cGVydHMgb2ZmZXIgdGlwcyBhbmQgb3V0bGluZSB0aGUgaGVhbHRoaWVzdCBmb29kcywgdW5oZWFsdGhpZXN0IGZvb2RzIGFuZCBob3cgdG8gZ2V0IHN0YXJ0ZWQuIj48dGl0bGU-SGVhbHRoeSBlYXRpbmc6IEhvdyB0byBlYXQgaGVhbHRoeSBmb3IgYSBoZWFsdGh5IHdlaWdodCBhbmQgbGlmZXN0eWxlPC90aXRsZT48bGluayByZWw9ImNhbm9uaWNhbCIgaHJlZj0iaHR0cHM6Ly93d3cudXNhdG9kYXkuY29tL3N0b3J5L2xpZmUvaGVhbHRoLXdlbGxuZXNzLzIwMjMvMDQvMjgvaG93LWVhdC1oZWFsdGh5LXRpcHMtaGVhbHRoaWVzdC1mb29kcy1hbmQtdW5oZWFsdGh5LW9uZXMtYXZvaWQvMTE3NTg1NDEwMDIvIj48aDEgY2xhc3M9ImRpc3BsYXktMiIgc3R5bGU9ImZvbnQtc2l6ZToxOHB4O2xpbmUtaGVpZ2h0OjIxcHgiPlRpcHMgZm9yIGhlYWx0aHkgZWF0aW5nOiBFeHBlcnRzIHNheSB0YWtlIGJhYnkgc3RlcHMsIGtlZXAgcmVjaXBlcyBzaW1wbGU8L2gxPjx0aXRsZT5CYWNrIEJ1dHRvbjwvdGl0bGU-PHRpdGxlPlNlYXJjaCBJY29uPC90aXRsZT48dGl0bGU-RmlsdGVyIEljb248L3RpdGxlPg

288 HTTP transactions
65 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
cytuk.qrehans.com/ 159 KB
43 KB 279ms
217ms Document
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cytuk.qrehans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

107b436a586593db2da55491059067936714125a9c8289969db71402fcf58af4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 1101954
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 894c6430df910e32-AMS
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Sun, 16 Jun 2024 17:06:36 GMT
gannett-debug-path: region: west ---> region: east
gannett-debug-path-full: restarts: 0 ttl: 2551315.000 shield: false server: cache-ams21059-AMS path: region: west >>>> restarts: 0 ttl: 2592000.000 shield: true server: cache-fra-etou8220079-FRA path: region: west ---> region: east
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZI268LxPBDQRVMqY%2Fve8Y5sOAjILoJ0uOFNevQu1dIqBE%2BWTQPYNbqCvApJpL%2BJGZc0hfC5rTe4p8ycXv3TKVfWu95P1UmWv9uv4WHqAEOL9bI5owpIrraiffJWuUsl%2BikOi%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=600
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 8, 0
x-robots-tag: noindex, nofollow
x-served-by: cache-fra-eddf8230141-FRA, cache-ams21034-AMS
x-timer: S1718557596.490769,VS0,VE1

GET
H2 200 polyfill.min.js Show response
polyfill-fastly.io/v2/ 103 B
361 B 72ms
23ms Script
text/javascript 2a04:4e42:600::347
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://polyfill-fastly.io/v2/polyfill.min.js?features=default,fetch,Array.prototype.find,IntersectionObserver,IntersectionObserverEntry,Intl,Intl.~locale.en-US
Requested by: Host: cytuk.qrehans.com
URL: https://cytuk.qrehans.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 126c5f0c8c4cd0135b5e9ffb1c113a6f229de3f89bce9e099b3c85bea641bd7c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:36 GMT
content-encoding: br
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges: none
x-served-by: cache-bru1480053-BRU

GET
H2 200 gallium.js Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/ 12 KB
4 KB 249ms
164ms Script
application/javascript 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/gallium.js

Requested by

Host: cytuk.qrehans.com
URL: https://cytuk.qrehans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c78bc090b97cab3c5ec5d6700f4eeed3d08abeb910b3f057384d9c9e555a9f5f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Origin: https://cytuk.qrehans.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:36 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 3563
x-served-by: cache-iad-kiad7000151-IAD, cache-iad-kiad7000151-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.614554,VS0,VE146
etag: "18a3a49e19ff58eeb17f8ed9a33f1d54"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 custom-elements-es5-adapter.js Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/ 938 B
1 KB 218ms
134ms Script
application/javascript 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/custom-elements-es5-adapter.js

Requested by

Host: cytuk.qrehans.com
URL: https://cytuk.qrehans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ff4460fccd65e471cf1af46da8c20b5d14e88cce41a1199cf6932dcc0faf6354

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:36 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 493
x-served-by: cache-iad-kcgs7200154-IAD, cache-iad-kcgs7200021-IAD, cache-bru1480072-BRU
server: AmazonS3
x-timer: S1718557597.614398,VS0,VE116
etag: "8af5f1900788253d8384715a01425ab7"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 story.js Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/core/bundles/ 473 KB
113 KB 249ms
165ms Script
application/javascript 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/bundles/story.js

Requested by

Host: cytuk.qrehans.com
URL: https://cytuk.qrehans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

84635bb1a39f7457cda6c6fcea210710172839676a6d9abbd4716ac8ed9f886b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Origin: https://cytuk.qrehans.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:36 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 115000
x-served-by: cache-iad-kcgs7200125-IAD, cache-iad-kcgs7200119-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.614384,VS0,VE148
etag: "7273b608682a5df56f36570c2f3749aa"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 8029093b-3ed7-43bf-be9d-153c9ecf1b9b-VPC_PBJ_NUTRITION_DESK_THUMB.jpg
www.gannett-cdn.com/presto/2021/10/22/USAT/ 85 KB
86 KB 265ms
186ms Image
image/webp 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gannett-cdn.com/presto/2021/10/22/USAT/8029093b-3ed7-43bf-be9d-153c9ecf1b9b-VPC_PBJ_NUTRITION_DESK_THUMB.jpg

Requested by

Host: cytuk.qrehans.com
URL: https://cytuk.qrehans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9c746eebbd1f5dc683fe46da064c013b83da7821ec65cd410f094bec6ec1c2ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
fastly-io-served-by: img28-us-east1
age: 1932483
x-cache: MISS, HIT, MISS
fastly-stats: io=1
content-length: 87142
etag: "qTfT8D/tCChYvFBZmuS0n/eaYmL0uMcCq15DH8H9/jM"
vary: Accept
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-checksum-crc32c: uighmA==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 25, 0

GET
H2 200 icon-play-alt-white.svg
www.gannett-cdn.com/appservices/universal-web/universal/icons/ 943 B
1 KB 98ms
18ms Image
image/svg+xml 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gannett-cdn.com/appservices/universal-web/universal/icons/icon-play-alt-white.svg

Requested by

Host: cytuk.qrehans.com
URL: https://cytuk.qrehans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

de90e56c63d2b963ccc54a00aba3ce82287605c37544a2a43b5a5f2fea65570c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-meta-goog-reserved-posix-uid: 1001
content-encoding: gzip
date: Sun, 16 Jun 2024 17:06:36 GMT
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 984375
x-amz-meta-goog-reserved-file-mtime: 1491597132
content-security-policy: upgrade-insecure-requests
x-cache: MISS, HIT, HIT
content-length: 418
last-modified: Thu, 22 Jun 2017 14:22:15 GMT
x-amz-meta-goog-reserved-posix-mode: 775
etag: "e944048e514f4aba0994b98cff33e012"
x-amz-meta-goog-reserved-posix-gid: 1003
vary: Accept-Encoding
x-amz-meta-goog-reserved-file-atime: 1498140858
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
cache-control: max-age=2592000
x-amz-checksum-crc32c: BLfURQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 12589, 41

GET
H2 200 icon-instagram_24.png
www.gannett-cdn.com/appservices/universal-web/universal/icons/ 1 KB
1 KB 18ms
18ms Image
image/webp 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gannett-cdn.com/appservices/universal-web/universal/icons/icon-instagram_24.png

Requested by

Host: cytuk.qrehans.com
URL: https://cytuk.qrehans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3ee14ab9c91eaa98c77adab568df55da8db6fe9aa701e9a869506c3732cea15e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-meta-goog-reserved-posix-uid: 1001
date: Sun, 16 Jun 2024 17:06:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 1739021
x-amz-meta-goog-reserved-file-mtime: 1488574391
x-cache: HIT, HIT
fastly-stats: io=1
content-length: 1282
x-amz-meta-goog-reserved-posix-mode: 775
etag: "uSuq4OktWUBuZ6Ky1xqRyjuZ7aQok8p96UxbhlJIBu8"
x-amz-meta-goog-reserved-file-atime: 1498140858
vary: Accept
x-amz-meta-goog-reserved-posix-gid: 1003
content-type: image/webp
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
cache-control: max-age=2592000
x-amz-checksum-crc32c: v7Zl2A==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 11947, 63

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 66ms
29ms Script
application/javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: cytuk.qrehans.com
URL: https://cytuk.qrehans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5be2dfa172d505acb197760b55c4731347cc239a7a046013c251948bb8214dbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 16 Jun 2024 17:06:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: OKrCs7nhvutcs03VCUskmw==
age: 5527
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6841
x-ms-lease-status: unlocked
last-modified: Thu, 13 Jun 2024 02:35:30 GMT
server: cloudflare
etag: 0x8DC8B517E123FAA
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ae3a10ff-301e-004b-7bac-bda210000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 894c64328dc91c94-AMS

GET
H2 200 webcomponents-loader.js Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/ 4 KB
2 KB 140ms
140ms Script
application/javascript 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-loader.js

Requested by

Host: cytuk.qrehans.com
URL: https://cytuk.qrehans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7f3ed53279a8da1ed394cec205e6bcfefa5b5a97509dba76d139f0991c22fca5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:36 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 1524
x-served-by: cache-iad-kjyo7100134-IAD, cache-iad-kjyo7100141-IAD, cache-bru1480072-BRU
server: AmazonS3
x-timer: S1718557597.751408,VS0,VE123
etag: "596ad3dc06dfb78ecdc6bcee1d653f04"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 5eaec3d6-175d-498f-a6a7-ec66eb9b9673.json Show response
cdn.cookielaw.org/consent/5eaec3d6-175d-498f-a6a7-ec66eb9b9673/ 6 KB
3 KB 106ms
71ms XHR
application/x-javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/5eaec3d6-175d-498f-a6a7-ec66eb9b9673/5eaec3d6-175d-498f-a6a7-ec66eb9b9673.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

508c24848739b8219fd947eecabf6b5a388049479593890c5f5d9d0aae0f2bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 16 Jun 2024 17:06:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-md5: URqOoNWxUMQhX8WMuf4ZIw==
content-length: 2021
x-ms-lease-status: unlocked
last-modified: Fri, 16 Feb 2024 20:07:30 GMT
server: cloudflare
etag: 0x8DC2F2AE79EA99D
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 57ca6f03-101e-0031-750f-c0c85d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 894c64330a6166b2-AMS
expires: Mon, 17 Jun 2024 17:06:36 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202401.2.0/ 430 KB
105 KB 34ms
33ms Script
application/javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202401.2.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6972c49e66fe3c5026a1a1e26a06c49995cec36fc522cb56461f5cf0b2b2978

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 16 Jun 2024 17:06:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ekgyiOgvSPjNzcyXVUS11Q==
age: 83102
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 106739
x-ms-lease-status: unlocked
last-modified: Thu, 07 Mar 2024 11:26:28 GMT
server: cloudflare
etag: 0x8DC3E996ED117D9
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e31c6377-501e-009b-7f34-71f886000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 894c6433bf4e1c94-AMS

GET
H2 200 logo-default.svg
www.gannett-cdn.com/gannett-web/properties/usatoday/logos-and-branding/ 2 KB
1 KB 19ms
19ms Image
image/svg+xml 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gannett-cdn.com/gannett-web/properties/usatoday/logos-and-branding/logo-default.svg

Requested by

Host: cytuk.qrehans.com
URL: https://cytuk.qrehans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4993695f92f4e4c324f9540baa0478cb2fec43cbd86992974d33c2c4289066ec

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:36 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
content-security-policy: upgrade-insecure-requests
age: 1735768
x-amz-meta-goog-reserved-file-mtime: 1521817516
x-cache: MISS, HIT, HIT
content-length: 1052
last-modified: Mon, 18 Feb 2019 22:02:27 GMT
etag: "ae2c69e9cec8f8415c0ff2ab8a30c595"
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-checksum-crc32c: NfvTuA==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 20570, 14

GET
H2 200 logo-life.svg
www.gannett-cdn.com/gannett-web/properties/usatoday/logos-and-branding/ 3 KB
1 KB 20ms
20ms Image
image/svg+xml 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gannett-cdn.com/gannett-web/properties/usatoday/logos-and-branding/logo-life.svg

Requested by

Host: cytuk.qrehans.com
URL: https://cytuk.qrehans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d5cfeb60d30441933afb2549dec0cce68fd3a24e26401d54013358a0fa1a158a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:36 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
content-security-policy: upgrade-insecure-requests
age: 2194671
x-amz-meta-goog-reserved-file-mtime: 1521817516
x-cache: MISS, HIT, HIT
content-length: 1156
last-modified: Mon, 18 Feb 2019 22:02:27 GMT
etag: "1138ecef98b2accdaf84fc5d150eda28"
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-checksum-crc32c: DS+qFQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 2431, 2

GET
H2 200 UnifySans_W_SBd.woff2
cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/universal/fonts/ 17 KB
18 KB 137ms
132ms Font
binary/octet-stream 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/universal/fonts/UnifySans_W_SBd.woff2

Requested by

Host: cytuk.qrehans.com
URL: https://cytuk.qrehans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a1780064eef819131bf6edccdc1d109d19f7be03b5aad25894b38b10bb07f66a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Origin: https://cytuk.qrehans.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:36 GMT
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 17876
x-served-by: cache-iad-kjyo7100022-IAD, cache-iad-kjyo7100097-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.769361,VS0,VE118
etag: "eec61fc37ea7dff16e6503e33ab66949"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 UnifySans_W_Rg.woff2
cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/universal/fonts/ 16 KB
17 KB 141ms
137ms Font
binary/octet-stream 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/universal/fonts/UnifySans_W_Rg.woff2

Requested by

Host: cytuk.qrehans.com
URL: https://cytuk.qrehans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

02bcac28f87dfcd0ec146c6d085d38ce01f412dcdbd194127f5d5667808125f9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Origin: https://cytuk.qrehans.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:36 GMT
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 16620
x-served-by: cache-iad-kcgs7200089-IAD, cache-iad-kcgs7200032-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.769759,VS0,VE121
etag: "3813aba0274244941c060a0cba29c5a2"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 UnifySans_W_Bd.woff2
cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/universal/fonts/ 18 KB
18 KB 143ms
139ms Font
binary/octet-stream 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/universal/fonts/UnifySans_W_Bd.woff2

Requested by

Host: cytuk.qrehans.com
URL: https://cytuk.qrehans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bd3371cdc79f60cdd3b435f3b8dd3de44e37cb3636e6e193235b87386624652a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Origin: https://cytuk.qrehans.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:36 GMT
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 17984
x-served-by: cache-iad-kjyo7100118-IAD, cache-iad-kcgs7200030-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.769605,VS0,VE122
etag: "79f7fee52a3077ef23d7fb327d25836a"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 UnifySerif_W_Rg.woff2
cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/universal/fonts/ 20 KB
20 KB 138ms
133ms Font
binary/octet-stream 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/universal/fonts/UnifySerif_W_Rg.woff2

Requested by

Host: cytuk.qrehans.com
URL: https://cytuk.qrehans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a960c7b4dd3b532e4c31e866e1236bed2ab577a91ed4d2bd255feb0d18631572

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Origin: https://cytuk.qrehans.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:36 GMT
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 20664
x-served-by: cache-iad-kjyo7100038-IAD, cache-iad-kjyo7100171-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.773378,VS0,VE115
etag: "b7f3cbc37e81dca80a0ddc3a6da81245"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 UnifySerif_W_SBd.woff2
cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/universal/fonts/ 20 KB
20 KB 166ms
161ms Font
binary/octet-stream 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/universal/fonts/UnifySerif_W_SBd.woff2

Requested by

Host: cytuk.qrehans.com
URL: https://cytuk.qrehans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a894750a0d7f13755770ebda4cd08d29327207a2a3ff714525cbf6627009590b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Origin: https://cytuk.qrehans.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:36 GMT
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 20764
x-served-by: cache-iad-kjyo7100049-IAD, cache-iad-kjyo7100073-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.773366,VS0,VE143
etag: "1f36047001b5ac137b1c3e3c25f53b79"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 partner.js Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/ 76 KB
18 KB 182ms
180ms Script
application/javascript 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/partner.js

Requested by

Host: cytuk.qrehans.com
URL: https://cytuk.qrehans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c886b882ceb4e5bbdba54ec96c459c371a659df92f49074172c9bc57f43b3f76

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/gallium.js
Origin: https://cytuk.qrehans.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:36 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 17355
x-served-by: cache-iad-kcgs7200076-IAD, cache-iad-kcgs7200076-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.786756,VS0,VE162
etag: "6731907bad67eadba3f01aba1c7bbd48"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 utils.js Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/ 18 KB
5 KB 135ms
133ms Script
application/javascript 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/utils.js

Requested by

Host: cytuk.qrehans.com
URL: https://cytuk.qrehans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

de312c4f4483ba2587917528e7218274b0363fc71a4212467cf41ea5c8a8c286

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/gallium.js
Origin: https://cytuk.qrehans.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:36 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 5243
x-served-by: cache-iad-kiad7000105-IAD, cache-iad-kiad7000105-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.786736,VS0,VE115
etag: "0be000b2f7828214d650aa2c76732676"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/5eaec3d6-175d-498f-a6a7-ec66eb9b9673/f6ec091c-dce2-48d9-8c28-70cb316e2fc2/ 151 KB
28 KB 68ms
67ms Fetch
application/x-javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/5eaec3d6-175d-498f-a6a7-ec66eb9b9673/f6ec091c-dce2-48d9-8c28-70cb316e2fc2/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a464066e4d7f19defe2fdec4add2db9276892a8a9679f2a08893c7db36bf4226

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 16 Jun 2024 17:06:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-md5: JSaZPLNBD/h8520h3c6wKA==
content-length: 28093
x-ms-lease-status: unlocked
last-modified: Fri, 16 Feb 2024 20:07:55 GMT
server: cloudflare
etag: 0x8DC2F2AF70E21F7
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 53ff1bb7-f01e-005d-170f-c0638e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 894c64340b9466b2-AMS
expires: Mon, 17 Jun 2024 17:06:36 GMT

GET
H2 200 otGPP.js Show response
cdn.cookielaw.org/scripttemplates/202401.2.0/ 81 KB
17 KB 36ms
36ms Script
application/javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202401.2.0/otGPP.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8126da8bb4af8f970a2acb8640a3c3d7a38bafc2dcbc41fde93fd55473a5de66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 16 Jun 2024 17:06:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: zMjDHhMNQgqbyypFtxjSzA==
age: 81104
x-ms-lease-status: unlocked
last-modified: Thu, 07 Mar 2024 11:26:33 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 4c766601-f01e-0076-2437-71b3cb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 894c643478751c94-AMS

GET
H2 200 webcomponents-hi.js Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/ 11 KB
4 KB 140ms
140ms Script
application/javascript 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5f65a0f11dfb663a620dde743cab6c8434307b9aedea52c0f4c3f9ba52e5d706

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 3650
x-served-by: cache-iad-kiad7000073-IAD, cache-iad-kiad7000073-IAD, cache-bru1480072-BRU
server: AmazonS3
x-timer: S1718557597.893564,VS0,VE122
etag: "2e02d950c1c199919a375acfd1fbc108"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202401.2.0/assets/ 13 KB
3 KB 65ms
65ms Fetch
application/json 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202401.2.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4aaa18c55c90588c5e828e56dcc6b2cb0acf9a4280494c7d1a53fc5e3669112

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 16 Jun 2024 17:06:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
content-md5: BhDz7QN6NZvDbVeQXXKKbA==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3041
x-ms-lease-status: unlocked
last-modified: Thu, 07 Mar 2024 11:26:21 GMT
server: cloudflare
etag: 0x8DC3E996A8D0BAE
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: fbdf182a-a01e-004e-0a0f-c0566f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 894c6434dc8a66b2-AMS

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/202401.2.0/assets/v2/ 62 KB
13 KB 91ms
91ms Fetch
application/json 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202401.2.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

777b4b4a083fe36afca14edfa9de06db28dacfe106659598d9c88f576428e2d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 16 Jun 2024 17:06:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
content-md5: +7hvz1DcCYiP/7X0fBpjjw==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12694
x-ms-lease-status: unlocked
last-modified: Thu, 07 Mar 2024 11:26:24 GMT
server: cloudflare
etag: 0x8DC3E996BDADDD4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: b57b1157-101e-00df-720f-c0c2de000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 894c6434dc8e66b2-AMS

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202401.2.0/assets/ 21 KB
4 KB 63ms
62ms Fetch
text/css 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202401.2.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 16 Jun 2024 17:06:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
content-md5: c7xAZ9MSGAobGaTYg/Qtag==
x-ms-lease-status: unlocked
last-modified: Thu, 07 Mar 2024 11:26:34 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 69c1a499-a01e-0045-630f-c04e1b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 894c6434dc8f66b2-AMS

GET
H3 200 adx Show response
securepubads.g.doubleclick.net/gampad/ 0
25 B 146ms
69ms XHR
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/adx?tfcd=0&t=position%3Dsponsor_logo%26features%3Dtagless&iu=/7103/usatoday/sponsor_logo/lifestyle/health&sz=300x50&cust_params=aam_props%3Duniversal%7Cdesktop%7Cstory%20pages%26adlabel%3Dnull%26aic%3Di_2%3AHM%2Ci_6%3AL%2Cfs_y%3AHML%2Ca_4%3AHML%2Ced_cg%3AL%2Cms_m%3AL%2Cho_r%3AHML%2Ci_2%3AHML%2Cjs_ic%3AL%2Cem_m%3AH%2Ci_6%3AM%2Ca_5%3AM%2Ced_ad%3AM%2Ci_5%3AHM%2Cem_m%3AM%2Cfs_n%3AHM%2Cem_se%3AHM%2Cms_m%3AHM%2Cem_se%3AHML%2Cfs_y%3AL%2Ced_gs%3AHM%2Ced_hs%3AHML%2Cem_ue%3AHML%2Ci_6%3AHML%2Ca_5%3AHML%2Cem_ue%3AL%2Cjs_ic%3AHML%2Ca_5%3AHM%2Cem_m%3AHM%2Cms_s%3AHM%2Ci_5%3AL%2Cg_F%3AHML%2Cfs_n%3AM%2Cg_F%3AM%2Cg_F%3AL%2Ci_4%3AHML%2Cjs_ic%3AM%2Ced_gs%3AHML%2Ci_4%3AM%2Cem_rt%3AHML%2Cjs_dir%3AHM%2Ci_2%3AM%2Cem_m%3AHML%2Cjs_ic%3AHM%2Ci_5%3AM%2Ced_ad%3AHML%2Ced_ad%3AHM%2Ca_2%3AM%2Ced_hs%3AHM%2Cms_s%3AHML%2Ca_2%3AHML%2Ca_2%3AHM%2Ca_4%3AM%2Cms_m%3AHML%2Ced_gs%3AM%2Cem_rt%3AM%2Cem_rt%3AHM%2Ci_5%3AHML%2Cem_ft%3AM%2Cem_ft%3AHM%2Cg_M%3AL%2Cho_r%3AM%2Cjs_dir%3AM%2Ca_6%3AHML%2Cem_ft%3AHML%2Ci_4%3AHM%2Ced_hs%3AM%2Cms_m%3AM%2Cg_F%3AHM%2Cho_r%3AHM%2Ca_6%3AHM%2Ced_hs%3AL%2Cfs_n%3AHML%2Cjs_dir%3AHML%2Ca_4%3AHM%2Cg_M%3AHML%2Ced_cg%3AHML%2Cho_r%3AH%2Ca_6%3AM%2Cms_s%3AM%2Cem_se%3AM%2Ci_2%3AH%2Ci_6%3AHM%26alerttype%3Dnone%26build%3DDigital%20Renovation%26categoryvalue%3D%26content_category%3Dhealth%2Cnutrition%2Cfood-drink%2Cfood-drink%2Ccooking-recipes%2Chealthy-eating%26contentid%3D11758541002%26cst_section%3Dlifestyle%26cst_subsection%3Dhealth%26cst_topic%3D%26features%3Dnoautoplay%26front%3Dnull%26gnt_sb%3D%26gnt_ub%3D%26navigationType%3Ddirect%26origin%3DUSA%20TODAY%26pageType%3Dstory%26privacy%3DNA%26property%3Dusat%26referrer%3D%26series%3D%26sitepage%3Dusat%2Flife%2Fhealth-wellness%26ssts_section%3Dlife%26ssts_subsection%3Dhealth-wellness%26ssts_subtopic%3D%26ssts_topic%3D%26subsection%3Dhealth-wellness%26topic%3Dhealthy%2Clifestyles%2Cdiet%2Cand%2Cnutrition%2Cnew%2Cyork%2Cuniversity%2Cto%2Cthe%2Cpoint%2Cseo%2Cwellness%2Cjust%2Ccurious%2Coverall%2Cpositive%2Cnutrition%2Cfood%2C%2Cdrink%2Chealthy%2Ceating%2Chealthy-lifestyles%2Cdiet-and-nutrition%2Cnew-york-university%2Cto-the-point%2Cseo-wellness%2Cjust-curious%2Coverall-positive%2Cnutrition%2Cfood-drink%2Chealthy-eating%26variant%3Dad-control%26ss%3Da%2Cnon%26user_traits%3Dcdl_none%26userguid%3D%26utm_props%3D%7C%7C&c=18612688717

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/utils.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cytuk.qrehans.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
31 KB 140ms
63ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/utils.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

8e3c3fc567e063db25422215fc10b76ee66183dfbf0efb25fbf2a21f2b4a8573

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31780
x-xss-protection: 0
server: cafe
etag: 405 / 19890 / 31084605 / config-hash: 2657906958883330822
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 16 Jun 2024 17:06:37 GMT

GET
H3 200 config.js Show response
cdn.confiant-integrations.net/r5TdgVvkbv-PeaJCKaQfCh5Xsto/gpt_and_prebid/ 258 KB
56 KB 94ms
35ms Script
text/javascript 172.64.144.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/r5TdgVvkbv-PeaJCKaQfCh5Xsto/gpt_and_prebid/config.js
Requested by: Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/utils.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed50bca7a585b81c0b9573ce8f238b0c5dc249779cfe93390a1bddf8a64f1e7b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: VAQ85KGBT6TM97Z4
age: 662
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 57033
x-amz-id-2: QjgRggOfcIh3+opmwPmG7I4wcxlyNj7GG4p2BoJuQA5XPv6K08VtJxoi/WFg3LaGDXl7ddNpPOPrWtz0nUcHKMmGMpniwn3bjtpKl7lgF00=
last-modified: Sun, 16 Jun 2024 16:43:12 GMT
server: cloudflare
etag: "b0024e6152d2edb12b40ba3aaf287c90"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
cf-ray: 894c64357b739705-AMS

GET
H2 200 pbjsandwich-uw.min.js Show response
www.gannett-cdn.com/partner/vendor/ 289 KB
92 KB 18ms
18ms Script
application/javascript 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gannett-cdn.com/partner/vendor/pbjsandwich-uw.min.js

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/utils.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

495129eb53b44e4d99c5540b43d5a1e5b352917411bcdf164ea4a22edc37036d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:36 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 2604541
x-cache: MISS, HIT, HIT
content-length: 94408
last-modified: Thu, 08 Feb 2024 20:32:24 GMT
etag: "46a4597d813038f93f37e6cf5cc33ef9"
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-language: en
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-checksum-crc32c: 4diubQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 5547, 27

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 308 KB
76 KB 100ms
32ms Script
application/javascript 13.224.186.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/utils.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-120.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c1ee48fdc9c11e6866e86ddc8c850aceff697a6e0b1ee20f1dd2d1877b3c66cd

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 16:54:43 GMT
content-encoding: gzip
via: 1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront), 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
last-modified: Tue, 11 Jun 2024 21:55:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA2-C1
age: 715
x-amz-server-side-encryption: AES256
etag: W/"8f94a6a072a070cbb8299e59a43dbe3f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: vvqpXoJFYQQhiLU90x3ZgO0YVHiQM7_aCchxqW3ZxMiAmzJaCAXejg==

GET
H/1.1 200
OK iasPET.1.js Show response
cdn.adsafeprotected.com/ 22 KB
7 KB 114ms
28ms Script
application/javascript 18.172.112.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adsafeprotected.com/iasPET.1.js
Requested by: Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/utils.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-107.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 10 Jun 2024 02:01:46 GMT
Content-Encoding: gzip
Via: 1.1 7b2737d1601ba8c676e6f68b6aa113d8.cloudfront.net (CloudFront)
Last-Modified: Wed, 02 Jun 2021 17:38:57 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P8
Age: 572692
ETag: W/"51636de3ce868a2172f9e6996c2934e0"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cache: Hit from cloudfront
Cache-Control: max-age=604800
Connection: keep-alive
X-Amz-Cf-Id: vrwVfbZOvJ4rmu08E6tdQ4Wpmj408dBdRt8SECkiRtkLaKCxlZWGqA==

GET
H2 200 10 Show response
api.gannett-cdn.com/thorium/popular/USAT/ 5 KB
2 KB 313ms
298ms Fetch
application/json 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.gannett-cdn.com/thorium/popular/USAT/10?apiKey=TGgXAxAcR3ktiGl6cRsHSGsLS6ySi6yz&searchtype=socialReferrals

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/bundles/story.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a51a6b9505b330a7ba17f38a926ef0382f5d2ca1c957ad4e2975f06aa2352f70

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15724800
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding: gzip
date: Sun, 16 Jun 2024 17:06:37 GMT
age: 0
x-cache: MISS, MISS, MISS, MISS
content-length: 1295
x-served-by: cache-iad-kcgs7200112-IAD, cache-iad-kcgs7200112-IAD, cache-bru1480076-BRU
vcl_data: 5jy3cmThFRbRJtLjNvaUEi.215_0-c6abf225010118889e6a8a051a326e55
x-timer: S1718557597.990611,VS0,VE280
access-control-max-age: 3628800
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
vary: (null),Origin, Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Origin, Content-Type
x-cache-hits: 0, 0, 0, 0

GET
H2 200 / Show response
api.gannett-cdn.com/argon/navreimagined/usat/top_nav_primary/ 30 KB
6 KB 513ms
498ms Fetch
application/json 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.gannett-cdn.com/argon/navreimagined/usat/top_nav_primary/?apiKey=f6YYPA1hPnB9Y9chky5GOmrZKmaguLVh

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/bundles/story.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9392494b5520552ff58e5340a953485bdb758a5ee0c8f3181f08799ef91fefa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15724800
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding: gzip
date: Sun, 16 Jun 2024 17:06:37 GMT
age: 0
x-cache: MISS, MISS, MISS, MISS
content-length: 5428
x-served-by: cache-iad-kiad7000033-IAD, cache-iad-kiad7000033-IAD, cache-bru1480076-BRU
vcl_data: 5jy3cmThFRbRJtLjNvaUEi.215_0-c6abf225010118889e6a8a051a326e55
x-timer: S1718557597.990343,VS0,VE481
access-control-max-age: 3628800
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
vary: accept-encoding,Origin, Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
fam-ttl: 120.000
access-control-allow-headers: Origin, Content-Type
x-cache-hits: 0, 0, 0, 0

GET /
user.usatoday.com/USAT-GUP/user/ 0
0

GET
H2 200 / Show response
api.gannett-cdn.com/thorium/breaking-news/ 56 B
464 B 185ms
180ms Fetch
application/json 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.gannett-cdn.com/thorium/breaking-news/?apiKey=TGgXAxAcR3ktiGl6cRsHSGsLS6ySi6yz&site-code=USAT

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/bundles/story.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

380b59b697189c5e5b22599a8b6ea78be45273dbde8236887d7c140aa11a0ba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15724800
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding: gzip
date: Sun, 16 Jun 2024 17:06:37 GMT
age: 0
x-cache: MISS, MISS, MISS, MISS
content-length: 65
x-served-by: cache-iad-kcgs7200132-IAD, cache-iad-kiad7000091-IAD, cache-bru1480076-BRU
vcl_data: 5jy3cmThFRbRJtLjNvaUEi.215_0-c6abf225010118889e6a8a051a326e55
x-timer: S1718557597.990745,VS0,VE159
access-control-max-age: 3628800
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
vary: (null),Origin, Accept-Encoding
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Origin, Content-Type
x-cache-hits: 0, 0, 0, 0

GET
H2 200 main.js Show response
www.usatoday.com/gcdn/dcjs/prod/ 66 KB
20 KB 37ms
27ms Script
application/javascript 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.usatoday.com/gcdn/dcjs/prod/main.js

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/bundles/story.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a4922f420187a455fddadbc388406730eaa05aa0af6ff518664a480cd63a049c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000
age: 158632
x-amz-meta-goog-reserved-file-mtime: 1718398930
x-cache: MISS, HIT, HIT, MISS
content-length: 20357
last-modified: Fri, 14 Jun 2024 21:02:44 GMT
etag: "c78fc3dd943f01527b2e9745b998898c"
vary: Accept,Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-checksum-crc32c: e1iaDg==
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/usatodaydemo/ 854 KB
87 KB 90ms
20ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Requested by: Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/utils.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 23d91550a74f26530c40ff852852d88a85c7fe06ef33d1f33e4508759230c140

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: KYWEZhYYVsPBH8aaKm6YBSSBy3PH2_f.
content-encoding: gzip
via: 1.1 varnish
date: Sun, 16 Jun 2024 17:06:37 GMT
x-amz-request-id: Y9P282YQC702D28G
age: 3807
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 88226
x-amz-id-2: CkzlesWtMwA+yLnNTInNMjNcU8wFDQ/In75Rdtef3YJfv4yVAL0LbjAEYUxTvoXfhwO61V0LnCM=
x-served-by: cache-bru1480055-BRU
last-modified: Sun, 16 Jun 2024 16:01:55 GMT
server: AmazonS3
x-timer: S1718557597.071799,VS0,VE1
etag: "b060a1bdf26194af4b6b6855845c11f0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 45
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
513 B 56ms
55ms Fetch
image/svg+xml 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 16 Jun 2024 17:06:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
x-ms-lease-status: unlocked
last-modified: Thu, 13 Jun 2024 02:35:37 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 5678dade-b01e-0078-1b0f-c0fb3d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 894c64359d7e66b2-AMS

GET
H2 200 USATODAYNetwork.jpg
cdn.cookielaw.org/logos/5b4b73e5-9c9c-4c5c-82c1-9389c9e42f1c/cf323acf-9f3b-4263-81e2-37e074d74691/f10ff3c7-5d2d-4d22-bdd6-880b683d4c51/ 49 KB
50 KB 44ms
44ms Image
image/jpeg 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/5b4b73e5-9c9c-4c5c-82c1-9389c9e42f1c/cf323acf-9f3b-4263-81e2-37e074d74691/f10ff3c7-5d2d-4d22-bdd6-880b683d4c51/USATODAYNetwork.jpg

Requested by

Host: cytuk.qrehans.com
URL: https://cytuk.qrehans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4447a256561b21db18e4de51442d92ed316873151e712e8539830abf816a0d5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 16 Jun 2024 17:06:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: nvdUjGkutWTeN1mHoG8+9Q==
age: 16108
content-length: 50468
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Mon, 20 Feb 2023 20:20:43 GMT
server: cloudflare
etag: 0x8DB137FF131BB43
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: efc6a5c0-f01e-0014-51c3-4071ec000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 894c6435aa3c1c94-AMS

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 38ms
38ms Image
image/svg+xml 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: cytuk.qrehans.com
URL: https://cytuk.qrehans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 16 Jun 2024 17:06:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 78467
x-ms-lease-status: unlocked
last-modified: Thu, 13 Jun 2024 02:35:38 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 9fe52516-d01e-0063-48c4-bdd5af000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 894c6435aa401c94-AMS

GET
H2 200 USAT-TEALIUM-UW.json Show response
www.usatoday.com/gcdn/dcc/prod/ 40 KB
6 KB 25ms
21ms Fetch
application/json 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.usatoday.com/gcdn/dcc/prod/USAT-TEALIUM-UW.json

Requested by

Host: www.usatoday.com
URL: https://www.usatoday.com/gcdn/dcjs/prod/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c2d4a0ba4bd90583967154316491cad9ab4b5768e37efa6042049a2b226067ab

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000
age: 157508
x-amz-meta-goog-reserved-file-mtime: 1718380301
x-cache: MISS, HIT, HIT, MISS
content-length: 6059
last-modified: Fri, 14 Jun 2024 15:56:13 GMT
etag: "9f274cf776a43b8f38bfd243682d5ce0"
vary: Accept,Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-checksum-crc32c: x8klcg==
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 universal.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/ 25 KB
5 KB 142ms
140ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/universal.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c3568c5c92de21fb413e3ff90c16a2e8b61dfb67477b519e04881199607316f2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 5396
x-served-by: cache-iad-kjyo7100045-IAD, cache-iad-kjyo7100133-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.071314,VS0,VE119
etag: "9c377e94a18641436e11f45cd76a6e07"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 polymer.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/ 1 KB
1 KB 141ms
139ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/polymer.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1c3f29b93d961e02766afc79e1fc7e7bf8510ec831d77aabff63e87aea18d8d8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 566
x-served-by: cache-iad-kcgs7200111-IAD, cache-iad-kcgs7200111-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.071885,VS0,VE118
etag: "59e5636d674dc205ed0f95606d4ad938"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 story-emphasis.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/story/story-emphasis/ 5 KB
2 KB 144ms
142ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/story/story-emphasis/story-emphasis.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0767e2ab2440f261df5380fa8e42627d602bc78be339b8dbebfc436cc60e139d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 1689
x-served-by: cache-iad-kjyo7100145-IAD, cache-iad-kjyo7100071-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.071866,VS0,VE120
etag: "83ade60c22cfa7e210560ad73d9d3654"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 media-video.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/media/media-video/ 61 KB
17 KB 151ms
149ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/media/media-video/media-video.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

49a71e81d2d2e307cd33ad81624099c2aa905435a5edf8dddd1a99733de218aa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 16373
x-served-by: cache-iad-kcgs7200152-IAD, cache-iad-kcgs7200143-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.071914,VS0,VE122
etag: "aa450ce33957bba7797ffcc5ce704c2e"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 partner-comscore-media-video.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/partner/partner-comscore-media-video/ 6 KB
2 KB 157ms
155ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/partner/partner-comscore-media-video/partner-comscore-media-video.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

343156d6746b0dbfaaf5338d6676f94f37048a171b9c7e58f3ec15a7111d84f7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 2349
x-served-by: cache-iad-kiad7000120-IAD, cache-iad-kiad7000120-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.071832,VS0,VE127
etag: "4f624c2b0b55576bd131d426081f3373"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 partner-nudge-media-video.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/partner/partner-nudge-media-video/ 4 KB
2 KB 144ms
143ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/partner/partner-nudge-media-video/partner-nudge-media-video.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3474fb31bfd74dcda22f3aeabb40b581048dcb5ef281c5324fedd4bf4df72c10

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 1709
x-served-by: cache-iad-kiad7000172-IAD, cache-iad-kiad7000172-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.071818,VS0,VE121
etag: "61cc63e71677d3e692e704ccc20f37c6"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 partner-omniture-heartbeat-media-video.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/partner/partner-omniture-heartbeat-media-video/ 17 KB
5 KB 142ms
141ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/partner/partner-omniture-heartbeat-media-video/partner-omniture-heartbeat-media-video.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d62bb6bc3b26e9fd848bb277f71be2a35001d7c07f41cc2012655cefd1119f39

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 5198
x-served-by: cache-iad-kjyo7100169-IAD, cache-iad-kjyo7100153-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.072281,VS0,VE120
etag: "21ba66907cfe8a54e43e6160ed1f25fa"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 gannett-atoms-library.js Show response
atoms.usatoday.com/atoms-library/prod/dist/ 57 KB
16 KB 45ms
18ms Script
application/javascript 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://atoms.usatoday.com/atoms-library/prod/dist/gannett-atoms-library.js
Requested by: Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/utils.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e4ae17cf17d15572dffa5f0e3c6d81f7f2c391aaaf502859073f0e14d7c0a9d6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005"}
age: 1073115
x-cache: HIT, HIT
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 15998
last-modified: Wed, 19 Oct 2022 17:01:32 GMT
x-timer: S1718557597.097472,VS0,VE0
etag: "47d90637c9be778654aced0497331d31"
vary: Accept-Encoding
x-goog-generation: 1666198892643051
content-type: application/javascript
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
cache-control: max-age=900
x-goog-stored-content-length: 58464
x-amz-checksum-crc32c: JnQLMg==
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Jun 2024 07:01:21 GMT

GET
H2 200 iasADX.js Show response
static.adsafeprotected.com/ 12 KB
5 KB 249ms
25ms Script
application/javascript 2600:9000:223f:5600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/iasADX.js
Requested by: Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/utils.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 123bb290d7e535508dc84350e2152c6a561dcda94f4c5bbf1fcc1f50fd89b63b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 01:44:31 GMT
x-amz-version-id: S08nbEMSQBiWsSqdAKl6yaGPRyD0riRA
content-encoding: gzip
via: 1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 228126
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 14 Feb 2022 12:59:56 GMT
server: AmazonS3
etag: W/"c700d1e14608af0f21adaf6e08ac2cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: uJDPvEDBOFK2gZQbgyAt5u9RJJvx5P6ILRQYRhXs4YYo52AMcScF1w==

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/6035223/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

30ms
20ms

Script
application/javascript

18.244.18.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: cytuk.qrehans.com
URL: https://cytuk.qrehans.com/
Protocol: H2
Server: 18.244.18.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-38.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://cytuk.qrehans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 16 Jun 2024 05:05:31 GMT
content-encoding: gzip
via: 1.1 5d328d2e734cff11e41c897ec72f465e.cloudfront.net (CloudFront)
last-modified: Thu, 07 Dec 2023 12:02:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 43267
x-amz-server-side-encryption: AES256
etag: W/"77ff4ede4693897337a38594321529a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: XfJSHyVNjHO-Lx6fA7XZWXGbs6LAZttHpI1nSUZCaYOGs8b-AAP0VQ==

Redirect headers

date: Sun, 16 Jun 2024 17:06:37 GMT
via: 1.1 5d328d2e734cff11e41c897ec72f465e.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P11
x-cache: Miss from cloudfront
location: /internal-cs/default/beacon.js
content-length: 0
x-amz-cf-id: Wfj5RmHuTk_KYyt-6OCatS9LJ--A5rSOpRwtuPu2J_OjFLDnY_o_aA==

POST
H2 204 USAT-GCIAF-STANDARD
www.usatoday.com/gciaf/prod/ 0
0 584ms
581ms Fetch
application/json 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.usatoday.com/gciaf/prod/USAT-GCIAF-STANDARD

Requested by

Host: www.usatoday.com
URL: https://www.usatoday.com/gcdn/dcjs/prod/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
x-cache: MISS
x-xss-protection: 1;mode=block
referrer-policy: strict-origin-when-cross-origin
cross-origin-opener-policy: same-origin
x-frame-options: DENY
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cytuk.qrehans.com
origin-agent-cluster: ?1
cache-control: no-store
access-control-allow-credentials: true
feature-policy: autoplay 'none';camera 'none';display-capture 'none';encrypted-media 'none';fullscreen 'none';geolocation 'none';microphone 'none';midi 'none';payment 'none';picture-in-picture 'none';publickey-credentials-get 'none';sync-xhr 'none';usb 'none';xr-spatial-tracking 'none'
permissions-policy: autoplay=(),camera=(),display-capture=(),encrypted-media=(),fullscreen=(),geolocation=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),usb=(),xr-spatial-tracking=()
vary: Origin,Referer
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 253ms
45ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.usatoday.com
URL: https://www.usatoday.com/gcdn/dcjs/prod/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 16 Jun 2024 16:29:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2249
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 16 Jun 2024 18:29:08 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 260 KB
91 KB 279ms
71ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QQ6YP2J211

Requested by

Host: www.usatoday.com
URL: https://www.usatoday.com/gcdn/dcjs/prod/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

45c4e467e9fb2f1f211439f30027a07957b415398601cd08bd495e87ff480eb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93063
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 16 Jun 2024 17:06:37 GMT

GET
H2 200 p.js Show response
cdn.parsely.com/keys/cytuk.qrehans.com/ 55 KB
21 KB 424ms
217ms Script
application/javascript 3.161.77.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/cytuk.qrehans.com/p.js
Requested by: Host: www.usatoday.com
URL: https://www.usatoday.com/gcdn/dcjs/prod/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.77.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-77-50.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 8bd72d23fabec245757bc6bb991a51f31052fe0c17936bcc4b2da4b18b8f48b6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 b61ff825a3ca0ff851caf7741034ca52.cloudfront.net (CloudFront)
last-modified: Wed, 27 Apr 2022 15:49:32 GMT
server: nginx
x-amz-cf-pop: FRA56-P10
etag: W/"6269660c-dbf1"
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-cf-id: uSdbiwy-exubZk1Lvx7p_WQxi350Q4p1X6NRYstruDH_N3fAQ7wl2w==

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 53 KB
19 KB 304ms
98ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.usatoday.com
URL: https://www.usatoday.com/gcdn/dcjs/prod/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

b130968080fe103320d11b55daf5ae90350ae43b50068b48d868b527f01ba021

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19406
x-xss-protection: 0
server: cafe
etag: 14436975090372796904
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 16 Jun 2024 17:06:37 GMT

GET
H2 200 a-01aa.min.js Show response
b-code.liadm.com/ 101 KB
36 KB 227ms
26ms Script
application/javascript 2600:9000:275d:ee00:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-01aa.min.js
Requested by: Host: www.usatoday.com
URL: https://www.usatoday.com/gcdn/dcjs/prod/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:ee00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 6fa5fad4f499ec8b02f1eaf8c570e80dc6f66f1772245b902c5dd91e69773d70

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 14:18:32 GMT
content-encoding: gzip
via: 1.1 56837fe4941e707f9c6564d049ea12b6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 10085
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=86400
x-amz-cf-id: dVWG9Lk9cXmZL4CxUhgRWW-7q6WQVwTP5WGYxka9sscWLQ65D6Hbaw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 472ms
411ms XHR
application/javascript 13.224.186.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-120.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:38 GMT
x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding: gzip
via: 1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: qNGEJ7D4pOPartbht9MXq2RmQZv4nNZrXDhDa3G_5ANZKIbOfmNHUA==

GET
H2 200 3062 Show response
config.aps.amazon-adsystem.com/configs/ 531 B
798 B 208ms
17ms Script
application/javascript 18.238.243.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/3062
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.243.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-243-129.ams58.r.cloudfront.net
Software: CloudFront /
Resource Hash: 9826782136f9db8701f781b6abc472cd8d008ad818a4433c0a61a172083913a7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 16:45:28 GMT
via: 1.1 d86b0ef5c17f755a14a26fbae67aba4e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS58-P1
age: 1269
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 531
x-amz-cf-id: tjF5bfa1b0OyBCm4-9yNS154S7mBHu11cxLcwxpcLInyiPOsocZ3Xw==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 641 B
991 B 123ms
122ms XHR
application/json 13.224.186.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3062&u=https%3A%2F%2Fcytuk.qrehans.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-120.fra2.r.cloudfront.net
Software: Server /
Resource Hash: f3e3353bd01e767ff59da7875dc275115913898a536f5542349fcce15b66a48b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:36 GMT
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://cytuk.qrehans.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 641
x-amz-cf-id: IkcCnm5qAsipTbH1QGb_lqH-AbJcEXpAA-Ht5wu5tzcVpPNreprK1w==

GET
H3 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202406120908/ 287 KB
102 KB 27ms
26ms Script
application/javascript 172.64.144.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202406120908/wrap.js
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/r5TdgVvkbv-PeaJCKaQfCh5Xsto/gpt_and_prebid/config.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 113b988757f4101d160571f19771fd5ea84f373457a7ca7f56b104cc51cd3d0f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: S4GF15KGD0WTAE4B
age: 346473
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 104306
x-amz-id-2: qAxgD2ZrHKbKZckGKoWs3/s5bHB7wZjVO/oDdA3HSh80Orkl8EQZVIVYtPTkQGWcZdXhrfzWVdE=
last-modified: Wed, 12 Jun 2024 13:27:01 GMT
server: cloudflare
etag: "4496a4adfcb2b23691e0c5d2144addc0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 894c64361c569705-AMS

GET
H2 200 load.js Show response
pm-widget.taboola.com/usatodaydemo/ 3 KB
1 KB 20ms
18ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/usatodaydemo/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 36d0f6150f2eaaed37a21fbe52156a4cab87e4fea0b6d69663d27dcf0b3d4424

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: NKCxBtD7JS8etRibom4zkiGHcDqmrivf
content-encoding: gzip
via: 1.1 varnish
date: Sun, 16 Jun 2024 17:06:37 GMT
x-amz-request-id: 3F150AR4ECHS92X7
age: 2787
x-cache: HIT
content-length: 1195
x-amz-id-2: skW9NqdjcMYRZMzBV1o8NZfpcXxUiu2E/UUdEfQUFSyuTnATMvKiEruR+xhDzW5QxWYK7PGb3rU=
x-served-by: cache-bru1480055-BRU
last-modified: Wed, 06 Mar 2024 04:17:35 GMT
server: AmazonS3
x-timer: S1718557597.167784,VS0,VE1
etag: "71f379a16939b8b05bee450b4857e531"
vary: Accept-Encoding,
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 impl.20240613-38-RELEASE.js Show response
cdn.taboola.com/libtrc/ 894 KB
182 KB 82ms
20ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20240613-38-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 47e4dc7f1b1175872ccfd77af5f2b8deb9369da8bf33b126121ae25c5af845e6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Origin: https://cytuk.qrehans.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: kDdRQIto.UimJAn8RYg2PIl7jTgGdrmJ
content-encoding: br
via: 1.1 varnish
date: Sun, 16 Jun 2024 17:06:37 GMT
x-amz-request-id: HZCQQNH1TTF6V27F
age: 5421
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 185973
x-amz-id-2: BntZAxtZbCcJGirZtIuRDcLxRjmY3Iuh2hcq+KywNowFmf1nl++NgfgHfVu2RH1vJFAF875S+ao=
x-served-by: cache-bru1480046-BRU
last-modified: Sun, 16 Jun 2024 15:34:51 GMT
server: AmazonS3-br
x-timer: S1718557597.229554,VS0,VE0
etag: "042851c31b8a4c3431c8a5dc787dcb70"
vary: Accept-Encoding
content-type: application/javascript
abp: 49
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 1036

GET journey.json
atoms.qrehans.com/atoms-configs/prod/dist/uw/USAT/control/ 0
0

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406130101/ 467 KB
146 KB 44ms
44ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406130101/pubads_impl.js?cb=31084605

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

60e0d3bc202871fc6a3126bace9ea0e533987ae39e613e6f44a8e49e96569696

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 09:32:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27275
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 149174
x-xss-protection: 0
server: cafe
etag: 3598326600462146374
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 16 Jun 2025 09:32:02 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 71 B
89 B 106ms
55ms XHR
application/json 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=cytuk.qrehans.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

a5c1fe0cf0dc326bf798af85d26479ef0107349ffb18dc26f200eaaa5249ecc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64
x-xss-protection: 0
expires: Sun, 16 Jun 2024 17:06:37 GMT

GET
H2 200 legacy-element-mixin.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/legacy/ 37 KB
10 KB 153ms
147ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/legacy/legacy-element-mixin.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7a8d0a1512a5ecd047a3a9fbb1bdc116de8f6676d580edd9e57867c6fa9bc1bb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 9579
x-served-by: cache-iad-kcgs7200107-IAD, cache-iad-kcgs7200107-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.229063,VS0,VE119
etag: "e182a618aa069c09654ed09ef890b38f"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 polymer-fn.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/legacy/ 2 KB
1 KB 160ms
154ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/legacy/polymer-fn.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a17ed2829e19ecd0a8c2cbb9a3bb66cc12e110ad475b53256f02f65f152019b6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 788
x-served-by: cache-iad-kcgs7200028-IAD, cache-iad-kcgs7200175-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.229351,VS0,VE124
etag: "f69a78f7e6b1f490c8a66bdfeed9b755"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 templatizer-behavior.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/legacy/ 6 KB
3 KB 173ms
166ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/legacy/templatizer-behavior.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

63ebd809b2988be498b87eadffc18b32f301c477d58128e508b7268e1df4b105

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 2150
x-served-by: cache-iad-kiad7000092-IAD, cache-iad-kiad7000092-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.230761,VS0,VE131
etag: "5108bed49f7d2059e843190568827c78"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 dom-bind.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/elements/ 6 KB
2 KB 154ms
148ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/elements/dom-bind.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8ce6e59de59ccc4e45c4798434e1e3885a91f5e7b9d916b5085ba91ea27c29d9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 2102
x-served-by: cache-iad-kjyo7100060-IAD, cache-iad-kjyo7100159-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.230417,VS0,VE118
etag: "b4a48e966b782a29f9eb97504fbd2534"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 dom-repeat.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/elements/ 26 KB
8 KB 163ms
157ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/elements/dom-repeat.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5680984cafd03b7ffac79009300c94b135354bd7741d6ebd8e13f010be38c50a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 8310
x-served-by: cache-iad-kjyo7100027-IAD, cache-iad-kiad7000095-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.230394,VS0,VE127
etag: "637b0dc7b05af8208e9feec11b1820b8"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 dom-if.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/elements/ 10 KB
4 KB 155ms
149ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/elements/dom-if.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

20860cd85b16709e5f98332ecf82297b784da87651bb872006c151501f972cb9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 3950
x-served-by: cache-iad-kjyo7100035-IAD, cache-iad-kjyo7100140-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.230398,VS0,VE119
etag: "af73511b80cee1662a0de4cc9dff63d1"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 array-selector.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/elements/ 14 KB
4 KB 149ms
143ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/elements/array-selector.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

04c6ef5e48cceec44d94a408d376f8bb62956d8aa5b50cc0b26adf78ad1cbfaa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 3976
x-served-by: cache-iad-kjyo7100076-IAD, cache-iad-kjyo7100031-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.230348,VS0,VE116
etag: "a1595b639d74f3050eb026b41a74091a"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 custom-style.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/elements/ 5 KB
2 KB 158ms
152ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/elements/custom-style.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

86943b08e849ab5a8a7357e576b8fedc6ade44e01a5a1bff8d2e110dddd64c06

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 2149
x-served-by: cache-iad-kiad7000068-IAD, cache-iad-kiad7000068-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.230329,VS0,VE122
etag: "fcbc04a6dd50b1732b8fc9eb59e7a0af"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 mutable-data-behavior.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/legacy/ 7 KB
2 KB 169ms
164ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/legacy/mutable-data-behavior.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

32ef7b2c958df422a41169feb6e0dc8a6a149c94957f148ac1f522683bb1522a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 1897
x-served-by: cache-iad-kcgs7200171-IAD, cache-iad-kcgs7200068-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.230302,VS0,VE128
etag: "196d340215322974470d1fa62c847bad"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 html-tag.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 5 KB
2 KB 169ms
165ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/html-tag.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

46ea8464d2c3f35b1f5031bf2a9c0e422eaf4e0d45faa9dc5e03f465a6a8c486

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 1878
x-served-by: cache-iad-kiad7000028-IAD, cache-iad-kiad7000028-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.230275,VS0,VE129
etag: "80e4a3f100498961955505681bfd17b9"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 video-utils.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/mixins/ 10 KB
4 KB 149ms
144ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/mixins/video-utils.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

26eee452779b97bf35c0e8b1238dc91c8ed1a736c427251ebb5574e8de3bb756

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 3487
x-served-by: cache-iad-kcgs7200099-IAD, cache-iad-kcgs7200099-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.230303,VS0,VE116
etag: "79c03bdd226e03e53ab046ad76eb2513"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 visitor-api.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/vendor/adobe/ 121 B
269 B 153ms
149ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/vendor/adobe/visitor-api.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a3d6ad566eff7329a1f1b293b25c4bde551fc98d4e374d5745bf33cf89f83b0d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 113
x-served-by: cache-iad-kiad7000151-IAD, cache-iad-kiad7000151-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.231334,VS0,VE118
etag: "ebcab8c986c959851c9fb97be22930c2"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 app-measurement.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/vendor/adobe/ 125 B
291 B 159ms
155ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/vendor/adobe/app-measurement.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b3a9ee0f5208f23756bd32b359464f961eb4a600ecd50c96a08626458789eb9d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 113
x-served-by: cache-iad-kcgs7200111-IAD, cache-iad-kcgs7200111-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.230975,VS0,VE123
etag: "b3d378aaec19ef85e06547a05c1a6cea"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 heartbeat-api.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/vendor/adobe/ 129 B
299 B 156ms
151ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/vendor/adobe/heartbeat-api.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3fc4fd0f7cd64fce23b77dcf0142a96314e691e5b9bd0475910202865d0793ed

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 116
x-served-by: cache-iad-kjyo7100130-IAD, cache-iad-kjyo7100145-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.231409,VS0,VE120
etag: "8417e570ec500d8023811dc842982b94"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 gallium-element.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/behaviors/ 1 KB
906 B 155ms
151ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/behaviors/gallium-element.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bbbfe8fb0d69e7b4f1b5d9df7c81c575682e31076bb6a1ae0c3bbdf3251195bd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 726
x-served-by: cache-iad-kcgs7200134-IAD, cache-iad-kcgs7200134-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.230968,VS0,VE119
etag: "73a05cf28769d68db9999382daecf148"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 analytics-element-behavior.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/behaviors/ 5 KB
2 KB 160ms
156ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/behaviors/analytics-element-behavior.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e18a7dc11519275300b8ad7ed22326c69d0143ace71b01b990ff3a62ab214121

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 2050
x-served-by: cache-iad-kiad7000037-IAD, cache-iad-kiad7000037-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.230890,VS0,VE123
etag: "4d90a069258d77ff1cfabc424a26b3fc"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 gallium-i18n.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/behaviors/ 8 KB
4 KB 187ms
183ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/behaviors/gallium-i18n.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ed0db7069f82e411f3927a349141d8ef3b878250fe9d6d0ec9d4c96b5a406362

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 3017
x-served-by: cache-iad-kiad7000071-IAD, cache-iad-kiad7000037-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.247641,VS0,VE127
etag: "05edb13808a8e2225d833440a5e3943c"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 promo-premium-indicator.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/promo/promo-premium-indicator/ 3 KB
1 KB 173ms
169ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/promo/promo-premium-indicator/promo-premium-indicator.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d0837e1d9531e45205299c505173d4e16ac60a1903b0bd951e2b807a72b031ed

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 1027
x-served-by: cache-iad-kiad7000043-IAD, cache-iad-kiad7000043-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.246939,VS0,VE122
etag: "abc97739b0fa2b0bce88d34975a6e04b"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 polymer-element.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/ 1 KB
870 B 172ms
168ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/polymer-element.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

75f26e45a5ecd0855668595b59282d650f87bcf6a3eecc078436df6e9ff0904a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 690
x-served-by: cache-iad-kcgs7200135-IAD, cache-iad-kiad7000025-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.247498,VS0,VE119
etag: "28a69955a42d52a754d86372a315c278"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 render-status.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 3 KB
1 KB 189ms
185ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/render-status.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b048e87cf82ab73e27b97c3cc5a1568c90089086960978b2a397b0d1408f884e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 1242
x-served-by: cache-iad-kcgs7200075-IAD, cache-iad-kcgs7200037-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.247281,VS0,VE128
etag: "ceba86ff1e6d164821527d112d1893ee"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 flattened-nodes-observer.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 10 KB
3 KB 185ms
182ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/flattened-nodes-observer.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4dc4fff9aab3a93f787c41e65e7f42e3ce5412f919efd59335d4cd68a30b6561

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 2997
x-served-by: cache-iad-kcgs7200115-IAD, cache-iad-kcgs7200115-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.246868,VS0,VE127
etag: "33a1eb7852b67088b2381b83208022e4"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 util-post-messaging.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/util/util-post-messaging/ 986 B
716 B 183ms
179ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/util/util-post-messaging/util-post-messaging.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

df2891b4f41145bb4e71719541ae314e9c165613fd3c370108e36a93e71b2970

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 536
x-served-by: cache-iad-kcgs7200164-IAD, cache-iad-kcgs7200164-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.247228,VS0,VE124
etag: "84c29dd6948b10e147955f3eb870cfe9"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 util-analytics.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/util/util-analytics/ 12 KB
4 KB 172ms
168ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/util/util-analytics/util-analytics.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3c65d8eb3fd2723437c9770fbbe1449e4e21f37990d97ebb0f8b63db9e502c04

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 3449
x-served-by: cache-iad-kcgs7200051-IAD, cache-iad-kcgs7200175-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.247114,VS0,VE120
etag: "6ea7c896f51d8c52c2b206399aa5d9f8"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 ui-icon.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/ui/ui-icon/ 47 KB
18 KB 190ms
186ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/ui/ui-icon/ui-icon.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

72bb073808a89194c0d30db9f290a41c55a69567815dd0efcb55dc59dd49ba17

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 17820
x-served-by: cache-iad-kiad7000167-IAD, cache-iad-kiad7000122-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.246814,VS0,VE129
etag: "6cbc75e2b8762384cb812144d8ba03d7"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 media-video-base.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/media/media-video/ 9 KB
4 KB 174ms
170ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/media/media-video/media-video-base.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a84988fac295b57795e8ca8688cac10195c471c7972e0cc78b50fbf881c09ca8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 3366
x-served-by: cache-iad-kcgs7200033-IAD, cache-iad-kcgs7200023-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.246794,VS0,VE124
etag: "f67782121536e0d0615c6264520b289f"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 preroll.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/media/media-video/ 28 KB
9 KB 169ms
166ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/media/media-video/preroll.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1edbf56d4c457cd9dd9c91d16f48b96678dbd7ec2ebf39778e1a04a3a72ce302

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 9193
x-served-by: cache-iad-kjyo7100140-IAD, cache-iad-kjyo7100109-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.246780,VS0,VE115
etag: "3cb4158a44e47a1b5c907d3131dd7e57"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 media-video-partner.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/media/media-video/ 3 KB
1 KB 169ms
165ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/media/media-video/media-video-partner.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

82c74d3934bf6786f9b9eea2bf4021f2bf52ebeb7bf238175740da4f458fdc60

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 1342
x-served-by: cache-iad-kjyo7100148-IAD, cache-iad-kjyo7100078-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.246742,VS0,VE115
etag: "17c6b7105e613c770eaaff655ff05a24"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 comscore-api.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/partner/partner-comscore-media-video/ 151 B
315 B 182ms
181ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/partner/partner-comscore-media-video/comscore-api.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0153eb65f58eb0b5f33d0ba1734b7ac3de41deb4e55536c39e72e88827175dca

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 131
x-served-by: cache-iad-kjyo7100112-IAD, cache-iad-kcgs7200146-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.247290,VS0,VE125
etag: "2a97250b44cc20fd14228231334a47b9"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 jsdiagnostic
pixel.adsafeprotected.com/ 43 B
199 B 547ms
183ms Image
image/gif 35.155.115.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/jsdiagnostic?code:pet_m&anid:922805&sessionId:545e9f03-11c1-e569-46eb-e55479d126f6
Requested by: Host: cytuk.qrehans.com
URL: https://cytuk.qrehans.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.155.115.241 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-155-115-241.us-west-2.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 16 Jun 2024 17:06:37 GMT
cache-control: no-cache
server: Apache-Coyote/1.1
content-length: 43
p3p: CP="COM NAV INT STA NID OUR IND NOI"

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 143ms
31ms Script
application/javascript 184.30.211.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: cytuk.qrehans.com
URL: https://cytuk.qrehans.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-211-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Sun, 16 Jun 2024 17:21:37 GMT

GET
H2 200 pmk-20220605.16.js Show response
pm-widget.taboola.com/usatodaydemo/ 84 KB
24 KB 20ms
20ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/usatodaydemo/pmk-20220605.16.js
Requested by: Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/usatodaydemo/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 99090b3cc7ed201c2bbd8dcd1e0e4ebf54f6fe8b64f46b9dc4c6bf5345b3f34a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Origin: https://cytuk.qrehans.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: X0FggUL4k5DNjmEbPTrc8OTQs4LcEy58
content-encoding: gzip
via: 1.1 varnish
date: Sun, 16 Jun 2024 17:06:37 GMT
x-amz-request-id: WDR10HGKV50M0C9J
age: 922491
x-cache: HIT
content-length: 24240
x-amz-id-2: f70U8/IPPLnRQiOurwSw1fHBd9E/TGIBEleBCN6XEPFgPgk9h1EdjMs0Iqg3kcxGpQWGfkBIxPc=
x-served-by: cache-bru1480046-BRU
last-modified: Wed, 06 Mar 2024 04:17:34 GMT
server: AmazonS3
x-timer: S1718557597.334030,VS0,VE1
etag: "64d79925f01194343d2118055daa64f3"
vary: Accept-Encoding, ,Origin
access-control-allow-methods: GET,POST,PUT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 mixin.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 2 KB
1 KB 141ms
140ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/mixin.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

86fbce59e4f7ec7e30dcea5f3a591c731b2f25988103299857293e45d4be53a2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 1003
x-served-by: cache-iad-kjyo7100127-IAD, cache-iad-kjyo7100023-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.458520,VS0,VE121
etag: "6a6416522b85e5f0febd7a1dde74b24a"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 array-splice.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 8 KB
3 KB 137ms
137ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/array-splice.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bcf610c3f2222699d45638201a33934e6a07f37ea5effeb32add9ea6974b3e5f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 2909
x-served-by: cache-iad-kcgs7200151-IAD, cache-iad-kcgs7200172-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.458627,VS0,VE119
etag: "938a97f298390ce029cece727c84d823"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 apply-shim.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/shadycss/ 555 B
907 B 135ms
134ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/shadycss/apply-shim.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d5411a7ffd764c2db252c2f5d464c5adefef40b9338ee46f2b3a3e43ac61db48

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 320
x-served-by: cache-iad-kjyo7100109-IAD, cache-iad-kjyo7100035-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.460100,VS0,VE117
etag: "75f54922d2507d0c43bdf946149c38b1"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 element-mixin.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/ 31 KB
9 KB 143ms
142ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/element-mixin.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e136ab2c75ae90f9338087e38c15ad5b2d67e883b5e0647f11b71a10a43713c1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 9312
x-served-by: cache-iad-kiad7000022-IAD, cache-iad-kiad7000055-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.460856,VS0,VE122
etag: "06d1ac177cb051cec8015d7380f651e1"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 gesture-event-listeners.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/ 5 KB
2 KB 142ms
141ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/gesture-event-listeners.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2feaea79bf8d0b941dac8dd4508347b6cf19278096180a308f56eaa040235759

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 1652
x-served-by: cache-iad-kcgs7200117-IAD, cache-iad-kcgs7200117-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.460672,VS0,VE122
etag: "81aec249ab16ecd66d87185d1af24db5"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 dir-mixin.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/ 7 KB
3 KB 140ms
139ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/dir-mixin.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5efaa2ccf201122813b7fce67ad176f86437b34b57425cd55375fda10e52daed

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 2583
x-served-by: cache-iad-kcgs7200040-IAD, cache-iad-kcgs7200040-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.460658,VS0,VE119
etag: "7b05eec04633200f3f7f2fd916cc3886"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 import-href.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 3 KB
2 KB 141ms
140ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/import-href.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f07dc3bb776dedc5385377c3b7cd96499a67a41aed91ff11d3a03571daf94a06

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 1503
x-served-by: cache-iad-kiad7000075-IAD, cache-iad-kiad7000075-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.460636,VS0,VE121
etag: "b683689a8b2889b362fe6bd8e688d820"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 unresolved.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 867 B
623 B 143ms
143ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/unresolved.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c7dc8b0d0933d7837b3df7d28197f4d2f502b06638ea3bbb1bd7e1ec94cafa9d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 465
x-served-by: cache-iad-kjyo7100072-IAD, cache-iad-kjyo7100051-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.460626,VS0,VE123
etag: "39488a6f062edf87128458154f8d385d"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 polymer.dom.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/legacy/ 11 KB
4 KB 144ms
144ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/legacy/polymer.dom.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

962017c869448ba8bbb8827cc9262ebd51a03b5ac9957aaba7725f79ebf8d056

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 3648
x-served-by: cache-iad-kiad7000045-IAD, cache-iad-kiad7000045-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.461049,VS0,VE124
etag: "5c6f8ed3d9de31616650d0749dd15004"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 boot.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 3 KB
1 KB 153ms
152ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/boot.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3b7a86a7ce0392af890ca11fe6f7ee5746b975cb98204a39ec8cd43d817c389e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 1030
x-served-by: cache-iad-kjyo7100068-IAD, cache-iad-kiad7000022-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.461613,VS0,VE131
etag: "3baffbfb6ca8cfe5930d91fcb388b077"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 property-effects.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/ 99 KB
26 KB 153ms
152ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/property-effects.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0c42a7bb6bab2526b60a115423a6c41f003b75705e84b0ae24910d7d0b162c41

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 25739
x-served-by: cache-iad-kiad7000029-IAD, cache-iad-kiad7000029-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.461922,VS0,VE131
etag: "450f1e748a1b9f8db370847325ef559d"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 mutable-data.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/ 10 KB
3 KB 135ms
135ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/mutable-data.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e17ef9c7a2b314b65694fcd9975dcc8172f7ead620f5b17441f8f393d69911c4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 2938
x-served-by: cache-iad-kcgs7200060-IAD, cache-iad-kcgs7200060-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.461896,VS0,VE117
etag: "05940a4653c18c7be3a3ba99f347399f"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 templatize.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 25 KB
8 KB 182ms
180ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/templatize.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9db75cf3965907df50e6208dd5ff4f447c8bd15d27c7ae6ae59919f5ef1b9251

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 7544
x-served-by: cache-iad-kiad7000144-IAD, cache-iad-kiad7000035-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.470001,VS0,VE159
etag: "2be0b54f4f601653616444827efb1bd3"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 debounce.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 4 KB
2 KB 139ms
138ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/debounce.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

692ae4751ee9cf34c8a76a91f1d8df47bf098da4b9b2fb10e9181d9cf4dc81f7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 1639
x-served-by: cache-iad-kcgs7200039-IAD, cache-iad-kcgs7200039-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.470433,VS0,VE119
etag: "cf0a53fd3761cf764a0fc5fbc8e63ce3"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 flush.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 2 KB
880 B 147ms
147ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/flush.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

812761fecf21584ca20e6872a0fce8719749192b09f8d99f20d7628c24861447

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 723
x-served-by: cache-iad-kcgs7200053-IAD, cache-iad-kcgs7200167-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.470430,VS0,VE124
etag: "e006b92de5a57141c12c7391366b1f80"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 custom-style-interface.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/shadycss/ 567 B
481 B 139ms
139ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/shadycss/custom-style-interface.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d7427f226caa0100b63c9e234e09acb809896a493126bc9847fc5331f80c7dcb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 326
x-served-by: cache-iad-kcgs7200161-IAD, cache-iad-kcgs7200161-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.470414,VS0,VE120
etag: "ceb0842ff6c53d8d13d6cf2345f41490"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 style-gather.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 9 KB
3 KB 153ms
153ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/style-gather.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ba7ee0f420d8ea6e8751036a7a6693404676c9e63d66e6eaa2dd352f46d9883f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 2463
x-served-by: cache-iad-kcgs7200087-IAD, cache-iad-kcgs7200087-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.470348,VS0,VE135
etag: "69dbd531aa8cfa3ce4d98be353c255b9"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 class.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/legacy/ 19 KB
6 KB 143ms
143ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/legacy/class.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6177996af84c4e9e810c240e4f7fb1efa82ba95862fa36b3aae360e0568cecca

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 6083
x-served-by: cache-iad-kjyo7100109-IAD, cache-iad-kjyo7100141-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.470685,VS0,VE121
etag: "d81a318152a45625200636de2f23065e"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 partner-utils.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/behaviors/ 8 KB
3 KB 145ms
145ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/behaviors/partner-utils.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3ce9d5a52f0d6b39c94f645cb0f47d76010cca64a134352269ee3795120c3764

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 3044
x-served-by: cache-iad-kjyo7100024-IAD, cache-iad-kiad7000156-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.475312,VS0,VE125
etag: "00c9d736084becf41d34b802a087b729"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 partner-bid.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/behaviors/ 27 KB
7 KB 144ms
144ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/behaviors/partner-bid.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f6bf19b5ed465a9615ef995927db1b5c52bf952476110c52ed39dec63b96dd86

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 6904
x-served-by: cache-iad-kcgs7200114-IAD, cache-iad-kcgs7200114-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.475437,VS0,VE123
etag: "915021fe6a6a7e6dde3240f9b48e07bc"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 async.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 6 KB
2 KB 139ms
139ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/async.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1e93d1966552e0ec57b358850e3a1bbd4ee91eaf77ecbc665d634fa78cd99f0c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 1666
x-served-by: cache-iad-kjyo7100178-IAD, cache-iad-kjyo7100027-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.476906,VS0,VE117
etag: "a132e7f672cffc216d420d202cf26b14"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 iron-ajax.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/iron-ajax/ 16 KB
5 KB 141ms
141ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/iron-ajax/iron-ajax.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9308791f3878ea22e6ac4a7a725cb1999fc9a68ab99292ed40e7e30a6852fba5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 4702
x-served-by: cache-iad-kcgs7200096-IAD, cache-iad-kcgs7200088-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557597.478875,VS0,VE118
etag: "0a043135287b43ad3a26480b1bd6c65c"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 297 B
490 B 509ms
179ms XHR
application/json 35.155.115.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=922805&slot=%7Bid:partner-high-impact-0-container,ss:%5B970.250,970.90,970.66,970.60,728.90,1.2,1000.250%5D,p:/7103/usatoday/high_impact/lifestyle/health,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=545e9f03-11c1-e569-46eb-e55479d126f6&url=https%253A%252F%252Fcytuk.qrehans.com%252F
Requested by: Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.155.115.241 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-155-115-241.us-west-2.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 8f069e85fac1a453df0ae1076b40cfad7b0c70ce9dea635f7c38aad900ddf232

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
vary: Accept-Encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://cytuk.qrehans.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 topics_frame.html
ads.pubmatic.com/AdServer/js/topics/ Frame 0B78 0
0 350ms
23ms Document
text/html 184.28.88.244
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/partner/vendor/pbjsandwich-uw.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.28.88.244 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-28-88-244.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://cytuk.qrehans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: max-age=29954
content-encoding: gzip
content-length: 859
content-type: text/html
date: Sun, 16 Jun 2024 17:06:37 GMT
expires: Mon, 17 Jun 2024 01:25:51 GMT
last-modified: Tue, 21 Mar 2023 05:02:13 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 topicsapi.html
topics.authorizedvault.com/ Frame 6AD4 0
0 167ms
24ms Document
text/html 2a02:6ea0:c700::22
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://topics.authorizedvault.com/topicsapi.html?bidder=rtbhouse
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/partner/vendor/pbjsandwich-uw.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://cytuk.qrehans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 0
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=604800
content-encoding: gzip
content-type: text/html
date: Sun, 16 Jun 2024 17:06:37 GMT
etag: W/"b1da2234a554ee8bc6519a75d88402d9"
expires: Mon, 27 Nov 2023 07:17:38 GMT
last-modified: Mon, 26 Jun 2023 15:39:25 GMT
server: CDN77-Turbo
vary: Accept-Encoding
via: 1.1 google
x-77-age: 588949
x-77-cache: HIT
x-77-nzt: EgwB1GY4tAH3lfwIAAwB1GY4CQH3vjYAAA
x-77-nzt-ray: 6d204d11915bf47a9d1b6f6689db4027
x-77-pop: frankfurtDE
x-accel-date: 1717968648
x-accel-date-max: 1701079872
x-accel-expires: @1718573448
x-age: 588949
x-cache: HIT
x-goog-generation: 1687793965818864
x-goog-hash: crc32c=LvKeBQ== md5=sdoiNKVU7ovGUZp12IQC2Q==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1404
x-guploader-uploadid: ABPtcPq-zSNRoxlHFa4w7GHQFe56dZ8ASsACFFsc607EmY8qdkZYzbgE_ZBl5BrXBBGvTiyb9xbJUtc

POST cookie_sync
www.usatoday.com/pbd/ 0
0

POST auction
www.usatoday.com/pbd/openrtb2/ 0
0

POST
H2 200 auction Show response
display.bidder.taboola.com/OpenRTB/TaboolaHB/ 12 KB
12 KB 293ms
167ms Fetch
application/json 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://display.bidder.taboola.com/OpenRTB/TaboolaHB/auction?publisher=1468240
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/partner/vendor/pbjsandwich-uw.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8d2baa2ac9700bb0c985b7cbe87b96875b87c9291600f4279e3805aa10a1ecd1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

x-served-by: cache-bru1480025-BRU
date: Sun, 16 Jun 2024 17:06:37 GMT
via: 1.1 varnish
server: nginx
x-timer: S1718557598.655004,VS0,VE148
x-cache: MISS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://cytuk.qrehans.com
x-envoy-upstream-service-time: 143
accept-ranges: bytes
content-length: 12398
x-cache-hits: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
224 B 130ms
18ms Fetch 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.32.0&cb=43210778675&lsavail=0

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/partner/vendor/pbjsandwich-uw.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 16 Jun 2024 17:06:36 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
observe-browsing-topics: ?1
vary: Origin
access-control-allow-origin: https://cytuk.qrehans.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 64 B
399 B 235ms
122ms XHR
text/javascript 18.239.88.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=3062&u=https%3A%2F%2Fcytuk.qrehans.com%2F&pid=cpcvyVaTgX6Qd&cb=0&ws=1600x1200&v=24.610.1703&t=1800&slots=%5B%7B%22sd%22%3A%22partner-high-impact-0-container%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22970x66%22%2C%22970x60%22%2C%22728x90%22%2C%221x2%22%2C%221000x250%22%5D%2C%22sn%22%3A%22%2F7103%2Fusatoday%2Fhigh_impact%2Flifestyle%2Fhealth%231%22%7D%5D&gpp=DBABBg%7EBUoAAAKA.QA&gpp_sid=%5B8%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&_c=1
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.88.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-88-34.ams58.r.cloudfront.net
Software: Server /
Resource Hash: d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
via: 1.1 9840468fd7f0cd4b97907be5f049f14a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS58-P5
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://cytuk.qrehans.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: yoWQ1zvDn6miS0Wd44d0IY7FUsqUwnBw-WevTT2YVUxOAgp97roYVg==

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 338 B
512 B 602ms
325ms XHR
application/json 35.155.115.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=922805&slot=%7Bid:partner-native-article-link-1-container,ss:%5B300.250,3.3,640.360,1.1%5D,p:/7103/usatoday/native-article_link/lifestyle/health,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=545e9f03-11c1-e569-46eb-e55479d126f6&url=https%253A%252F%252Fcytuk.qrehans.com%252F
Requested by: Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.155.115.241 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-155-115-241.us-west-2.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: a5bcfacf11a89f363734256b946a65eedb58358f2c41ccd698ce47c2206aba42

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
vary: Accept-Encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://cytuk.qrehans.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *

POST auction
www.usatoday.com/pbd/openrtb2/ 0
0

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
405 B 225ms
88ms Fetch
application/json 2.19.217.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/partner/vendor/pbjsandwich-uw.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.217.101 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-217-101.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
observe-browsing-topics: ?1
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://cytuk.qrehans.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Sun, 16 Jun 2024 17:06:37 GMT

POST
H2 200 auction Show response
display.bidder.taboola.com/OpenRTB/TaboolaHB/ 12 KB
12 KB 341ms
247ms Fetch
application/json 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://display.bidder.taboola.com/OpenRTB/TaboolaHB/auction?publisher=1468240
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/partner/vendor/pbjsandwich-uw.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5763ffcdc92f9c4e46207cef0e23f34a54b41bc1aefd734a5a3aced5c7544ef2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

x-served-by: cache-bru1480025-BRU
date: Sun, 16 Jun 2024 17:06:37 GMT
via: 1.1 varnish
server: nginx
x-timer: S1718557598.655216,VS0,VE228
x-cache: MISS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://cytuk.qrehans.com
x-envoy-upstream-service-time: 218
accept-ranges: bytes
content-length: 12660
x-cache-hits: 0

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 64 B
398 B 212ms
115ms XHR
text/javascript 18.239.88.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=3062&u=https%3A%2F%2Fcytuk.qrehans.com%2F&pid=cpcvyVaTgX6Qd&cb=1&ws=1600x1200&v=24.610.1703&t=1800&slots=%5B%7B%22sd%22%3A%22partner-native-article-link-1-container%22%2C%22s%22%3A%5B%22300x250%22%2C%223x3%22%2C%22640x360%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F7103%2Fusatoday%2Fnative-article_link%2Flifestyle%2Fhealth%231%22%7D%5D&gpp=DBABBg%7EBUoAAAKA.QA&gpp_sid=%5B8%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&_c=1
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.88.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-88-34.ams58.r.cloudfront.net
Software: Server /
Resource Hash: 8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
via: 1.1 9840468fd7f0cd4b97907be5f049f14a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS58-P5
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://cytuk.qrehans.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: 01cbqo5onjKV9upjblokuT55MyHiptxvhR4WdhMKbE2EfyjGqaahfQ==

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 276 B
477 B 436ms
174ms XHR
application/json 35.155.115.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=922805&slot=%7Bid:partner-leaderboard-btf-4-container,ss:%5B728.90%5D,p:/7103/usatoday/leaderboard_btf/lifestyle/health,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=545e9f03-11c1-e569-46eb-e55479d126f6&url=https%253A%252F%252Fcytuk.qrehans.com%252F
Requested by: Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.155.115.241 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-155-115-241.us-west-2.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 40d43c9d3b547d37f3190b4d01f89c8b1d8b3c19bdc7378c0578a8faf3f44176

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
vary: Accept-Encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://cytuk.qrehans.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *

POST auction
www.usatoday.com/pbd/openrtb2/ 0
0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
223 B 122ms
36ms Fetch 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.32.0&cb=69449387940&lsavail=0

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/partner/vendor/pbjsandwich-uw.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
observe-browsing-topics: ?1
vary: Origin
access-control-allow-origin: https://cytuk.qrehans.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

POST
H2 204 auction Show response
display.bidder.taboola.com/OpenRTB/TaboolaHB/ 0
206 B 132ms
47ms Fetch
application/json 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://display.bidder.taboola.com/OpenRTB/TaboolaHB/auction?publisher=1468240
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/partner/vendor/pbjsandwich-uw.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

x-served-by: cache-bru1480025-BRU
date: Sun, 16 Jun 2024 17:06:37 GMT
via: 1.1 varnish
server: nginx
x-timer: S1718557598.671715,VS0,VE12
x-cache: MISS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://cytuk.qrehans.com
x-envoy-upstream-service-time: 2
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 64 B
399 B 198ms
113ms XHR
text/javascript 18.239.88.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=3062&u=https%3A%2F%2Fcytuk.qrehans.com%2F&pid=cpcvyVaTgX6Qd&cb=2&ws=1600x1200&v=24.610.1703&t=1800&slots=%5B%7B%22sd%22%3A%22partner-leaderboard-btf-4-container%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F7103%2Fusatoday%2Fleaderboard_btf%2Flifestyle%2Fhealth%231%22%7D%5D&gpp=DBABBg%7EBUoAAAKA.QA&gpp_sid=%5B8%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&_c=1
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.88.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-88-34.ams58.r.cloudfront.net
Software: Server /
Resource Hash: f0fe7e69e970311a87c3b57b217e6fc19f0a65b25813ad64426169712f61e402

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
via: 1.1 9840468fd7f0cd4b97907be5f049f14a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS58-P5
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://cytuk.qrehans.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: o0ThT_xBruRBs3E14ma2O2A-HH6iOgDJk9_ogh_kxjSrOQpbrkcMsQ==

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 320 B
501 B 425ms
175ms XHR
application/json 35.155.115.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=922805&slot=%7Bid:partner-poster-5-container,ss:%5B300.250,300.600,300.725%5D,p:/7103/usatoday/poster/lifestyle/health,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=545e9f03-11c1-e569-46eb-e55479d126f6&url=https%253A%252F%252Fcytuk.qrehans.com%252F
Requested by: Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.155.115.241 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-155-115-241.us-west-2.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 9dd31c57dac02a3c721011229fdc35929fe0357084df22665ec9d26bba15657b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
vary: Accept-Encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://cytuk.qrehans.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *

POST auction
www.usatoday.com/pbd/openrtb2/ 0
0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
223 B 39ms
36ms Fetch 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.32.0&cb=24714969727&lsavail=0

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/partner/vendor/pbjsandwich-uw.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 16 Jun 2024 17:06:36 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
observe-browsing-topics: ?1
vary: Origin
access-control-allow-origin: https://cytuk.qrehans.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

POST
H2 200 auction Show response
display.bidder.taboola.com/OpenRTB/TaboolaHB/ 12 KB
12 KB 219ms
217ms Fetch
application/json 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://display.bidder.taboola.com/OpenRTB/TaboolaHB/auction?publisher=1468240
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/partner/vendor/pbjsandwich-uw.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4a499c323f2a3aa74a14ca3e66d28006f34c9ad408df046a5384f2aab16e2991

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

x-served-by: cache-bru1480025-BRU
date: Sun, 16 Jun 2024 17:06:37 GMT
via: 1.1 varnish
server: nginx
x-timer: S1718557598.672001,VS0,VE179
x-cache: MISS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://cytuk.qrehans.com
x-envoy-upstream-service-time: 168
accept-ranges: bytes
content-length: 12284
x-cache-hits: 0

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 64 B
398 B 192ms
115ms XHR
text/javascript 18.239.88.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=3062&u=https%3A%2F%2Fcytuk.qrehans.com%2F&pid=cpcvyVaTgX6Qd&cb=3&ws=1600x1200&v=24.610.1703&t=1800&slots=%5B%7B%22sd%22%3A%22partner-poster-5-container%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22300x725%22%5D%2C%22sn%22%3A%22%2F7103%2Fusatoday%2Fposter%2Flifestyle%2Fhealth%231%22%7D%5D&gpp=DBABBg%7EBUoAAAKA.QA&gpp_sid=%5B8%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&_c=1
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.88.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-88-34.ams58.r.cloudfront.net
Software: Server /
Resource Hash: e74fc9882fd1b046474630282635991e5aa59cb761302f13d7a304c1a3bae89b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
via: 1.1 9840468fd7f0cd4b97907be5f049f14a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS58-P5
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://cytuk.qrehans.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: 08lrFntbuLMlTP8fuTcIR28U7NNODetnZbPFOw7C2Ijmu7Ca1-mzaQ==

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 342 B
516 B 565ms
324ms XHR
application/json 35.155.115.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=922805&slot=%7Bid:partner-poster-scroll-6-container,ss:%5B300.250,300.600,300.1050%5D,p:/7103/usatoday/poster_scroll/lifestyle/health,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=545e9f03-11c1-e569-46eb-e55479d126f6&url=https%253A%252F%252Fcytuk.qrehans.com%252F
Requested by: Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.155.115.241 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-155-115-241.us-west-2.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 04530fe1e13a15cb5f563d763cab46282cb7fd2201dba7a8257da564fe9eda6b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
vary: Accept-Encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://cytuk.qrehans.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *

POST auction
www.usatoday.com/pbd/openrtb2/ 0
0

POST
H2 200 auction Show response
display.bidder.taboola.com/OpenRTB/TaboolaHB/ 12 KB
12 KB 216ms
214ms Fetch
application/json 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://display.bidder.taboola.com/OpenRTB/TaboolaHB/auction?publisher=1468240
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/partner/vendor/pbjsandwich-uw.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c405c62ad6f8efd7f31255ec0866937b3632a33cda84167ba8fddb4125d77a9e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

x-served-by: cache-bru1480025-BRU
date: Sun, 16 Jun 2024 17:06:37 GMT
via: 1.1 varnish
server: nginx
x-timer: S1718557598.671952,VS0,VE179
x-cache: MISS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://cytuk.qrehans.com
x-envoy-upstream-service-time: 168
accept-ranges: bytes
content-length: 12450
x-cache-hits: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
223 B 39ms
37ms Fetch 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.32.0&cb=52965267314&lsavail=0

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/partner/vendor/pbjsandwich-uw.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
observe-browsing-topics: ?1
vary: Origin
access-control-allow-origin: https://cytuk.qrehans.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 64 B
399 B 179ms
114ms XHR
text/javascript 18.239.88.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=3062&u=https%3A%2F%2Fcytuk.qrehans.com%2F&pid=cpcvyVaTgX6Qd&cb=4&ws=1600x1200&v=24.610.1703&t=1800&slots=%5B%7B%22sd%22%3A%22partner-poster-scroll-6-container%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22300x1050%22%5D%2C%22sn%22%3A%22%2F7103%2Fusatoday%2Fposter_scroll%2Flifestyle%2Fhealth%231%22%7D%5D&gpp=DBABBg%7EBUoAAAKA.QA&gpp_sid=%5B8%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&_c=1
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.88.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-88-34.ams58.r.cloudfront.net
Software: Server /
Resource Hash: 13ca66cf6767366a16dcab079a022ab7efaff7ad1f44fe904543916d56bb2d9b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
via: 1.1 9840468fd7f0cd4b97907be5f049f14a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS58-P5
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://cytuk.qrehans.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: 0RwNCBqaHNLI5o3xZap1--S5gXmhMUji3vtXcU6uaYEku2asKBVCGg==

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 342 B
516 B 411ms
181ms XHR
application/json 35.155.115.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=922805&slot=%7Bid:partner-poster-scroll-7-container,ss:%5B300.250,300.600,300.1050%5D,p:/7103/usatoday/poster_scroll/lifestyle/health,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=545e9f03-11c1-e569-46eb-e55479d126f6&url=https%253A%252F%252Fcytuk.qrehans.com%252F
Requested by: Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.155.115.241 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-155-115-241.us-west-2.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: ba0dedf013a3fc91964b0077e9c9e8eaf12d1f5f0d112a72fa4d0d30af2def0a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
vary: Accept-Encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://cytuk.qrehans.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *

POST auction
www.usatoday.com/pbd/openrtb2/ 0
0

POST
H2 200 auction Show response
display.bidder.taboola.com/OpenRTB/TaboolaHB/ 12 KB
12 KB 222ms
220ms Fetch
application/json 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://display.bidder.taboola.com/OpenRTB/TaboolaHB/auction?publisher=1468240
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/partner/vendor/pbjsandwich-uw.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b2b00ea70ff88002089f5bd888e13f4718e7802d8a650ae2c3a5b38dee0a9f69

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

x-served-by: cache-bru1480025-BRU
date: Sun, 16 Jun 2024 17:06:37 GMT
via: 1.1 varnish
server: nginx
x-timer: S1718557598.671917,VS0,VE185
x-cache: MISS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://cytuk.qrehans.com
x-envoy-upstream-service-time: 176
accept-ranges: bytes
content-length: 12426
x-cache-hits: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
223 B 40ms
38ms Fetch 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.32.0&cb=83719875129&lsavail=0

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/partner/vendor/pbjsandwich-uw.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
observe-browsing-topics: ?1
vary: Origin
access-control-allow-origin: https://cytuk.qrehans.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 64 B
399 B 321ms
267ms XHR
text/javascript 18.239.88.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=3062&u=https%3A%2F%2Fcytuk.qrehans.com%2F&pid=cpcvyVaTgX6Qd&cb=5&ws=1600x1200&v=24.610.1703&t=1800&slots=%5B%7B%22sd%22%3A%22partner-poster-scroll-7-container%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22300x1050%22%5D%2C%22sn%22%3A%22%2F7103%2Fusatoday%2Fposter_scroll%2Flifestyle%2Fhealth%232%22%7D%5D&gpp=DBABBg%7EBUoAAAKA.QA&gpp_sid=%5B8%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&_c=1
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.88.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-88-34.ams58.r.cloudfront.net
Software: Server /
Resource Hash: 0f790bdfb9c12c83da88b657a00be6b9aee3d14d167002faaa9562bc74404325

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
via: 1.1 9840468fd7f0cd4b97907be5f049f14a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS58-P5
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://cytuk.qrehans.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: gC7MjIg7D8yb7xqd9YmHt3spuhk00vEJVA2NvhtmFPjIYwaDO9UdFg==

GET
H2 200 google-topics-api.20240613-38-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 22ms
22ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/google-topics-api.20240613-38-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d01e5e19fc6662b5598386d8a6368e5ba3ff7d9ddc57e43aad766faf24ac7068

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Origin: https://cytuk.qrehans.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: XsvnrjNAlBw0a9taDHAzCIHEkXPBbcXh
content-encoding: gzip
via: 1.1 varnish
date: Sun, 16 Jun 2024 17:06:37 GMT
x-amz-request-id: S1FWHXMVJC8XMQKZ
age: 5375
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 980
x-amz-id-2: FuioBFUPMN5ylhOcQlGIPWSOqHhcj/ODHihfyqRAlbzams24mKMgKiE2R5xriK4jKdx7JTvhoY0=
x-served-by: cache-bru1480046-BRU
last-modified: Sun, 16 Jun 2024 15:35:17 GMT
server: AmazonS3
x-timer: S1718557598.639918,VS0,VE0
etag: "ffe1084a0475919857c0fccef40b2f0e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 74
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 594

GET
H2 200 MIN-108010.js Show response
apv-launcher.minute.ly/api/launcher/ 31 KB
13 KB 87ms
18ms Script
text/javascript 199.232.215.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://apv-launcher.minute.ly/api/launcher/MIN-108010.js

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.215.52 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.25.1 /

Resource Hash

02039d4ac88e77884d8dab4b011fbb756ab82dd85c64ce39a19e2151d92c751c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sun, 16 Jun 2024 17:00:50 GMT
date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies: none
age: 347
x-cache: HIT, HIT
content-length: 11834
x-xss-protection: 1; mode=block
x-request-id: 4c207c13-9755-4102-9689-fb28023d50b9
x-served-by: cache-iad-kiad7000068-IAD, cache-bru1480074-BRU
x-runtime: 1.242623
referrer-policy: strict-origin-when-cross-origin
x-debug-req-method: GET
server: nginx/1.25.1
x-timer: S1718557598.709694,VS0,VE1
etag: W/"02039d4ac88e77884d8dab4b011fbb75"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
x-debug-app-get: GET
x-debug-server-name: apv-launcher.minute.ly
access-control-allow-credentials: true
cache-control: max-age=60
accept-ranges: bytes
access-control-allow-headers: content-type
x-cache-hits: 438, 0

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
431 B 64ms
17ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240613-38-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 303228
expires: 60

GET
H2 200 json Show response
trc.taboola.com/usatodaydemo/trc/3/ 36 KB
10 KB 421ms
403ms XHR
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/usatodaydemo/trc/3/json?tim=19%3A06%3A37.640&lti=deflated&data=%7B%22id%22%3A528%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1718553710825%2C%22vi%22%3A1718557597637%2C%22cv%22%3A%2220240613-38-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fcytuk.qrehans.com%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22126.0.6478.61%22%7D%2C%22cmps%22%3A0%2C%22ga%22%3Atrue%2C%22gpp%22%3A%22DBABBg~BUoAAAKA.QA%22%2C%22gpp_sid%22%3A%228%22%2C%22ccpa_dns%22%3A%22none%22%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fcytuk.qrehans.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A5210%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-u%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%20-%20New%20Design%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%20-%20New%20Design%22%2C%22cd%22%3A4855.296875%2C%22mw%22%3A710%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F%2CBelow%20Article%20Thumbnails%20-%20New%20Design%3Dthumbnails-u%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240613-38-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9b9aaf9bfded485eb830ac86f6d06057dd489fb568e6d399af9c97dc7eace13c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 384
date: Sun, 16 Jun 2024 17:06:38 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 1.0518750000000001
x-fastly-to-nlb-rtt: 3674
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-bru1480055-BRU
x-log-content-encoding: gzip
server: nginx
x-timer: S1718557598.667862,VS0,VE384
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://cytuk.qrehans.com
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 settings.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 4 KB
2 KB 150ms
150ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/settings.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f0e432fe6c86105fd5d8d07877aab0ca1cac7559abe56ea3ef28e3d3b328f6ea

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 1503
x-served-by: cache-dca-kcgs7200222-DCA, cache-iad-kcgs7200051-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557598.705929,VS0,VE129
etag: "15942810acd52ae2b0eb80847a8f5471"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 resolve-url.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 3 KB
1 KB 151ms
150ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/resolve-url.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

50b151128e92bf38325fab38896be2f5c6c78d557e10e649bb764dad42188e75

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 1295
x-served-by: cache-iad-kiad7000050-IAD, cache-iad-kcgs7200029-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557598.705971,VS0,VE132
etag: "75c1476d2c704094aa9e0a2ad4fb8e1f"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 dom-module.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/elements/ 7 KB
3 KB 136ms
136ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/elements/dom-module.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

32bbc893217eed1f27f02a5f6800e4b6153bfc8d71abb73af9ffcbb53f0307df

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 2659
x-served-by: cache-iad-kiad7000070-IAD, cache-iad-kiad7000070-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557598.706132,VS0,VE118
etag: "650e85c88657ad6543f5c6878e2a79fc"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 properties-mixin.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/ 10 KB
3 KB 148ms
148ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/properties-mixin.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e09640705202c275bf9e6e88c9ad5e83a989bd3868721d643f1932bd4875750a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 3113
x-served-by: cache-iad-kjyo7100072-IAD, cache-iad-kcgs7200074-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557598.706106,VS0,VE128
etag: "a6fa00d9cf48430838a3e13e02b2b3b8"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 gestures.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 27 KB
8 KB 148ms
148ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/gestures.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a29a29f34ab64d13ec7d58ccaa268bb7fa78352a9882152d77c4e564af4802ab

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 7889
x-served-by: cache-iad-kcgs7200061-IAD, cache-iad-kiad7000099-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557598.706272,VS0,VE128
etag: "ab9b79dd0eccf903828ccc487b6b1c05"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 property-accessors.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/ 13 KB
4 KB 145ms
145ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/property-accessors.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

59aba2008cdd8c0a3a24fef082e01c1cacdcc6cadd939396166eab475c1e925d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 4317
x-served-by: cache-iad-kiad7000052-IAD, cache-iad-kiad7000072-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557598.706948,VS0,VE125
etag: "f784aae56fbe41ef5c3cafca76aaf990"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 path.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 7 KB
3 KB 142ms
142ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/path.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5b529448eb68dc6a434e58709ade0b8d9458f4a0082ef03dae87ccbd9f7d8ce8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 2048
x-served-by: cache-iad-kcgs7200108-IAD, cache-iad-kcgs7200108-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557598.711445,VS0,VE123
etag: "9c50ebf02f5695e8e561d999a38130b5"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 case-map.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 2 KB
942 B 144ms
143ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/case-map.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bb8316121ab1fb502d56b1f8ce3fc3c7047447626255820a01cbedd807363b6b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 784
x-served-by: cache-iad-kjyo7100048-IAD, cache-iad-kjyo7100109-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557598.711906,VS0,VE123
etag: "6c6b9837ece12100d4cf4ed763989b68"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 template-stamp.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/ 20 KB
6 KB 140ms
140ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/template-stamp.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0862d3c8b349b9f7e0d49b4a68573691d390395a020002819d0723d7c5fe562e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 6028
x-served-by: cache-iad-kjyo7100139-IAD, cache-iad-kjyo7100138-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557598.711892,VS0,VE119
etag: "c6a88631bee700a9d0ea4929ac7d7c94"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 iron-request.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/iron-ajax/ 14 KB
4 KB 140ms
139ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/iron-ajax/iron-request.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2b63b3bee4bb1876f2c43ec5decb408dc8e29c928623b7f60094865c4ad2a4a7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 4329
x-served-by: cache-iad-kjyo7100091-IAD, cache-iad-kjyo7100122-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557598.720219,VS0,VE121
etag: "5388f28a0fd05ffd14616fd925b9c901"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
210 B 34ms
33ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1783958479&t=pageview&_s=1&dl=https%3A%2F%2Fcytuk.qrehans.com%2F&ul=nl-nl&de=UTF-8&dt=Healthy%20eating%3A%20How%20to%20eat%20healthy%20for%20a%20healthy%20weight%20and%20lifestyle&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KDDAgEABEAAAACgAI~&jid=1360029915&gjid=1649375606&cid=1474893891.1718557597100&tid=UA-166840762-3&_gid=440034625.1718557598&_slc=1&cd139=unsupported&cd140=unsupported&cd177=light&cd166=1&cd109=qrehans.com&cd130=no&cd5=7%3A00%20pm&cd6=2&cd93=cam-status%3Adisabled%2Ccam-experience-id%3Acontrol%2Creferer-group%3Aorganic%2Creferer-source%3Aorganic%2Cdevice-vendor%3Ageneric%2Cdevice-type%3Adesktop%2Cvariant-group%3A&cd26=daryl%20austin&cd59=daryl%20austin&cd65=lifestyle%3Ahealth&cd23=2024-02-05&cd24=18%3A40&cd25=Tips%20for%20healthy%20eating%3A%20Experts%20say%20take%20baby%20steps%2C%20keep%20recipes%20simple&cd14=11758541002&cm9=1&cd58=Healthy%2CLifestyles%2CDiet%2Cand%2Cnutrition%2CNew%2CYork%2CUniversity%2CTo%2Cthe%2CPoint%2CSEO%2CWellness%2CJust%2CCurious%2COverall%2CPositive%2CNutrition%2CFood%2C%26%2CDrink%2CHealthy%2CEating%2CHealthy%20Lifestyles%2CDiet%20and%20nutrition%2CNew%20York%20University%2CTo%20the%20Point%2CSEO%20Wellness%2CJust%20Curious%2COverall%20Positive%2CNutrition%2CFood%20%26%20Drink%2CHealthy%20Eating&cd9=&cd27=metered&cd94=USA%20TODAY&cd61=life&cd62=health-wellness&cd64=null&cd63=null&cd60=no%20story%20highlights&cd30=story%20pages&cd132=53255809-e824-441e-bbcf-e1da326f5a01&cd106=&cd78=&cd1=pageview&cd2=gciAnalytics%3Aprod%3A0.341.1%3AUSAT-TEALIUM-UW&cd3=0.341.1&cd76=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Flife%2Fhealth-wellness%2F2023%2F04%2F28%2Fhow-eat-healthy-tips-healthiest-foods-and-unhealthy-ones-avoid%2F11758541002%2F&cd45=desktop&cd49=universal&cd91=https%3A%2F%2Fcytuk.qrehans.com%2F&cd77=USAT-E&cd48=yes&cd197=life&cd198=health-wellness&cd135=https%3A%2F%2Fwww.usatoday.com%2Fstory%2Flife%2Fhealth-wellness%2F2023%2F04%2F28%2Fhow-eat-healthy-tips-healthiest-foods-and-unhealthy-ones-avoid%2F11758541002%2F&cd50=1%7C1%2CUSA%20TODAY%2C72481803007&cd95=Washington%2C%20VA&cd68=VA&cd67=usatoday&cd43=&cd28=USAT&cd99=Gannett&cd162=A&cd79=USAT-TEALIUM-UW&cd32=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36&cd4=8524fd85-adac-4d5c-8988-d3909c77e566&cd131=na&cd40=1&cd160=null&cd42=null&cd90=0&cd7=1474893891.1718557597100.41132837&cd44=1474893891.1718557597100&z=1729663146

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 17:06:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cytuk.qrehans.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
348 B 77ms
25ms XHR
text/plain 2a00:1450:400c:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-166840762-3&cid=1474893891.1718557597100&jid=1360029915&gjid=1649375606&_gid=440034625.1718557598&_u=KDDAgEABEAAAAGgAIAC~&z=1178033642

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 16 Jun 2024 17:06:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cytuk.qrehans.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/994302621/ 43 B
61 B 107ms
59ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/994302621/?random=1718557597752&cv=9&fst=1718557597752&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcytuk.qrehans.com%2F&tiba=Healthy%20eating%3A%20How%20to%20eat%20healthy%20for%20a%20healthy%20weight%20and%20lifestyle&hn=www.googleadservices.com&uaa=x86&uab=64&uam=&uap=Win32&uapv=10.0.0&uaw=0&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 prebid-event
traxex.gannettdigital.com/ 0
0 256ms
131ms Fetch 34.149.193.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://traxex.gannettdigital.com/prebid-event

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/partner.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.193.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

192.193.149.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 16 Jun 2024 17:06:37 GMT
via: 1.1 google
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 58ms
20ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-QQ6YP2J211&gtm=45je46c0v872457263za200&_p=1718557597761&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1474893891.1718557597100&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dp=%2Fstory%2Flife%2Fhealth-wellness%2F2023%2F04%2F28%2Fhow-eat-healthy-tips-healthiest-foods-and-unhealthy-ones-avoid%2F11758541002%2F&dt=Healthy%20eating%3A%20How%20to%20eat%20healthy%20for%20a%20healthy%20weight%20and%20lifestyle&dl=https%3A%2F%2Fcytuk.qrehans.com%2F&dr=&sid=1718557597&sct=1&seg=0&tfd=1549&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QQ6YP2J211
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 17:06:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cytuk.qrehans.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
226 B 25ms
25ms Image
text/plain 18.244.18.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c2=6035223&c1=2&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1718557597777&ns_c=UTF-8&c5=life&category=life&comscorekw=life_universal&c6=life%3Ahealth-wellness&c4=https%3A%2F%2Fcytuk.qrehans.com%2F&c15=8524fd85-adac-4d5c-8988-d3909c77e566&cs_fpid=8524fd85-adac-4d5c-8988-d3909c77e566&cs_ucfr=&cs_fpit=li&c7=https%3A%2F%2Fcytuk.qrehans.com%2F&c8=Healthy%20eating%3A%20How%20to%20eat%20healthy%20for%20a%20healthy%20weight%20and%20lifestyle&c9=
Requested by: Host: cytuk.qrehans.com
URL: https://cytuk.qrehans.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-38.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
via: 1.1 5d328d2e734cff11e41c897ec72f465e.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P11
x-amz-cf-id: 3o_wO9DQWT2w_wlAgjzc2hwwKeLm58B6-xDs3e6nKlBT6UziJLvr4g==
x-cache: Miss from cloudfront

GET
H2 200 taboola-browsing-topics.html
cdn.taboola.com/libtrc/static/topics/ Frame 1165 0
0 58ms
19ms Document
text/html 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/google-topics-api.20240613-38-RELEASE.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://cytuk.qrehans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

abp: 15
accept-ranges: bytes
access-control-allow-origin: *
age: 11024
cache-control: private,max-age=31536000
content-encoding: gzip
content-length: 340
content-type: text/html
date: Sun, 16 Jun 2024 17:06:37 GMT
etag: "8b140f0f0f6e1a0f986cc7d6dfd74d65"
last-modified: Tue, 13 Feb 2024 13:15:59 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 varnish
x-amz-id-2: kSVYSCSo5KYgwhmA+BpXLl16PaUxjnXRba1yF2MPoe3y8N/kao8kvR7hFC9uWUlyPc7ia2IBTmw=
x-amz-replication-status: COMPLETED
x-amz-request-id: DC9WTSSEMZVHBN6D
x-amz-server-side-encryption: AES256
x-amz-version-id: 4MpQ_aQntJKuJTBB3LGK3B7cfa8k5k0b
x-cache: HIT
x-cache-hits: 2551
x-served-by: cache-bru1480075-BRU
x-timer: S1718557598.827369,VS0,VE0

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
257 B 161ms
35ms Image
image/gif 52.17.99.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1718557597781&plid=5b6775ee-3225-42b8-928b-fddc80fd70ce&idsite=genericconfigfree&url=https%3A%2F%2Fcytuk.qrehans.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22sevenDayReturn%22%3Afalse%7D&tagManager=gciAnalytics%3Aprod%3A0.341.1%3AUSAT-TEALIUM-UW&sid=1&surl=https%3A%2F%2Fcytuk.qrehans.com%2F&sref=&sts=1718557597767&slts=0&title=Healthy+eating%3A+How+to+eat+healthy+for+a+healthy+weight+and+lifestyle&date=Sun+Jun+16+2024+19%3A06%3A37+GMT%2B0200+(Midden-Europese+zomertijd)&action=pageview&metadata=%7B%22title%22%3A%22Tips+for+healthy+eating%3A+Experts+say+take+baby+steps%2C+keep+recipes+simple%22%2C%22authors%22%3A%5B%22%2C+USA+TODAY%22%5D%2C%22description%22%3A%22Many+people+wonder+how+to+eat+healthy.+Experts+offer+tips+and+outline+the+healthiest+foods%2C+unhealthiest+foods+and+how+to+get+started.%22%2C%22dateModified%22%3A%222024-02-05T17%3A40%3A47Z%22%2C%22pub_date%22%3A%222023-04-28T17%3A18%3A49Z%22%2C%22image%22%3A%7B%22%40type%22%3A%22ImageObject%22%2C%22height%22%3A%22675%22%2C%22url%22%3A%22https%3A%2F%2Fwww.gannett-cdn.com%2Fpresto%2F2022%2F08%2F31%2FUSAT%2F243dbb43-ea4a-4fd2-918d-70dc9e6399a9-Anna_Jones_Food173recaption.JPG%3Fauto%3Dwebp%26crop%3D4776%2C2687%2Cx0%2Cy243%26format%3Dpjpg%26width%3D1200%22%2C%22width%22%3A%221200%22%7D%2C%22mainEntityOfPage%22%3A%7B%22%40type%22%3A%22WebPage%22%2C%22%40id%22%3A%22https%3A%2F%2Fwww.usatoday.com%2Fstory%2Flife%2Fhealth-wellness%2F2023%2F04%2F28%2Fhow-eat-healthy-tips-healthiest-foods-and-unhealthy-ones-avoid%2F11758541002%2F%22%7D%2C%22publisher%22%3A%7B%22%40type%22%3A%22Organization%22%2C%22logo%22%3A%7B%22%40type%22%3A%22ImageObject%22%2C%22height%22%3A%2260%22%2C%22url%22%3A%22https%3A%2F%2Fwww.gannett-cdn.com%2Fgannett-web%2Fproperties%2Fusatoday%2Flogos-and-branding%2Flogo-amp-results.png%22%7D%2C%22name%22%3A%22USA+TODAY%22%7D%2C%22image_url%22%3A%22https%3A%2F%2Fwww.gannett-cdn.com%2Fpresto%2F2022%2F08%2F31%2FUSAT%2F243dbb43-ea4a-4fd2-918d-70dc9e6399a9-Anna_Jones_Food173recaption.JPG%3Fauto%3Dwebp%26crop%3D4776%2C2687%2Cx0%2Cy243%26format%3Dpjpg%26width%3D1200%22%2C%22link%22%3A%22https%3A%2F%2Fwww.usatoday.com%2Fstory%2Flife%2Fhealth-wellness%2F2023%2F04%2F28%2Fhow-eat-healthy-tips-healthiest-foods-and-unhealthy-ones-avoid%2F11758541002%2F%22%2C%22page_type%22%3A%22post%22%7D&pageDomain=cytuk.qrehans.com&urlRef=https%3A%2F%2Fcytuk.qrehans.com%2F&js=1&pvid=809a554b-e824-46c0-ab30-76e79e747913&u=pid%3Dff358996-8fb0-41da-b90f-032a579ce256
Requested by: Host: cytuk.qrehans.com
URL: https://cytuk.qrehans.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.99.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 16 Jun 2024 17:06:37 GMT
Cache-Control: no-cache
Last-Modified: Sunday, 16-Jun-2024 17:06:37 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 mi-scraper-1.17.1.48.js Show response
snippet.minute.ly/publishers/108010/ 90 KB
28 KB 94ms
36ms Script
application/javascript 2606:4700:20::ac43:48f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://snippet.minute.ly/publishers/108010/mi-scraper-1.17.1.48.js
Requested by: Host: apv-launcher.minute.ly
URL: https://apv-launcher.minute.ly/api/launcher/MIN-108010.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:48f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e8391b622ec62d449bc2aed30c562965ce8e2054a3374d6f149d0a156de9eaa

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Origin: https://cytuk.qrehans.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 2QR2B3G9YPCMM79Y
age: 2258874
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 27538
x-amz-id-2: f3ctOeM8X9ey/otQyCJPv1QFQ3/uYxVR3q+8wHD17W8WYZa90WyazEp4JDer3wZqcBifvilHE6o=
x-served-by: cache-iad-kcgs7200151-IAD, cache-ams2100108-AMS
last-modified: Sun, 26 Nov 2023 15:56:23 GMT
server: cloudflare
x-timer: S1718557598.878825,VS0,VE0
etag: "7df1677eea96f10e61d44db9b70cc729"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WodHOOCWdUYhp7yRnNUyWfVkCikcoDE5RtwiIf%2BEC%2F%2Fpoa4JPJ9uSggXXjSImwasL8JRTSoN863HOsRMrHdYo3fva6SIq6o%2FDHXBAnRJDkNYpi9mHf%2Fi%2FXlViDRXuIIR1%2BCOZJabcRuHhEeN5uOA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 894c643aaa979fff-AMS
access-control-allow-headers: content-type
x-cache-hits: 2806, 389

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1718557597821&aid=a-01aa&se=e30&duid=f1ebb61b416b--01j0h07qzyzssf3cfaja1f97er&tv=v2.14.3&pu=https%3A%2F%2Fcytuk.qrehans.com%2F&wpn=lc-bundle&gpp_s=DBABBg~BUoAAAKA.QA&g...
https://rp4.liadm.com/j?se=e30&duid=f1ebb61b416b--01j0h07qzyzssf3cfaja1f97er&aid=a-01aa&cd=.qrehans.com&dtstmp=1718557597821&tv=v2.14.3&wpn=lc-bundle&gpp_as=8&i6=MmEwMDoxNjMwOjI6MWMwMjo6Mw%3D%3D&n3...

13 B
319 B

375ms
101ms

XHR
application/json

35.171.216.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rp4.liadm.com/j?se=e30&duid=f1ebb61b416b--01j0h07qzyzssf3cfaja1f97er&aid=a-01aa&cd=.qrehans.com&dtstmp=1718557597821&tv=v2.14.3&wpn=lc-bundle&gpp_as=8&i6=MmEwMDoxNjMwOjI6MWMwMjo6Mw%3D%3D&n3pc=true&gpp_s=DBABBg~BUoAAAKA.QA&pu=https%3A%2F%2Fcytuk.qrehans.com%2F&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9Ik1hbnkgcGVvcGxlIHdvbmRlciBob3cgdG8gZWF0IGhlYWx0aHkuIEV4cGVydHMgb2ZmZXIgdGlwcyBhbmQgb3V0bGluZSB0aGUgaGVhbHRoaWVzdCBmb29kcywgdW5oZWFsdGhpZXN0IGZvb2RzIGFuZCBob3cgdG8gZ2V0IHN0YXJ0ZWQuIj48dGl0bGU-SGVhbHRoeSBlYXRpbmc6IEhvdyB0byBlYXQgaGVhbHRoeSBmb3IgYSBoZWFsdGh5IHdlaWdodCBhbmQgbGlmZXN0eWxlPC90aXRsZT48bGluayByZWw9ImNhbm9uaWNhbCIgaHJlZj0iaHR0cHM6Ly93d3cudXNhdG9kYXkuY29tL3N0b3J5L2xpZmUvaGVhbHRoLXdlbGxuZXNzLzIwMjMvMDQvMjgvaG93LWVhdC1oZWFsdGh5LXRpcHMtaGVhbHRoaWVzdC1mb29kcy1hbmQtdW5oZWFsdGh5LW9uZXMtYXZvaWQvMTE3NTg1NDEwMDIvIj48aDEgY2xhc3M9ImRpc3BsYXktMiIgc3R5bGU9ImZvbnQtc2l6ZToxOHB4O2xpbmUtaGVpZ2h0OjIxcHgiPlRpcHMgZm9yIGhlYWx0aHkgZWF0aW5nOiBFeHBlcnRzIHNheSB0YWtlIGJhYnkgc3RlcHMsIGtlZXAgcmVjaXBlcyBzaW1wbGU8L2gxPjx0aXRsZT5CYWNrIEJ1dHRvbjwvdGl0bGU-PHRpdGxlPlNlYXJjaCBJY29uPC90aXRsZT48dGl0bGU-RmlsdGVyIEljb248L3RpdGxlPg
Protocol: H2
Server: 35.171.216.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-216-113.compute-1.amazonaws.com
Software: /
Resource Hash: efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://cytuk.qrehans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 16 Jun 2024 17:06:38 GMT
x-pixel-event-id: c85c88e3-7ead-4293-b79f-fbf59c10acd0
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: null
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 13

Redirect headers

location: https://rp4.liadm.com/j?se=e30&duid=f1ebb61b416b--01j0h07qzyzssf3cfaja1f97er&aid=a-01aa&cd=.qrehans.com&dtstmp=1718557597821&tv=v2.14.3&wpn=lc-bundle&gpp_as=8&i6=MmEwMDoxNjMwOjI6MWMwMjo6Mw%3D%3D&n3pc=true&gpp_s=DBABBg~BUoAAAKA.QA&pu=https%3A%2F%2Fcytuk.qrehans.com%2F&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9Ik1hbnkgcGVvcGxlIHdvbmRlciBob3cgdG8gZWF0IGhlYWx0aHkuIEV4cGVydHMgb2ZmZXIgdGlwcyBhbmQgb3V0bGluZSB0aGUgaGVhbHRoaWVzdCBmb29kcywgdW5oZWFsdGhpZXN0IGZvb2RzIGFuZCBob3cgdG8gZ2V0IHN0YXJ0ZWQuIj48dGl0bGU-SGVhbHRoeSBlYXRpbmc6IEhvdyB0byBlYXQgaGVhbHRoeSBmb3IgYSBoZWFsdGh5IHdlaWdodCBhbmQgbGlmZXN0eWxlPC90aXRsZT48bGluayByZWw9ImNhbm9uaWNhbCIgaHJlZj0iaHR0cHM6Ly93d3cudXNhdG9kYXkuY29tL3N0b3J5L2xpZmUvaGVhbHRoLXdlbGxuZXNzLzIwMjMvMDQvMjgvaG93LWVhdC1oZWFsdGh5LXRpcHMtaGVhbHRoaWVzdC1mb29kcy1hbmQtdW5oZWFsdGh5LW9uZXMtYXZvaWQvMTE3NTg1NDEwMDIvIj48aDEgY2xhc3M9ImRpc3BsYXktMiIgc3R5bGU9ImZvbnQtc2l6ZToxOHB4O2xpbmUtaGVpZ2h0OjIxcHgiPlRpcHMgZm9yIGhlYWx0aHkgZWF0aW5nOiBFeHBlcnRzIHNheSB0YWtlIGJhYnkgc3RlcHMsIGtlZXAgcmVjaXBlcyBzaW1wbGU8L2gxPjx0aXRsZT5CYWNrIEJ1dHRvbjwvdGl0bGU-PHRpdGxlPlNlYXJjaCBJY29uPC90aXRsZT48dGl0bGU-RmlsdGVyIEljb248L3RpdGxlPg
access-control-allow-origin: https://cytuk.qrehans.com
date: Sun, 16 Jun 2024 17:06:38 GMT
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET

POST
H2 200 prebid-event
traxex.gannettdigital.com/ 0
0 184ms
116ms Fetch 34.149.193.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://traxex.gannettdigital.com/prebid-event

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/partner.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.193.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

192.193.149.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 16 Jun 2024 17:06:37 GMT
via: 1.1 google
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 properties-changed.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/ 21 KB
6 KB 144ms
139ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/properties-changed.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c745a6114bddb356770c22a8dce7861cff4a1502a81ff222fac8c21efb6b2f85

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 5554
x-served-by: cache-iad-kjyo7100028-IAD, cache-iad-kjyo7100176-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557598.859571,VS0,VE123
etag: "cb0b7819ecf4cbd8c49f86bdeb7b4803"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 telemetry.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 2 KB
1 KB 150ms
145ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/telemetry.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d0f7c1ea8c0452b0c347c2f5949f8e9ab0936a255ce7615f22979280d60e50a0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 776
x-served-by: cache-iad-kiad7000150-IAD, cache-iad-kiad7000147-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557598.859767,VS0,VE129
etag: "863322f656542c1dd71e0580cc5c6106"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

POST
H2 200 prebid-event
traxex.gannettdigital.com/ 0
0 154ms
125ms Fetch 34.149.193.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://traxex.gannettdigital.com/prebid-event

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/partner.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.193.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

192.193.149.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 16 Jun 2024 17:06:37 GMT
via: 1.1 google
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 200 prebid-event
traxex.gannettdigital.com/ 0
0 151ms
126ms Fetch 34.149.193.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://traxex.gannettdigital.com/prebid-event

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/partner.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.193.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

192.193.149.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 16 Jun 2024 17:06:37 GMT
via: 1.1 google
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 200 prebid-event
traxex.gannettdigital.com/ 0
0 140ms
126ms Fetch 34.149.193.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://traxex.gannettdigital.com/prebid-event

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/partner.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.193.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

192.193.149.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 16 Jun 2024 17:06:37 GMT
via: 1.1 google
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 200 _.gif
counter.snackly.co/ 0
38 B 179ms
128ms Ping
image/gif 2606:4700:10::6816:48ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.snackly.co/_.gif
Requested by: Host: snippet.minute.ly
URL: https://snippet.minute.ly/publishers/108010/mi-scraper-1.17.1.48.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:48ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 16 Jun 2024 17:06:38 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
access-control-allow-origin: https://cytuk.qrehans.com
cache-control: max-age=0, private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 894c643b5eecb963-AMS
access-control-allow-headers: Content-Type
content-length: 0
expires: Sun, 16 Jun 2024 17:06:38 GMT

POST
H2 200 _.gif
counter.snackly.co/ 0
249 B 175ms
124ms Ping
image/gif 2606:4700:10::6816:48ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.snackly.co/_.gif
Requested by: Host: snippet.minute.ly
URL: https://snippet.minute.ly/publishers/108010/mi-scraper-1.17.1.48.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:48ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 16 Jun 2024 17:06:38 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
access-control-allow-origin: https://cytuk.qrehans.com
cache-control: max-age=0, private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 894c643b5eebb963-AMS
access-control-allow-headers: Content-Type
content-length: 0
expires: Sun, 16 Jun 2024 17:06:38 GMT

POST
H2 200 prebid-event
traxex.gannettdigital.com/ 0
0 116ms
116ms Fetch 34.149.193.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://traxex.gannettdigital.com/prebid-event

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/partner.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.193.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

192.193.149.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 16 Jun 2024 17:06:37 GMT
via: 1.1 google
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 favicon.png
www.gannett-cdn.com/sites/usatoday/images/ 198 B
477 B 19ms
19ms Other
image/webp 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gannett-cdn.com/sites/usatoday/images/favicon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3a364d6676231e5ebefb13c57f4e9e2f29e3b6897b985d4f87e21cfc2124cdd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 1042590
x-amz-meta-goog-reserved-file-mtime: 1510535983
x-cache: HIT, HIT
fastly-stats: io=1
content-length: 198
etag: "tgp815u4crhaHRBXxNYNbU7FtJ3VsbdtYkUl0aIYJhQ"
vary: Accept
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-language: en
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-checksum-crc32c: 1/9G9g==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 17397, 4

GET
H2 200 custom-style-interface.min.js Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/shadycss/ 3 KB
1 KB 140ms
140ms Script
application/javascript 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/shadycss/custom-style-interface.min.js

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b92490f0e08edd6e7b5e9704b1208cb9124eeac94841dda895b0dff4854ac956

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:38 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 1346
x-served-by: cache-iad-kjyo7100163-IAD, cache-iad-kjyo7100082-IAD, cache-bru1480072-BRU
server: AmazonS3
x-timer: S1718557598.011239,VS0,VE122
etag: "0bcf779c48ca31aad51499609f591fac"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 explore-more.20240613-38-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 26 KB
8 KB 20ms
20ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/explore-more.20240613-38-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e37e0394ab43e6c9290de01c8b0ebdad8aab18230215211e6d84129de22f3bac

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Origin: https://cytuk.qrehans.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 651BhjOqmf2gwoLG0a42VQOMyxvXTqCB
content-encoding: gzip
via: 1.1 varnish
date: Sun, 16 Jun 2024 17:06:38 GMT
x-amz-request-id: S1FJ3BZS49PR7VT3
age: 5375
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 7619
x-amz-id-2: KUhCsutljtFONz0EZXWr7JQcdGtfULh3iEEuT0v+DhLZoMbrhr4vQMxkU9m4C7kF0vBYpQJ8npLhCiMHj/T2kA==
x-served-by: cache-bru1480046-BRU
last-modified: Sun, 16 Jun 2024 15:35:29 GMT
server: AmazonS3
x-timer: S1718557598.078657,VS0,VE0
etag: "c1e24ab2f2170a2db2d9d94b21d49f01"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 20
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 606

GET
H2 200 feed-card-placeholder.20240613-38-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
1 KB 20ms
20ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20240613-38-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f8d376e82a994285cc5382ac74d502fa36b999572b352c1a5438026e18a50f79

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Origin: https://cytuk.qrehans.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 6JOgJZhx3e8nEF0nJmFGjqQzLmAYXK1f
content-encoding: gzip
via: 1.1 varnish
date: Sun, 16 Jun 2024 17:06:38 GMT
x-amz-request-id: S1FKKF58S5ZYSC0Y
age: 5375
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1263
x-amz-id-2: ICHDr4mvmRUkeKufV1jxIt89YmwvtZ3wKwpy1H74W55S2G5vzRrIeDjkQ4Ek2ka7M8dAEF9xA8w=
x-served-by: cache-bru1480046-BRU
last-modified: Sun, 16 Jun 2024 15:35:27 GMT
server: AmazonS3
x-timer: S1718557598.078960,VS0,VE0
etag: "5dd3a1ae5bc39d13b91ae9aa6ce722e0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 3
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 814

GET
H2 200 userx.20240613-38-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 18 KB
6 KB 18ms
18ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20240613-38-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 90e901fbbc352c09a20013f5e984159ab7373e9695dcc4d3569a589c99a6c67b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Origin: https://cytuk.qrehans.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: vL_AhsJjBOIAbK8gFq.SKXkELi7wPbif
content-encoding: gzip
via: 1.1 varnish
date: Sun, 16 Jun 2024 17:06:38 GMT
x-amz-request-id: JPMNT5WK1B3PZTH2
age: 5346
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 5569
x-amz-id-2: J/EWIwzwA3JBbOQPDck8NjWiDOeGdSJ+vL3I4pc8nNaCH626IH2YpMFsfjfUAsK9nTxTmjEEPek=
x-served-by: cache-bru1480046-BRU
last-modified: Sun, 16 Jun 2024 15:35:40 GMT
server: AmazonS3
x-timer: S1718557598.085357,VS0,VE0
etag: "b9ce91d75849200246dd4e54518e95cf"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 90
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 158

GET
H2 200 distance-from-article.20240613-38-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
2 KB 19ms
19ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20240613-38-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b2ef79fd7b05000bfb5c0175224fbd3a5428baccc438a8eddef4a52745751b3d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Origin: https://cytuk.qrehans.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: EC714fikN3v0l9s7LAnvBpGVAogWbDA3
content-encoding: gzip
via: 1.1 varnish
date: Sun, 16 Jun 2024 17:06:38 GMT
x-amz-request-id: S1FKPT01EPKPCNMK
age: 5375
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1525
x-amz-id-2: 1yfEvwaUL/ikWnNckVwCwc2xtpcpibsWqv2CvLB06utyQkqDSeNLG+vOEor9Wz5gG37yDMgR0jI=
x-served-by: cache-bru1480046-BRU
last-modified: Sun, 16 Jun 2024 15:35:34 GMT
server: AmazonS3
x-timer: S1718557598.085450,VS0,VE0
etag: "3fb9591bf811a47bee97415d58da0084"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 27
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 862

GET
H2 200 article-detection.20240613-38-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
2 KB 20ms
20ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20240613-38-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a27b51f0f695fb3a45828855e1c3699fbbbd6f2423c6be13380649dc2d46b052

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Origin: https://cytuk.qrehans.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: bb_NZWLCV.RQb9_b.gbL20RN5D5XI4o3
content-encoding: gzip
via: 1.1 varnish
date: Sun, 16 Jun 2024 17:06:38 GMT
x-amz-request-id: S1FJF5E24ME2QAXD
age: 5375
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1293
x-amz-id-2: kXcfEKRc7o+h4+vD541/qdum9M0rW2msOr+PbyUIe7yY5z1cio6xP1/bWSyiptRZy4MFh9dyyV0=
x-served-by: cache-bru1480046-BRU
last-modified: Sun, 16 Jun 2024 15:35:44 GMT
server: AmazonS3
x-timer: S1718557598.085625,VS0,VE0
etag: "d22885dc7dce1cba314b29811d833fa0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 80
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 860

POST
H2 204 review-mode
trc.taboola.com/usatodaydemo/log/3/ 0
137 B 33ms
23ms Ping
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/usatodaydemo/log/3/review-mode?tvi2=16822&tvi50=17350&route=AM%3AAM%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240613-38-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 5
date: Sun, 16 Jun 2024 17:06:38 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 3866
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-bru1480055-BRU
pragma: no-cache
server: nginx
x-timer: S1718557598.107303,VS0,VE5
content-type: image/gif
access-control-allow-origin: https://cytuk.qrehans.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H2 204 review-mode
trc.taboola.com/usatodaydemo/log/3/ 0
54 B 49ms
40ms Ping
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/usatodaydemo/log/3/review-mode?tvi2=16822&tvi50=17350&route=AM%3AAM%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240613-38-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 5
date: Sun, 16 Jun 2024 17:06:38 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 4197
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-bru1480055-BRU
pragma: no-cache
server: nginx
x-timer: S1718557598.124392,VS0,VE5
content-type: image/gif
access-control-allow-origin: https://cytuk.qrehans.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H2 204 review-mode
trc.taboola.com/usatodaydemo/log/3/ 0
61 B 50ms
41ms Ping
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/usatodaydemo/log/3/review-mode?tvi2=16822&tvi50=17350&route=AM%3AAM%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240613-38-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 6
date: Sun, 16 Jun 2024 17:06:38 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 3941
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v2
x-served-by: cache-bru1480055-BRU
pragma: no-cache
server: nginx
x-timer: S1718557598.124365,VS0,VE6
content-type: image/gif
access-control-allow-origin: https://cytuk.qrehans.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H2 204 review-mode
trc.taboola.com/usatodaydemo/log/3/ 0
54 B 50ms
40ms Ping
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/usatodaydemo/log/3/review-mode?tvi2=16822&tvi50=17350&route=AM%3AAM%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240613-38-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 5
date: Sun, 16 Jun 2024 17:06:38 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 3842
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-bru1480055-BRU
pragma: no-cache
server: nginx
x-timer: S1718557598.124487,VS0,VE5
content-type: image/gif
access-control-allow-origin: https://cytuk.qrehans.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H2 204 review-mode
trc.taboola.com/usatodaydemo/log/3/ 0
211 B 67ms
58ms Ping
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/usatodaydemo/log/3/review-mode?tvi2=16822&tvi50=17350&route=AM%3AAM%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240613-38-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 5
date: Sun, 16 Jun 2024 17:06:38 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 3964
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-bru1480055-BRU
pragma: no-cache
server: nginx
x-timer: S1718557598.141632,VS0,VE5
content-type: image/gif
access-control-allow-origin: https://cytuk.qrehans.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H2 204 review-mode
trc.taboola.com/usatodaydemo/log/3/ 0
93 B 67ms
58ms Ping
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/usatodaydemo/log/3/review-mode?tvi2=16822&tvi50=17350&route=AM%3AAM%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240613-38-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 5
date: Sun, 16 Jun 2024 17:06:38 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 3680
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-bru1480055-BRU
pragma: no-cache
server: nginx
x-timer: S1718557598.141821,VS0,VE5
content-type: image/gif
access-control-allow-origin: https://cytuk.qrehans.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 supply-feature
am-trc-events.taboola.com/usatodaydemo/log/3/ 0
231 B 116ms
17ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/usatodaydemo/log/3/supply-feature?route=AM:AM:V&tvi2=16822&tvi50=17350&lti=deflated&ri=8e8f47265271828f8abf3aace4bae8e8&sd=v2_f5c87b7bf2bec3862ce1476cf670c119_9d216d1c-2e25-4740-b4c9-908ec0d81a32-tuctd68a11d_1718557597_1718557597_CNawjgYQkAkYxb-PkIIyIAEoATChATiX6gtAnZcQSOjO2gNQ____________AVgAYABo4uPVg8u34P65AXAA&ui=9d216d1c-2e25-4740-b4c9-908ec0d81a32-tuctd68a11d&pi=/&wi=7649520996842755608&pt=text&vi=1718557597637&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=19%3A06%3A38.071&id=7768&llvl=2&cv=20240613-38-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 16 Jun 2024 17:06:38 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
am-trc-events.taboola.com/usatodaydemo/log/3/ 0
231 B 116ms
17ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/usatodaydemo/log/3/abtests?route=AM:AM:V&tvi2=16822&tvi50=17350&lti=deflated&ri=8e8f47265271828f8abf3aace4bae8e8&sd=v2_f5c87b7bf2bec3862ce1476cf670c119_9d216d1c-2e25-4740-b4c9-908ec0d81a32-tuctd68a11d_1718557597_1718557597_CNawjgYQkAkYxb-PkIIyIAEoATChATiX6gtAnZcQSOjO2gNQ____________AVgAYABo4uPVg8u34P65AXAA&ui=9d216d1c-2e25-4740-b4c9-908ec0d81a32-tuctd68a11d&pi=/&wi=7649520996842755608&pt=text&vi=1718557597637&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1718557598076%7D&tim=19%3A06%3A38.076&id=7777&llvl=2&cv=20240613-38-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 16 Jun 2024 17:06:38 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 review-mode
trc.taboola.com/usatodaydemo/log/3/ 0
56 B 33ms
33ms Image
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/usatodaydemo/log/3/review-mode?route=AM:AM:V&tvi2=16822&tvi50=17350&lti=deflated&ri=8e8f47265271828f8abf3aace4bae8e8&sd=v2_f5c87b7bf2bec3862ce1476cf670c119_9d216d1c-2e25-4740-b4c9-908ec0d81a32-tuctd68a11d_1718557597_1718557597_CNawjgYQkAkYxb-PkIIyIAEoATChATiX6gtAnZcQSOjO2gNQ____________AVgAYABo4uPVg8u34P65AXAA&ui=9d216d1c-2e25-4740-b4c9-908ec0d81a32-tuctd68a11d&pi=/&wi=7649520996842755608&pt=text&vi=1718557597637&tim=19%3A06%3A38.088&id=4030&llvl=2&cv=20240613-38-RELEASE&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 5
date: Sun, 16 Jun 2024 17:06:38 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 3644
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v2
x-served-by: cache-bru1480055-BRU
pragma: no-cache
server: nginx
x-timer: S1718557598.141777,VS0,VE5
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 review-mode
trc.taboola.com/usatodaydemo/log/3/ 0
55 B 23ms
22ms Image
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/usatodaydemo/log/3/review-mode?route=AM:AM:V&tvi2=16822&tvi50=17350&lti=deflated&ri=8e8f47265271828f8abf3aace4bae8e8&sd=v2_f5c87b7bf2bec3862ce1476cf670c119_9d216d1c-2e25-4740-b4c9-908ec0d81a32-tuctd68a11d_1718557597_1718557597_CNawjgYQkAkYxb-PkIIyIAEoATChATiX6gtAnZcQSOjO2gNQ____________AVgAYABo4uPVg8u34P65AXAA&ui=9d216d1c-2e25-4740-b4c9-908ec0d81a32-tuctd68a11d&pi=/&wi=7649520996842755608&pt=text&vi=1718557597637&tim=19%3A06%3A38.089&id=2064&llvl=2&cv=20240613-38-RELEASE&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 5
date: Sun, 16 Jun 2024 17:06:38 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 3863
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-bru1480055-BRU
pragma: no-cache
server: nginx
x-timer: S1718557598.148578,VS0,VE5
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 review-mode
trc.taboola.com/usatodaydemo/log/3/ 0
137 B 23ms
22ms Image
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/usatodaydemo/log/3/review-mode?route=AM:AM:V&tvi2=16822&tvi50=17350&lti=deflated&ri=8e8f47265271828f8abf3aace4bae8e8&sd=v2_f5c87b7bf2bec3862ce1476cf670c119_9d216d1c-2e25-4740-b4c9-908ec0d81a32-tuctd68a11d_1718557597_1718557597_CNawjgYQkAkYxb-PkIIyIAEoATChATiX6gtAnZcQSOjO2gNQ____________AVgAYABo4uPVg8u34P65AXAA&ui=9d216d1c-2e25-4740-b4c9-908ec0d81a32-tuctd68a11d&pi=/&wi=7649520996842755608&pt=text&vi=1718557597637&tim=19%3A06%3A38.089&id=7961&llvl=2&cv=20240613-38-RELEASE&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 5
date: Sun, 16 Jun 2024 17:06:38 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 3812
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-bru1480055-BRU
pragma: no-cache
server: nginx
x-timer: S1718557598.148910,VS0,VE5
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 review-mode
trc.taboola.com/usatodaydemo/log/3/ 0
54 B 23ms
23ms Image
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/usatodaydemo/log/3/review-mode?route=AM:AM:V&tvi2=16822&tvi50=17350&lti=deflated&ri=8e8f47265271828f8abf3aace4bae8e8&sd=v2_f5c87b7bf2bec3862ce1476cf670c119_9d216d1c-2e25-4740-b4c9-908ec0d81a32-tuctd68a11d_1718557597_1718557597_CNawjgYQkAkYxb-PkIIyIAEoATChATiX6gtAnZcQSOjO2gNQ____________AVgAYABo4uPVg8u34P65AXAA&ui=9d216d1c-2e25-4740-b4c9-908ec0d81a32-tuctd68a11d&pi=/&wi=7649520996842755608&pt=text&vi=1718557597637&tim=19%3A06%3A38.090&id=3174&llvl=2&cv=20240613-38-RELEASE&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 5
date: Sun, 16 Jun 2024 17:06:38 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 3958
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v2
x-served-by: cache-bru1480055-BRU
pragma: no-cache
server: nginx
x-timer: S1718557598.148852,VS0,VE5
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 review-mode
trc.taboola.com/usatodaydemo/log/3/ 0
54 B 22ms
22ms Image
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/usatodaydemo/log/3/review-mode?route=AM:AM:V&tvi2=16822&tvi50=17350&lti=deflated&ri=8e8f47265271828f8abf3aace4bae8e8&sd=v2_f5c87b7bf2bec3862ce1476cf670c119_9d216d1c-2e25-4740-b4c9-908ec0d81a32-tuctd68a11d_1718557597_1718557597_CNawjgYQkAkYxb-PkIIyIAEoATChATiX6gtAnZcQSOjO2gNQ____________AVgAYABo4uPVg8u34P65AXAA&ui=9d216d1c-2e25-4740-b4c9-908ec0d81a32-tuctd68a11d&pi=/&wi=7649520996842755608&pt=text&vi=1718557597637&tim=19%3A06%3A38.090&id=3004&llvl=2&cv=20240613-38-RELEASE&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 5
date: Sun, 16 Jun 2024 17:06:38 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 3792
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-bru1480055-BRU
pragma: no-cache
server: nginx
x-timer: S1718557598.166086,VS0,VE5
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 review-mode
trc.taboola.com/usatodaydemo/log/3/ 0
58 B 23ms
23ms Image
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/usatodaydemo/log/3/review-mode?route=AM:AM:V&tvi2=16822&tvi50=17350&lti=deflated&ri=8e8f47265271828f8abf3aace4bae8e8&sd=v2_f5c87b7bf2bec3862ce1476cf670c119_9d216d1c-2e25-4740-b4c9-908ec0d81a32-tuctd68a11d_1718557597_1718557597_CNawjgYQkAkYxb-PkIIyIAEoATChATiX6gtAnZcQSOjO2gNQ____________AVgAYABo4uPVg8u34P65AXAA&ui=9d216d1c-2e25-4740-b4c9-908ec0d81a32-tuctd68a11d&pi=/&wi=7649520996842755608&pt=text&vi=1718557597637&tim=19%3A06%3A38.091&id=840&llvl=2&cv=20240613-38-RELEASE&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 5
date: Sun, 16 Jun 2024 17:06:38 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 3935
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v2
x-served-by: cache-bru1480055-BRU
pragma: no-cache
server: nginx
x-timer: S1718557598.166175,VS0,VE5
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 social
am-trc-events.taboola.com/usatodaydemo/log/3/ 0
231 B 110ms
17ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/usatodaydemo/log/3/social?route=AM:AM:V&tvi2=16822&tvi50=17350&lti=deflated&ri=8e8f47265271828f8abf3aace4bae8e8&sd=v2_f5c87b7bf2bec3862ce1476cf670c119_9d216d1c-2e25-4740-b4c9-908ec0d81a32-tuctd68a11d_1718557597_1718557597_CNawjgYQkAkYxb-PkIIyIAEoATChATiX6gtAnZcQSOjO2gNQ____________AVgAYABo4uPVg8u34P65AXAA&ui=9d216d1c-2e25-4740-b4c9-908ec0d81a32-tuctd68a11d&pi=/&wi=7649520996842755608&pt=text&vi=1718557597637&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.usatoday.com%2Fstory%2Flife%2Fhealth-wellness%2F2023%2F04%2F28%2Fhow-eat-healthy-tips-healthiest-foods-and-unhealthy-ones-avoid%2F11758541002%2F%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Tips%20for%20healthy%20eating%3A%20Experts%20say%20take%20baby%20steps%2C%20keep%20recipes%20simple%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%22USA%20TODAY%22%5D%2C%22img%22%3A%22https%3A%2F%2Fwww.gannett-cdn.com%2Fpresto%2F2022%2F08%2F31%2FUSAT%2F243dbb43-ea4a-4fd2-918d-70dc9e6399a9-Anna_Jones_Food173recaption.JPG%3Fauto%3Dwebp%26crop%3D4776%2C2687%2Cx0%2Cy243%26format%3Dpjpg%26width%3D1200%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=19%3A06%3A38.100&id=7654&llvl=2&cv=20240613-38-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 16 Jun 2024 17:06:38 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
am-trc-events.taboola.com/usatodaydemo/log/2/ 0
91 B 106ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/usatodaydemo/log/2/debug?tim=19%3A06%3A38.102&type=usage&msg=New_CTA-event-1718557598102&llvl=2&id=5054&cv=20240613-38-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~2452948587671551909~~ADGYek6niruCA%22%7D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:38 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 14938

GET
H2 204 debug
am-trc-events.taboola.com/usatodaydemo/log/2/ 0
90 B 50ms
16ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/usatodaydemo/log/2/debug?tim=19%3A06%3A38.102&type=usage&msg=New_CTA-event-1718557598102&llvl=2&id=8521&cv=20240613-38-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~2452948587671551909~~ADGYek6niruCA%22%7D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:38 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 14938

GET
H2 204 debug
am-trc-events.taboola.com/usatodaydemo/log/2/ 0
90 B 44ms
16ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/usatodaydemo/log/2/debug?tim=19%3A06%3A38.103&type=usage&msg=New_CTA-event-1718557598103&llvl=2&id=9998&cv=20240613-38-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~1279136492190555449~~uNtJax4E9hlFe%22%7D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:38 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 14938

GET
H2 204 debug
am-trc-events.taboola.com/usatodaydemo/log/2/ 0
90 B 15ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/usatodaydemo/log/2/debug?tim=19%3A06%3A38.104&type=usage&msg=New_CTA-event-1718557598104&llvl=2&id=8040&cv=20240613-38-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~1279136492190555449~~uNtJax4E9hlFe%22%7D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:38 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 14938

GET
H2 200 74098690007-reuters-biden-thumb-3.jpg%3Fcrop%3D1919%2C1079%2Cx0%2Cy0%26width%3D1919%26height%3D1079%26format%3Dpjpg%26auto%3Dwebp
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.usatoday.com/gcdn/authoring/authoring-images/2024/06/14/USAT/ 66 KB
67 KB 103ms
102ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.usatoday.com/gcdn/authoring/authoring-images/2024/06/14/USAT/74098690007-reuters-biden-thumb-3.jpg%3Fcrop%3D1919%2C1079%2Cx0%2Cy0%26width%3D1919%26height%3D1079%26format%3Dpjpg%26auto%3Dwebp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4b9180dd86f6afb03bb7570c71c615e5522b6013d5cda37c1896141d4c4fe922

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 85
date: Sun, 16 Jun 2024 17:06:38 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.usatoday.com/gcdn/authoring/authoring-images/2024/06/14/USAT/74098690007-reuters-biden-thumb-3.jpg%3Fcrop%3D1919%2C1079%2Cx0%2Cy0%26width%3D1919%26height%3D1079%26format%3Dpjpg%26auto%3Dwebp
age: 169010
edge-cache-tag: 449223602496278886317172515763373846242,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 449223602496278886317172515763373846242,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT, MISS
x-envoy-upstream-service-time: 531
req-referer: https://www.usatoday.com/
content-length: 67308
x-request-id: 9a141cc2914d446455a0cf22adc729ba
x-served-by: cache-iad-kjyo7100177-IAD, cache-iad-kjyo7100177-IAD, cache-bur-kbur8200150-BUR, cache-iad-kjyo7100052-IAD, cache-bru1480055-BRU
last-modified: Fri, 14 Jun 2024 17:39:43 GMT
server: nginx
surrogate-reporting: width=1919,height=959,bytes=132422,owidth=1919,oheight=1079,obytes=169862,ef=(1,13,17,23,30)
x-timer: S1718557598.171836,VS0,VE85
etag: "38c39f0e462b947072c10fdc3d061279"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 206, 0

GET
H2 200 5d5f9b8bf077b040842d994d8a6321d3.png
images.taboola.com/taboola/image/fetch/h_523,w_940,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 44 KB
45 KB 19ms
19ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_523,w_940,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5d5f9b8bf077b040842d994d8a6321d3.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 004a11ec006ae584aaef498e667db3ae638da9586d7e898865547b0e439ff45f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Sun, 16 Jun 2024 17:06:38 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/h_523,w_940,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5d5f9b8bf077b040842d994d8a6321d3.png
age: 524075
edge-cache-tag: 327578796052408736704057366704105147450,361339568627806578574169180252383295844,29ecf9b93bbf306179626feeda1fab70
cache-tag: 327578796052408736704057366704105147450,361339568627806578574169180252383295844,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 164
req-referer: https://www.espncricinfo.com/
content-length: 45312
x-request-id: 3f3d547ab31362b033657572ecd48812
x-served-by: cache-iad-kjyo7100054-IAD, cache-iad-kiad7000047-IAD, cache-lga21969-LGA, cache-iad-kiad7000112-IAD, cache-bru1480055-BRU
last-modified: Sun, 09 Jun 2024 18:00:25 GMT
server: nginx
surrogate-reporting: width=1080,height=600,bytes=821937,owidth=1067,oheight=600,obytes=953804,ef=(1,17,30,98)
x-timer: S1718557598.171974,VS0,VE1
etag: "d30e4b365724b50c461959f01f2a2924"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 9, 0

GET
H2 200 9eac532cc8b0d905b92b3c26bd2eefd0.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 8 KB
9 KB 19ms
18ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9eac532cc8b0d905b92b3c26bd2eefd0.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9167eb479d1c9dd7fbf4161b1c18dcab7a7a0ce931dc801768d5f83941ea47a4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Sun, 16 Jun 2024 17:06:38 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9eac532cc8b0d905b92b3c26bd2eefd0.png
age: 983320
edge-cache-tag: 412556416576856030267706041561872456383,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 412556416576856030267706041561872456383,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 290
req-referer: https://www.merca2.es/
content-length: 8220
x-request-id: fe8d08679c6821238e61d802a4a769e3
x-served-by: cache-iad-kcgs7200036-IAD, cache-iad-kjyo7100133-IAD, cache-bur-kbur8200132-BUR, cache-iad-kiad7000137-IAD, cache-bru1480055-BRU
last-modified: Tue, 04 Jun 2024 14:42:21 GMT
server: nginx
surrogate-reporting: width=1067,height=592,bytes=30822,owidth=1067,oheight=600,obytes=492045,ef=(1,13,17,23,30)
x-timer: S1718557598.188924,VS0,VE1
etag: "eb82834b5a4bf07421c46396c41ca005"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 7, 0

GET
H2 200 74078213007-highlights-from-tank-davis-vs-frank-martin-presser-1920-x-1080-source.jpg%3Fcrop%3D1919%2C1079%2Cx0%2Cy0%26width%3D1919%26height%3D1079%26format%3Dpjpg%26auto%3Dwebp
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.usatoday.com/gcdn/authoring/authoring-images/2024/06/12/ZTUS/ 30 KB
31 KB 102ms
102ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.usatoday.com/gcdn/authoring/authoring-images/2024/06/12/ZTUS/74078213007-highlights-from-tank-davis-vs-frank-martin-presser-1920-x-1080-source.jpg%3Fcrop%3D1919%2C1079%2Cx0%2Cy0%26width%3D1919%26height%3D1079%26format%3Dpjpg%26auto%3Dwebp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: df4d980f258ec33f11d956d8997dd6dffd074509e43884e99f01ab829868d1a3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 85
date: Sun, 16 Jun 2024 17:06:38 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.usatoday.com/gcdn/authoring/authoring-images/2024/06/12/ZTUS/74078213007-highlights-from-tank-davis-vs-frank-martin-presser-1920-x-1080-source.jpg%3Fcrop%3D1919%2C1079%2Cx0%2Cy0%26width%3D1919%26height%3D1079%26format%3Dpjpg%26auto%3Dwebp
age: 305601
edge-cache-tag: 601600347902842494073654840720476999605,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
cache-tag: 601600347902842494073654840720476999605,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time: 423
req-referer: https://www.usatoday.com/
content-length: 31078
x-request-id: 4cc979aec5a7f6007bd08f71c22b72e1
x-served-by: cache-iad-kiad7000057-IAD, cache-iad-kcgs7200103-IAD, cache-ewr18179-EWR, cache-iad-kjyo7100040-IAD, cache-bru1480055-BRU
last-modified: Thu, 13 Jun 2024 03:48:34 GMT
server: nginx
surrogate-reporting: width=620,height=345,bytes=56820,owidth=1919,oheight=1079,obytes=149075,ef=(1,13,17,23,30)
x-timer: S1718557598.189294,VS0,VE85
etag: "af801521398ea91b168f6ebd5b04e0ca"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 37, 0

GET
H2 200 73948671007-rupert-elena-2.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.usatoday.com/gcdn/authoring/authoring-images/2024/06/02/USAT/ 31 KB
32 KB 103ms
103ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.usatoday.com/gcdn/authoring/authoring-images/2024/06/02/USAT/73948671007-rupert-elena-2.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: cbc518db79208c036d06d29203d4e29dbcb8086dca232f4e2c0a00d13f6118fb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 84
date: Sun, 16 Jun 2024 17:06:38 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.usatoday.com/gcdn/authoring/authoring-images/2024/06/02/USAT/73948671007-rupert-elena-2.jpg
age: 1203334
edge-cache-tag: 601101780482418818232295046026955764128,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
cache-tag: 601101780482418818232295046026955764128,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time: 249
req-referer: https://www.usatoday.com/
content-length: 31508
x-request-id: 62bf41ec4726527fb77b178819378c2d
x-served-by: cache-iad-kiad7000090-IAD, cache-iad-kjyo7100084-IAD, cache-lga21940-LGA, cache-iad-kcgs7200121-IAD, cache-bru1480055-BRU
last-modified: Sun, 02 Jun 2024 18:46:38 GMT
server: nginx
surrogate-reporting: width=620,height=345,bytes=46995,owidth=2234,oheight=2950,obytes=643426,ef=(1,13,17,23,30)
x-timer: S1718557598.197776,VS0,VE84
etag: "3503dd7249f5cee5f7adc2ccde0bea0d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 151, 0

GET
H2 200 74057361007-20240611-t-151915-z-1695268960-rc-2398-ahvi-6-v-rtrmadp-3-usabidenhunter.JPG
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.usatoday.com/gcdn/authoring/authoring-images/2024/06/11/USAT/ 19 KB
20 KB 102ms
102ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.usatoday.com/gcdn/authoring/authoring-images/2024/06/11/USAT/74057361007-20240611-t-151915-z-1695268960-rc-2398-ahvi-6-v-rtrmadp-3-usabidenhunter.JPG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ed5e2209eaeee4c47803e365b281dccb2500fa9f62948dc748674a026f885e12

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 84
date: Sun, 16 Jun 2024 17:06:38 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.usatoday.com/gcdn/authoring/authoring-images/2024/06/11/USAT/74057361007-20240611-t-151915-z-1695268960-rc-2398-ahvi-6-v-rtrmadp-3-usabidenhunter.JPG
age: 427754
edge-cache-tag: 361867213170898416407729545311641614076,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
cache-tag: 361867213170898416407729545311641614076,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time: 542
req-referer: https://www.usatoday.com/
content-length: 19436
x-request-id: 52cb575a1f0796056d81f89ed27aec04
x-served-by: cache-iad-kjyo7100066-IAD, cache-iad-kcgs7200105-IAD, cache-lga21953-LGA, cache-iad-kjyo7100057-IAD, cache-bru1480055-BRU
last-modified: Tue, 11 Jun 2024 17:01:18 GMT
server: nginx
surrogate-reporting: width=620,height=345,bytes=28212,owidth=1747,oheight=2620,obytes=417360,ef=(1,13,17,23,30)
x-timer: S1718557598.208950,VS0,VE84
etag: "f7a84d4ae9057e69670a3f9d8b752704"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 817, 0

GET
H2 200 74065883007-rory-erica-wedding-day.jpeg%3Fcrop%3D3599%2C2026%2Cx0%2Cy182%26width%3D3200%26height%3D1802%26format%3Dpjpg%26auto%3Dwebp
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.usatoday.com/gcdn/authoring/images/smg/2024/06/11/USAT/ 29 KB
30 KB 103ms
102ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.usatoday.com/gcdn/authoring/images/smg/2024/06/11/USAT/74065883007-rory-erica-wedding-day.jpeg%3Fcrop%3D3599%2C2026%2Cx0%2Cy182%26width%3D3200%26height%3D1802%26format%3Dpjpg%26auto%3Dwebp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7b7263f245cb65f2fa59b99f41a8abd9879cfa1cde9d12a7326bcc3111962808

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 85
date: Sun, 16 Jun 2024 17:06:38 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.usatoday.com/gcdn/authoring/images/smg/2024/06/11/USAT/74065883007-rory-erica-wedding-day.jpeg%3Fcrop%3D3599%2C2026%2Cx0%2Cy182%26width%3D3200%26height%3D1802%26format%3Dpjpg%26auto%3Dwebp
age: 349039
edge-cache-tag: 358070528943424843006385858820069407506,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag: 358070528943424843006385858820069407506,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time: 897
req-referer: https://www.usatoday.com/
content-length: 29668
x-request-id: 315c2280aef7c276c0d95e056ad6eeb9
x-served-by: cache-iad-kiad7000076-IAD, cache-iad-kiad7000163-IAD, cache-bur-kbur8200102-BUR, cache-iad-kiad7000027-IAD, cache-bru1480055-BRU
last-modified: Wed, 12 Jun 2024 16:04:31 GMT
server: nginx
surrogate-reporting: width=940,height=523,bytes=51071,owidth=3200,oheight=1802,obytes=336852,ef=(1,13,17,23,30)
x-timer: S1718557598.217995,VS0,VE85
etag: "90a6e5f6d2fd78ae2dc784bef15cbc6a"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 226, 0

GET
H2 200 74110271007-usatsi-23524736.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.usatoday.com/gcdn/authoring/authoring-images/2024/06/15/USAT/ 88 KB
89 KB 106ms
106ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.usatoday.com/gcdn/authoring/authoring-images/2024/06/15/USAT/74110271007-usatsi-23524736.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ad40069c50336f51ed1022399d18699ea8760b52fc24ec9b85209f0d3c9bd8ec

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 85
date: Sun, 16 Jun 2024 17:06:38 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.usatoday.com/gcdn/authoring/authoring-images/2024/06/15/USAT/74110271007-usatsi-23524736.jpg
age: 80267
edge-cache-tag: 390801162398664844674163468777968418827,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag: 390801162398664844674163468777968418827,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time: 6177
req-referer: https://www.usatoday.com/
content-length: 90582
x-request-id: 574dec07bfb38830698dede90dd41f1d
x-served-by: cache-iad-kjyo7100095-IAD, cache-iad-kjyo7100095-IAD, cache-bur-kbur8200162-BUR, cache-iad-kiad7000173-IAD, cache-bru1480055-BRU
last-modified: Sat, 15 Jun 2024 18:40:33 GMT
server: nginx
surrogate-reporting: width=940,height=523,bytes=137235,owidth=2680,oheight=3000,obytes=2166036,ef=(1,13,17,23,30)
x-timer: S1718557598.218195,VS0,VE85
etag: "9d88285cc8c64021ac0c6427e83e58fb"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 44, 0

GET
H2 200 d9eb70c5653f1b46a048c9e6236b07fd.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 56 KB
57 KB 109ms
109ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d9eb70c5653f1b46a048c9e6236b07fd.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 767545fe0573d8f6f0b22c67afbe0738ba8cb86f89cbb986429b0ce1afd1e868

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 88
date: Sun, 16 Jun 2024 17:06:38 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d9eb70c5653f1b46a048c9e6236b07fd.jpg
age: 1415263
edge-cache-tag: 306582270022804060748430689629041444234,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 306582270022804060748430689629041444234,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time: 394
req-referer: https://driven-diaries.com/
content-length: 57342
x-request-id: 5a9ddebab9d69c9cf0cf1b4da296c76c
x-served-by: cache-iad-kjyo7100095-IAD, cache-iad-kiad7000118-IAD, cache-bur-kbur8200118-BUR, cache-iad-kjyo7100052-IAD, cache-bru1480055-BRU
last-modified: Fri, 31 May 2024 06:34:06 GMT
server: nginx
surrogate-reporting: width=1200,height=666,bytes=108302,owidth=1200,oheight=800,obytes=1653742,ef=(1,13,17,23,30)
x-timer: S1718557598.284408,VS0,VE88
etag: "59ceba9f308459ae21a5e1620c6fbf6d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 13, 0

GET
H2 200 7656fe66c95fa45f677ed7d03aa0af8c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 8 KB
9 KB 18ms
18ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7656fe66c95fa45f677ed7d03aa0af8c.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c5cd4c551b992a7ddb0f6e020a5fc918a416bf587b954d7ec9bbaf537dd587d2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Sun, 16 Jun 2024 17:06:38 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7656fe66c95fa45f677ed7d03aa0af8c.png
age: 879146
edge-cache-tag: 340935357552853421618322638246462281024,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 340935357552853421618322638246462281024,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 244
req-referer: https://uncached.com/
content-length: 8076
x-request-id: db75ef9eb8da1ef70143d89bcada5d03
x-served-by: cache-iad-kjyo7100057-IAD, cache-iad-kcgs7200124-IAD, cache-lga21957-LGA, cache-iad-kcgs7200141-IAD, cache-bru1480055-BRU
last-modified: Wed, 05 Jun 2024 13:05:49 GMT
server: nginx
surrogate-reporting: width=1067,height=592,bytes=22284,owidth=1067,oheight=600,obytes=302741,ef=(1,13,17,23,30)
x-timer: S1718557598.295475,VS0,VE1
etag: "dd4e661a7830ce244b79cdcc53225dc1"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 2, 13, 0

GET
H2 200 73190964007.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.usatoday.com/gcdn/authoring/videos/videoelephant/thumbnails/ 18 KB
18 KB 102ms
102ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.usatoday.com/gcdn/authoring/videos/videoelephant/thumbnails/73190964007.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 694d1775babd17bdfd1e2a8c84db0c023d91b4d12f8e3e63b0eab3047376338d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 84
date: Sun, 16 Jun 2024 17:06:38 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.usatoday.com/gcdn/authoring/videos/videoelephant/thumbnails/73190964007.jpg
age: 1483846
edge-cache-tag: 506387535968550343539451228125970679226,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 506387535968550343539451228125970679226,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time: 218
req-referer: https://www.usatoday.com/
content-length: 18064
x-request-id: 8b60139bb8872a580c3b2f6651e8e220
x-served-by: cache-iad-kiad7000161-IAD, cache-iad-kjyo7100176-IAD, cache-bur-kbur8200157-BUR, cache-iad-kiad7000064-IAD, cache-bru1480055-BRU
last-modified: Thu, 30 May 2024 12:20:05 GMT
server: nginx
surrogate-reporting: width=612,height=340,bytes=17930,owidth=612,oheight=344,obytes=20907,ef=(1,13,17,23,30)
x-timer: S1718557598.303428,VS0,VE84
etag: "b987275086a6b2822bfec0122a365ae5"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 151, 0

GET
H2 200 111df9c3-e81b-49e0-8063-708cbccbb9c9-USATSI_16055844.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.usatoday.com/gcdn/presto/2021/05/09/USAT/ 67 KB
68 KB 20ms
19ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.usatoday.com/gcdn/presto/2021/05/09/USAT/111df9c3-e81b-49e0-8063-708cbccbb9c9-USATSI_16055844.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 17bad6b58552497a92e47c6fa5a5bed739e2d8cb46b8097e3dd98d54b8661585

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 1
date: Sun, 16 Jun 2024 17:06:38 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.usatoday.com/gcdn/presto/2021/05/09/USAT/111df9c3-e81b-49e0-8063-708cbccbb9c9-USATSI_16055844.jpg
age: 403797
edge-cache-tag: 511497488186934838251851362313674364680,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 511497488186934838251851362313674364680,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 258
req-referer: https://www.usatoday.com/
content-length: 68904
x-request-id: 0439fb98f58a43ab55ebb337b20537b8
x-served-by: cache-iad-kiad7000060-IAD, cache-iad-kiad7000081-IAD, cache-bur-kbur8200030-BUR, cache-iad-kcgs7200020-IAD, cache-bru1480055-BRU
last-modified: Wed, 12 Jun 2024 00:55:10 GMT
server: nginx
surrogate-reporting: width=1411,height=783,bytes=154659,owidth=1411,oheight=941,obytes=195355,ef=(1,13,17,23,30)
x-timer: S1718557598.315194,VS0,VE1
etag: "d7612021f8649ee36f024a321cab8aff"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 206, 0

GET
H2 200 spa-detector.20240613-38-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 18ms
18ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/spa-detector.20240613-38-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/usatodaydemo/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9c556f9d3641830200b35038bf7df0f8485602111032cc186fc35d912dd63eee

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Origin: https://cytuk.qrehans.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: APWM7o746A3vkro4I6NARwrOPlm5ZKfq
content-encoding: gzip
via: 1.1 varnish
date: Sun, 16 Jun 2024 17:06:38 GMT
x-amz-request-id: 2BK0R5Y1FP48J0N2
age: 5352
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 781
x-amz-id-2: yECVlJTq8y7D96zcF7khMbMz8O5WXJ41CzcgORSa0GIYzFKC9nO+WtQenQ8VsXKsgvxSMSCf7n8=
x-served-by: cache-bru1480046-BRU
last-modified: Sun, 16 Jun 2024 15:35:22 GMT
server: AmazonS3
x-timer: S1718557598.124655,VS0,VE0
etag: "a16357c31dbfcfc39310562f9f44a36c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 20
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 605

GET
H2 204 supply-feature
am-trc-events.taboola.com/usatodaydemo/log/3/ 0
231 B 16ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/usatodaydemo/log/3/supply-feature?route=AM:AM:V&tvi2=16822&tvi50=17350&lti=deflated&ri=8e8f47265271828f8abf3aace4bae8e8&sd=v2_f5c87b7bf2bec3862ce1476cf670c119_9d216d1c-2e25-4740-b4c9-908ec0d81a32-tuctd68a11d_1718557597_1718557597_CNawjgYQkAkYxb-PkIIyIAEoATChATiX6gtAnZcQSOjO2gNQ____________AVgAYABo4uPVg8u34P65AXAA&ui=9d216d1c-2e25-4740-b4c9-908ec0d81a32-tuctd68a11d&pi=/&wi=7649520996842755608&pt=text&vi=1718557597637&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=19%3A06%3A38.113&id=5508&llvl=2&cv=20240613-38-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 16 Jun 2024 17:06:38 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
am-trc-events.taboola.com/usatodaydemo/log/3/ 0
231 B 16ms
16ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/usatodaydemo/log/3/abtests?route=AM:AM:V&tvi2=16822&tvi50=17350&lti=deflated&ri=8e8f47265271828f8abf3aace4bae8e8&sd=v2_f5c87b7bf2bec3862ce1476cf670c119_9d216d1c-2e25-4740-b4c9-908ec0d81a32-tuctd68a11d_1718557597_1718557597_CNawjgYQkAkYxb-PkIIyIAEoATChATiX6gtAnZcQSOjO2gNQ____________AVgAYABo4uPVg8u34P65AXAA&ui=9d216d1c-2e25-4740-b4c9-908ec0d81a32-tuctd68a11d&pi=/&wi=7649520996842755608&pt=text&vi=1718557597637&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1718557598114%7D&tim=19%3A06%3A38.114&id=4470&llvl=2&cv=20240613-38-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 16 Jun 2024 17:06:38 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
am-trc-events.taboola.com/usatodaydemo/log/3/ 0
231 B 16ms
16ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/usatodaydemo/log/3/supply-feature?route=AM:AM:V&tvi2=16822&tvi50=17350&lti=deflated&ri=8e8f47265271828f8abf3aace4bae8e8&sd=v2_f5c87b7bf2bec3862ce1476cf670c119_9d216d1c-2e25-4740-b4c9-908ec0d81a32-tuctd68a11d_1718557597_1718557597_CNawjgYQkAkYxb-PkIIyIAEoATChATiX6gtAnZcQSOjO2gNQ____________AVgAYABo4uPVg8u34P65AXAA&ui=9d216d1c-2e25-4740-b4c9-908ec0d81a32-tuctd68a11d&pi=/&wi=7649520996842755608&pt=text&vi=1718557597637&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=19%3A06%3A38.115&id=6793&llvl=2&cv=20240613-38-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 16 Jun 2024 17:06:38 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
am-trc-events.taboola.com/usatodaydemo/log/3/ 0
231 B 17ms
16ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/usatodaydemo/log/3/abtests?route=AM:AM:V&tvi2=16822&tvi50=17350&lti=deflated&ri=8e8f47265271828f8abf3aace4bae8e8&sd=v2_f5c87b7bf2bec3862ce1476cf670c119_9d216d1c-2e25-4740-b4c9-908ec0d81a32-tuctd68a11d_1718557597_1718557597_CNawjgYQkAkYxb-PkIIyIAEoATChATiX6gtAnZcQSOjO2gNQ____________AVgAYABo4uPVg8u34P65AXAA&ui=9d216d1c-2e25-4740-b4c9-908ec0d81a32-tuctd68a11d&pi=/&wi=7649520996842755608&pt=text&vi=1718557597637&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1718557598116%7D&tim=19%3A06%3A38.117&id=4544&llvl=2&cv=20240613-38-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 16 Jun 2024 17:06:38 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
DATA 200
OK truncated Show response
/ 2 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f63ef78fcc7646c3c5ccf1596cdaa893120f8f417924707d1b7816be1fabff91

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 3 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dbf62b3d96ab46c2c2c67edec16aca51b6534f8996b6bd8b64182bace59058a7

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 9 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 511f127a1868984cf9d3d9545da20d1c43222d656515a2ee13737a38ba30c791

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 5 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f03395cf944cf755a4be137fb7d0f1d5da26c52ac33fab166b2a3f17b0bf80a5

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 361 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9abf80d3a46582afb816fc2d86bee64132a685e2dc828c7609403d4e6497e1bd

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
H2 200 apply-shim.min.js Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/shadycss/ 10 KB
5 KB 142ms
141ms Script
application/javascript 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/shadycss/apply-shim.min.js

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

70dac0bff0be690d0fe75181a06e3bc54c470c8491cc9a32e5cf89f5ed9b0179

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:38 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 4252
x-served-by: cache-iad-kiad7000113-IAD, cache-iad-kiad7000113-IAD, cache-bru1480072-BRU
server: AmazonS3
x-timer: S1718557598.156826,VS0,VE123
etag: "8d4108ef1d5493eee40467d1e426a693"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
DATA 200
OK truncated Show response
/ 4 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f483a1933a571853edb373ea40fbd8b18d8cd0de0d9f76e9467141da414fcc92

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 2 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5438244d57a2d3f821c38f0d3331c123567c53325cf995beab127b76966c8f7c

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 6 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3b7067f00f9a2ac16d847bc12270871523004cf1ac09aa959d0df310070000a

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 7 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f8cad28ce143fab883fb3bf04b6ed87e7de84102b2b44c86a60804f82bac8580

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 1 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3854294ad0231749f307027820af7903f60f7410054c953cac1f527115daaa2a

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 6 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c594a209fcffcfcfa1e70062f7e7ead35bbd20b78e18f1c0d6e8e2ef2de8256e

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 20 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a920c91de5db43e6f6634e5f757541141a31117fd881c848647671fbda83602b

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 13 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4b56346abd8ac9a16c8ed3e5723ea0eeed3d8b3a6c0abf035f3f1623994aa75b

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 19 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6c53441d1a937468383d786be79d2e01bdd99af37634a2d883f6d58c8219a79d

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 99 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8cf78114dc98e5c4843b6e78e6f34758a7864dbd8d14f1db0f2e8090072f1c17

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 1 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d91883b892841e5140d97e18ed26a8a0f04c27a644f00104655dc94e5d3c13c

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 9 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 06103ce43485e865bcb6abc55ff75342dbf58c6e2ec94315ca3057a58e8f6a51

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 30 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a73c999d28afd2be114b8c3c0de7c8fc46d07f92213320673f542421aafc149d

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 4 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 070af9b9cc3a83f9b6ae9238e6d1fef9f1fb840d73b65f65c2a4328fc4e7c729

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 26 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 72594b51b5aee1db06bcda724589ef3d75796bbc9a13abc74e5533b4b06315e5

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 4 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20ba49665bf99f2cc5e23e68536c23ac981329935e9a98f2efca647e1acd8ca3

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 7 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4295341928984eb4a9fe7ebbcb81c91d9f5a56a029a698795b808fdb4f90a6fc

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 3 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 371dbda9619cf12162b68749c76b9e9b1692dad84bba175d5718072ae674c559

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 3 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d17f02f855e44c5671557aeea54a29281875098b13c42805020ff577f8a5972

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 480 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ec39b01c46403315b367713b3d38cc5d6ca4375401e0d39e7b38c435fc8327ff

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 8 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c77f75f30b8fe3e4a803cb54aed45d1f12f364a03b221240cd77a0abbff6a2ca

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 9 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77f9a1daae58a71c8f58a083690750198203b29d049e67389859009979d8a8c1

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 1 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 71e240fc2794b33d8dcb0b5d17ebb19fd9a69c717a1854fa6f4296cd3c9579b7

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 11 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4832ef08e9658a2aeb523553ac23a657ed8e554a07690e243424390fe797868a

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 36 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9abff9995a7362f7796c37d841691e11d27d833726af171353c6d270ea7302ec

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 19 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b5a60a7fff5518b6f07c00d792f50771c5a87d0a876aa533fabfe8890b6cab95

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 1 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e07224f1f0b0cd61cba9e38292bb340d553bbaa9a35060f1a194166b53982390

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 10 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7da034b7466483840babbef96244488c66aaff1d3caf75815525324194c817e0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 24 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f01ef19df758793f58a530b555cc3b838cead0d6730d54cc26ccf168f69d936

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 5 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f24e10919a1f2cc958f78a95f5980b701a7348bf067c2f063823a4efb4184b90

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 5 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 94bc6474b905706b2f431231534a5f21557716c3be68238a5c7d6f3f5c1a956d

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 5 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b016f0834f6fe219f0a3483029b57170b8b4ff9841b0224d5325b7f8cee1e6f1

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 939 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9484f035f77fcc2a4d231a271e0ba3f8a40dafbf2c1efc5f41f9a95f54a2a613

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 25 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 922dea847dca89758d2c87751a24d057bff5a13e08e16c1ee2c397c57e2b7ca2

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 10 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 376710062084ea2165061850fd4e1b66fac2191a1c7f003acd1b9f98dfe4068b

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 13 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43fc652db51c181fa1ae056ffde2443db9bce4f6ed0e7c1bd84412235dba2204

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 7 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7fa26cb73d6d9fe8a70881f90b76deea23af087bfabe86f43b98f6739f0a6622

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 314 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb62b2b321adf59e57b4fe1ac5e1fdcaf7ab8efed640a528c0bb0ab15ab09289

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 14 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f12a7e83b53174324fb3ac6b4851779470b088584f3d4349eb66bdf2c2222de

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 15 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: efc3a7ac965ff7be8e6d03a67307eecd8b48a564a98dfd853fe03a8e1d702f78

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
H2 200 intl-messageformat.min.js Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/intl-messageformat/dist/ 16 KB
5 KB 135ms
135ms Script
application/javascript 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/intl-messageformat/dist/intl-messageformat.min.js

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e631f1c56b5510adac402270a3a80f7167fa6638124ed750ce16c744a5c1dadf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:38 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 5013
x-served-by: cache-iad-kcgs7200052-IAD, cache-iad-kcgs7200052-IAD, cache-bru1480072-BRU
server: AmazonS3
x-timer: S1718557598.349378,VS0,VE117
etag: "7399b33d4036b8fbaf5e7c780923501e"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
DATA 200
OK truncated Show response
/ 6 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f75181e1a1c64f818084a3ec430594411c68db51959008f6e25da7236a02a7e

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 1 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 40ee3b544054d51e1641034e4336492eefe2d2c063a370ed11d4970ae6423eca

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 2 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44c92f78e9c922a19975b0d15fc19ebf609b0d61f9fa6366bc1647c3e45f6981

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 1 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1f61e9ba17a692d70e92eae847d1ed6133faa72178e5204a30e2c5a298fd1b6

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 2 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f927c2faf7ebe9fe3e39e541b98c715c285069883b498f2ebe045cc08550f2cf

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 847 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 08deecbce56cfb8222d8b2f89d9ba7fb6abc73c11c250815ed6d7eacfc0a48d5

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 11 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c19cec2f3dea3367716a38b3abbbb6365239c7b9223ac60943534a7c91b7cb75

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 10 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: afdc79461c1c0d89f26dec49f951fd5a0c2c09e52802155c85ed03105482d93d

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 8 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ceb3a4d76bb48c8327d82eeba9946114a5dd980d44aa339001493375199c898a

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 27 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11392ca5b4fca00e3ddb62937fbfa74557dba5c5685b3d4939649a680c06656c

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 9 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 999df1df8580b45ecba301e86bbfe103af61e13331bb8b765c26f47135cb8668

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 28 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd64ae157392a9241b2102acdf063d837b1c44ec39ae259dc32c2c215df57f9c

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK a-01aa
i.liadm.com/s/c/ Frame E67B 0
0 432ms
111ms Document
text/html 52.5.81.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://i.liadm.com/s/c/a-01aa?duid=f1ebb61b416b--01j0h07qzyzssf3cfaja1f97er&euns=0&s=&gpp_s=DBABBg~BUoAAAKA.QA&gpp_as=8&version=v2.14.3&cd=.qrehans.com

Requested by

Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-01aa.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.5.81.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-81-134.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://cytuk.qrehans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: private, no-cache, max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 692
Content-Type: text/html; charset=UTF-8
Date: Sun, 16 Jun 2024 17:06:38 GMT
Request-Time: 11
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding

GET
DATA 200
OK truncated Show response
/ 3 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1304fd03c5abacb5d5bd8fe8a03f6f2a725b05f268b69cdee74bbb84557e5779

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 46 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 071b529cc93e0745d5fe2e03571e0817479878e2d51006281658a6232b3b5dd0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
H2 200 8029093b-3ed7-43bf-be9d-153c9ecf1b9b-VPC_PBJ_NUTRITION_DESK_THUMB.jpg
www.gannett-cdn.com/presto/2021/10/22/USAT/ 39 KB
39 KB 103ms
103ms Image
image/webp 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gannett-cdn.com/presto/2021/10/22/USAT/8029093b-3ed7-43bf-be9d-153c9ecf1b9b-VPC_PBJ_NUTRITION_DESK_THUMB.jpg?height=576

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

90fea27d2574536c9c0e775e725d3d74846d0ea749019a0ff799106b572b756a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:38 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
fastly-io-served-by: vpop-kiad7010231
age: 695959
x-cache: MISS, HIT, MISS
fastly-stats: io=1
content-length: 39460
etag: "TRwyKGEdi/788H15LUi6xtqyjnliBvvTjtdkNCRisTc"
vary: Accept
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-checksum-crc32c: uighmA==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 2, 0

POST auction
www.usatoday.com/pbd/openrtb2/ 0
0

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
357 B 42ms
42ms XHR
text/javascript 18.239.88.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=3062&u=https%3A%2F%2Fcytuk.qrehans.com%2F&pid=cpcvyVaTgX6Qd&cb=6&ws=1600x1200&v=24.610.1703&t=1800&slots=%5B%7B%22id%22%3A%22videoSlot1%22%2C%22mt%22%3A%22v%22%7D%5D&cfgv=1&gpp=DBABBg%7EBUoAAAKA.QA&gpp_sid=%5B8%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&_c=1
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.88.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-88-34.ams58.r.cloudfront.net
Software: Server /
Resource Hash: 0cff03129f16a73a8ff89d06578b0b1a1127bddb582fd05f0ab62f8ccc6b62f7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:38 GMT
via: 1.1 9840468fd7f0cd4b97907be5f049f14a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS58-P5
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://cytuk.qrehans.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: Ifpoomk_hmzX9MnX_8b0aXuN0hf_RYaDs93imIi2vVpU_AFAGRY2hw==

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 402 KB
138 KB 127ms
59ms Script
text/javascript 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/mixins/video-utils.html.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc6f944ee53b7874d4811c2365cb731b1c48a71fc99a28b9dd592c96a4a05bdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141204
x-xss-protection: 0
expires: Sun, 16 Jun 2024 17:06:38 GMT

GET
H2 200 vans-adapter-google-ima.js Show response
static.adsafeprotected.com/ 19 KB
7 KB 25ms
25ms Script
application/javascript 2600:9000:223f:5600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/vans-adapter-google-ima.js
Requested by: Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/mixins/video-utils.html.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1dd93cc3f1638f369af566115ae74546e64bdafc4319d9853b5c15a3d3f4970

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 01:44:32 GMT
x-amz-version-id: 4UvdbwUsN2CunQyNARaRw4ABpoiv.VmX
content-encoding: gzip
via: 1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 228127
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 08 Jul 2021 19:25:58 GMT
server: AmazonS3
etag: W/"8ec0c211dda60907ae57f46e621bc794"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: xI1YT8cdwR12Om_K8qCIciodqK068wuTwHhB4LOsJ9faepSeVzdsYg==

GET
H2 200 streamsense.5.1.1.160316.min.js Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/comscore/ 88 KB
17 KB 180ms
180ms Script
application/javascript 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/comscore/streamsense.5.1.1.160316.min.js

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5e0f3e088896d15c5b2d1a0396fe84159eeee608a535c6f4e62992c927e8434f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:38 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 17073
x-served-by: cache-iad-kcgs7200103-IAD, cache-iad-kcgs7200103-IAD, cache-bru1480072-BRU
server: AmazonS3
x-timer: S1718557599.581710,VS0,VE147
etag: "e45d02b3a1ae14b100739115b12fcda8"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 hls@0.8.9.light.js Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/hls/ 166 KB
49 KB 157ms
156ms Script
application/javascript 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/hls/hls@0.8.9.light.js

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/mixins/video-utils.html.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fd2cd8ef74975ca9c35d691765ff028c6f91410a5d426d36c9aa439cfa893be8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:38 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 49496
x-served-by: cache-iad-kcgs7200107-IAD, cache-iad-kcgs7200089-IAD, cache-bru1480072-BRU
server: AmazonS3
x-timer: S1718557599.585984,VS0,VE139
etag: "f7d1c3ede971ad1ef90faabf06aeaab2"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 8029093b-3ed7-43bf-be9d-153c9ecf1b9b-VPC_PBJ_NUTRITION_DESK_THUMB.jpg
www.gannett-cdn.com/presto/2021/10/22/USAT/ 76 KB
76 KB 121ms
121ms Image
image/jpeg 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gannett-cdn.com/presto/2021/10/22/USAT/8029093b-3ed7-43bf-be9d-153c9ecf1b9b-VPC_PBJ_NUTRITION_DESK_THUMB.jpg?quality=50

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/media/media-video/media-video.html.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4dd82c30df09e7ef19a2f4c059fe750ea8d363ff0e2ac8c554d4a4bdd84188fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:38 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
fastly-io-served-by: vpop-kiad7010231
age: 1932486
x-cache: MISS, HIT, MISS
fastly-stats: io=1
content-length: 77332
etag: "6md1S8NzAYJlGysmOVH+zYd0IneuVW0F6jQfMZN++B8"
vary
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-checksum-crc32c: uighmA==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 27, 0

POST
H2 200 prebid-event
traxex.gannettdigital.com/ 0
0 113ms
113ms Fetch 34.149.193.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://traxex.gannettdigital.com/prebid-event

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/partner.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.193.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

192.193.149.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 16 Jun 2024 17:06:38 GMT
via: 1.1 google
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 204 review-mode
trc.taboola.com/usatodaydemo/log/3/ 0
97 B 24ms
23ms Ping
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/usatodaydemo/log/3/review-mode?tvi2=16822&tvi50=17350&route=AM%3AAM%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240613-38-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 5
date: Sun, 16 Jun 2024 17:06:38 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 3811
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-bru1480055-BRU
pragma: no-cache
server: nginx
x-timer: S1718557599.596702,VS0,VE5
content-type: image/gif
access-control-allow-origin: https://cytuk.qrehans.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 review-mode
trc.taboola.com/usatodaydemo/log/3/ 0
291 B 23ms
23ms Image
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/usatodaydemo/log/3/review-mode?route=AM:AM:V&tvi2=16822&tvi50=17350&lti=deflated&ri=8e8f47265271828f8abf3aace4bae8e8&sd=v2_f5c87b7bf2bec3862ce1476cf670c119_9d216d1c-2e25-4740-b4c9-908ec0d81a32-tuctd68a11d_1718557597_1718557597_CNawjgYQkAkYxb-PkIIyIAEoATChATiX6gtAnZcQSOjO2gNQ____________AVgAYABo4uPVg8u34P65AXAA&ui=9d216d1c-2e25-4740-b4c9-908ec0d81a32-tuctd68a11d&pi=/&wi=7649520996842755608&pt=text&vi=1718557597637&tim=19%3A06%3A38.589&id=8130&llvl=2&cv=20240613-38-RELEASE&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 5
date: Sun, 16 Jun 2024 17:06:38 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 3809
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-bru1480055-BRU
pragma: no-cache
server: nginx
x-timer: S1718557599.596508,VS0,VE5
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 112ms
67ms XHR
application/json 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202406130101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406130101/pubads_impl.js?cb=31084605

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

528d6442ed3163fb9323c1b6c2bda10dff87c8c4fe1abc3d49d85503b402c6bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12623
x-xss-protection: 0

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 336 KB
35 KB 274ms
238ms Fetch
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=3617989113722818&correlator=1099136909885561&eid=31079957%2C31084574%2C31084605%2C44777900%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202406130101&ptt=17&impl=fifs&ltd_cs=1&tfcd=0&gpp=DBABBg~BUoAAAKA.QA&gpp_sid=8&iu_parts=7103%2Cusatoday%2Chigh_impact%2Clifestyle%2Chealth%2Cnative-article_link%2Cleaderboard_btf%2Cposter%2Cposter_scroll&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F5%2F3%2F4%2C%2F0%2F1%2F6%2F3%2F4%2C%2F0%2F1%2F7%2F3%2F4%2C%2F0%2F1%2F8%2F3%2F4%2C%2F0%2F1%2F8%2F3%2F4&prev_iu_szs=970x250%7C970x90%7C970x66%7C970x60%7C728x90%7C1x2%7C1000x250%2C320x50%7C300x250%7C3x3%7C640x360%7C1x1%2C728x90%2C300x250%7C300x600%7C300x725%2C300x250%7C300x600%7C300x1050%2C300x250%7C300x600%7C300x1050&fluid=0%2Cheight%2C0%2C0%2C0%2C0&ifi=1&sfv=1-0-40&sc=1&abxe=1&dt=1718557598711&lmt=1718557598&adxs=315%2C-9%2C436%2C285%2C-9%2C-9&adys=212%2C-9%2C4960%2C416%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1%7C1%7C0%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguNjEiLG51bGwsMCxudWxsLCI2NCIsW1siTm90L0EpQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyNi4wLjY0NzguNjEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjYuMC42NDc4LjYxIl1dLDBd&url=https%3A%2F%2Fcytuk.qrehans.com%2F&vis=1&psz=1080x-1%7C0x-1%7C1600x110%7C350x656%7C0x-1%7C0x-1&msz=1080x-1%7C0x-1%7C1600x110%7C350x267%7C0x-1%7C0x-1&fws=0%2C2%2C0%2C512%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0&topics=5&tps=5&htps=5&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1718557596510&idt=965&prev_scp=nsf%3Dparamount%252Cparamount-21_9%252Cmomentum%26position%3Dhigh_impact%26adCount%3D1%252Cuw-1%26features%3Dnoautoplay%26amznbid%3D2%26amznp%3D2%26hb_ap%3D0.01%26hb_bidder%3Dtaboola%26hb_adid%3D173b88a42011773f%26hb_size%3D970x250%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_ap_id%3D7599891%26id%3Dcaff4b40-2c02-11ef-b476-0a02208adadf%26vw%3D40%26grm%3D40%7Cnsf%3Dparamount%252Cparamount-16_9%26position%3Dnative-article_link%26adCount%3D1%252Cuw-1%26features%3Dlazy%252Coutstream%252Cnoautoplay%26amznbid%3D2%26amznp%3D2%26hb_ap%3D0.03%26hb_bidder%3Dtaboola%26hb_adid%3D1773a4d1635c661f%26hb_size%3D640x360%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_ap_id%3D7599891%26id%3Dcaff4bda-2c02-11ef-b79a-0270abae1617%26vw%3D40%2C50%2C60%26grm%3D40%2C50%2C60%26pub%3D40%7Cposition%3Dleaderboard_btf%26adCount%3D1%252Cuw-1%26features%3Dautorefresh%252Cnoautoplay%26amznbid%3D2%26amznp%3D2%26id%3Dcaff7240-2c02-11ef-a11a-0a6e537883e3%7Cposition%3Dposter%26adCount%3D1%252Cuw-1%26features%3Dautorefresh%252Cnoautoplay%26amznbid%3D2%26amznp%3D2%26hb_ap%3D0.02%26hb_bidder%3Dtaboola%26hb_adid%3D17523285157c6695%26hb_size%3D300x600%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_ap_id%3D7599891%26id%3Dcaff72f5-2c02-11ef-b54c-0a6d20ac7927%26vw%3D40%2C50%2C60%26grm%3D40%2C50%26pub%3D40%7Cposition%3Dposter_scroll%26adCount%3D1%252Cuw-1%26features%3Dlazy%252Cautorefresh%252Csticky%252Cnoautoplay%26amznbid%3D2%26amznp%3D2%26hb_ap%3D0.01%26hb_bidder%3Dtaboola%26hb_adid%3D17430416393183f9%26hb_size%3D300x600%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_ap_id%3D7599891%26id%3Dcaff4c11-2c02-11ef-b5b7-02d033028251%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%26pub%3D40%2C50%2C60%7Cposition%3Dposter_scroll%26adCount%3D2%252Cuw-2%26features%3Dlazy%252Cautorefresh%252Csticky%252Cnoautoplay%26amznbid%3D2%26amznp%3D2%26hb_ap%3D0.01%26hb_bidder%3Dtaboola%26hb_adid%3D17618518416717ed%26hb_size%3D300x600%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_ap_id%3D7599891%26id%3Dcaff4b33-2c02-11ef-8db7-02009f3bdc9d%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%26pub%3D40%2C50%2C60&cust_params=privacy%3DNA%26aam_props%3Duniversal%257Cdesktop%257Cstory%2520pages%26aic%3Di_2%253AHM%252Ci_6%253AL%252Cfs_y%253AHML%252Ca_4%253AHML%252Ced_cg%253AL%252Cms_m%253AL%252Cho_r%253AHML%252Ci_2%253AHML%252Cjs_ic%253AL%252Cem_m%253AH%252Ci_6%253AM%252Ca_5%253AM%252Ced_ad%253AM%252Ci_5%253AHM%252Cem_m%253AM%252Cfs_n%253AHM%252Cem_se%253AHM%252Cms_m%253AHM%252Cem_se%253AHML%252Cfs_y%253AL%252Ced_gs%253AHM%252Ced_hs%253AHML%252Cem_ue%253AHML%252Ci_6%253AHML%252Ca_5%253AHML%252Cem_ue%253AL%252Cjs_ic%253AHML%252Ca_5%253AHM%252Cem_m%253AHM%252Cms_s%253AHM%252Ci_5%253AL%252Cg_F%253AHML%252Cfs_n%253AM%252Cg_F%253AM%252Cg_F%253AL%252Ci_4%253AHML%252Cjs_ic%253AM%252Ced_gs%253AHML%252Ci_4%253AM%252Cem_rt%253AHML%252Cjs_dir%253AHM%252Ci_2%253AM%252Cem_m%253AHML%252Cjs_ic%253AHM%252Ci_5%253AM%252Ced_ad%253AHML%252Ced_ad%253AHM%252Ca_2%253AM%252Ced_hs%253AHM%252Cms_s%253AHML%252Ca_2%253AHML%252Ca_2%253AHM%252Ca_4%253AM%252Cms_m%253AHML%252Ced_gs%253AM%252Cem_rt%253AM%252Cem_rt%253AHM%252Ci_5%253AHML%252Cem_ft%253AM%252Cem_ft%253AHM%252Cg_M%253AL%252Cho_r%253AM%252Cjs_dir%253AM%252Ca_6%253AHML%252Cem_ft%253AHML%252Ci_4%253AHM%252Ced_hs%253AM%252Cms_m%253AM%252Cg_F%253AHM%252Cho_r%253AHM%252Ca_6%253AHM%252Ced_hs%253AL%252Cfs_n%253AHML%252Cjs_dir%253AHML%252Ca_4%253AHM%252Cg_M%253AHML%252Ced_cg%253AHML%252Cho_r%253AH%252Ca_6%253AM%252Cms_s%253AM%252Cem_se%253AM%252Ci_2%253AH%252Ci_6%253AHM%26alerttype%3Dnone%26build%3DDigital%2520Renovation%26content_category%3Dhealth%252Cnutrition%252Cfood-drink%252Cfood-drink%252Ccooking-recipes%252Chealthy-eating%26contentid%3D11758541002%26cst_section%3Dlifestyle%26cst_subsection%3Dhealth%26features%3Dnoautoplay%26navigationType%3Ddirect%26origin%3DUSA%2520TODAY%26pageType%3Dstory%26property%3Dusat%26sitepage%3Dusat%252Flife%252Fhealth-wellness%26ssts_section%3Dlife%26ssts_subsection%3Dhealth-wellness%26subsection%3Dhealth-wellness%26topic%3Dhealthy%252Clifestyles%252Cdiet%252Cand%252Cnutrition%252Cnew%252Cyork%252Cuniversity%252Cto%252Cthe%252Cpoint%252Cseo%252Cwellness%252Cjust%252Ccurious%252Coverall%252Cpositive%252Cnutrition%252Cfood%252C%252Cdrink%252Chealthy%252Ceating%252Chealthy-lifestyles%252Cdiet-and-nutrition%252Cnew-york-university%252Cto-the-point%252Cseo-wellness%252Cjust-curious%252Coverall-positive%252Cnutrition%252Cfood-drink%252Chealthy-eating%26variant%3Dad-control%26ss%3Da%252Cnon%26user_traits%3Dcdl_none%26utm_props%3D%257C%257C%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_UNSCORED_PG&adks=3821755%2C3123628857%2C1247025751%2C4054224804%2C4190308224%2C2789290514&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406130101/pubads_impl.js?cb=31084605

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

24fb2fd7741936d841da2d696277529b18347a2cdcab81d138c07bfd6f36e60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35901
x-xss-protection: 0
google-lineitem-id: -2,6737929574,-2,6696889610,6693866043,6737929574
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,138478536613,-2,138469914919,138469336631,138478536607
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cytuk.qrehans.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
0698c99672e8649c1c16907a6665e5d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 634C 0
0 119ms
32ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0698c99672e8649c1c16907a6665e5d7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406130101/pubads_impl.js?cb=31084605

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://cytuk.qrehans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jun 2024 17:06:38 GMT
expires: Sun, 16 Jun 2024 17:06:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 1080p_30fps,720p_30fps,480p_30fps,master.m3u8 Show response
hlsmedia.gannett-cdn.com/authoring/video-renditions/9a1ad7b7-53dd-4415-ba37-151f0a6cde02/aa33a79f-686d-4860-ae98-b5b29c4aee83/ 550 B
889 B 131ms
125ms XHR
application/x-mpegurl 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsmedia.gannett-cdn.com/authoring/video-renditions/9a1ad7b7-53dd-4415-ba37-151f0a6cde02/aa33a79f-686d-4860-ae98-b5b29c4aee83/1080p_30fps,720p_30fps,480p_30fps,master.m3u8
Requested by: Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/hls/hls@0.8.9.light.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: otfp /
Resource Hash: 9c8d3ff1abda25f3c29f8f39f2e3a7ee78888be513dbc59f9d937e4b620cec5e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kiad7000124-IAD, cache-bru1480055-BRU
date: Sun, 16 Jun 2024 17:06:38 GMT
via: 1.1 varnish, 1.1 varnish
server: otfp
age: 0
x-timer: S1718557599.778415,VS0,VE105
etag: "g8tUVO5iDD2rw_FZ7ionXSuczjgX_RGGap4QFfDdqCd4l2XkAvbzNuDI2XGgdx9QSgdNWkFTn_s1PKRs0ZGvonHYMjY3XMBAMew11ijByvp9u3dPYHz2Cs7S2f8_IHJGAoc6fv3PohE"
x-cache: HIT, MISS
content-type: application/x-mpegurl
access-control-allow-origin: *
fastly-stats: otfp=1
accept-ranges: bytes
content-length: 550
x-cache-hits: 2, 0

GET
DATA 200
OK truncated Show response
/ 6 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3bfc4ebfae3cd45e9e8783fd9178b7487078df7c8daa5a302b39892851a38925

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 4 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d323fec68985c079963ffe8b65f8abf4428940b03a97295e0e4eaa1299f95315

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
H2 200 VisitorAPI.js Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/adobe/ 45 KB
15 KB 225ms
225ms Script
application/javascript 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/adobe/VisitorAPI.js

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6b2a585166a344d389abbdb93478b3fed0a2345055db2c81af069496fd63b809

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:38 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 14859
x-served-by: cache-iad-kjyo7100078-IAD, cache-iad-kjyo7100096-IAD, cache-bru1480072-BRU
server: AmazonS3
x-timer: S1718557599.778272,VS0,VE206
etag: "7f747e4596031c99cdecf0c3207938d0"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 158ms
89ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406130101/pubads_impl.js?cb=31084605

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 16 Jun 2024 17:06:38 GMT

GET
H3 200 ima_ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 15 B
40 B 58ms
55ms XHR
application/json 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fcytuk.qrehans.com%2F

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

039027fdfb64d533991b24885cf5d2cb4ca2ce917d9b4c73f464fe0cc015024f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
x-xss-protection: 0
expires: Sun, 16 Jun 2024 17:06:38 GMT

GET
H2 200 bridge3.646.1_en.html
imasdk.googleapis.com/js/core/ Frame 53ED 0
0 120ms
56ms Document
text/html 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.646.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://cytuk.qrehans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 25675
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 256657
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jun 2024 09:58:43 GMT
expires: Mon, 16 Jun 2025 09:58:43 GMT
last-modified: Thu, 13 Jun 2024 15:32:15 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 139ms
64ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 16 Jun 2024 17:06:38 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame DA9E 40 KB
14 KB 147ms
48ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

5b9cfa0283d9a9f6a909df2b61c9933c11130343f08aec96cdd8f49c29972526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 16:28:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2315
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13943
x-xss-protection: 0
last-modified: Thu, 11 Apr 2024 19:10:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sun, 16 Jun 2024 17:28:03 GMT

GET
H2 200 720p_30fps.m3u8 Show response
hlsmedia.gannett-cdn.com/authoring/video-renditions/9a1ad7b7-53dd-4415-ba37-151f0a6cde02/aa33a79f-686d-4860-ae98-b5b29c4aee83/ 392 B
571 B 102ms
102ms XHR
application/x-mpegurl 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsmedia.gannett-cdn.com/authoring/video-renditions/9a1ad7b7-53dd-4415-ba37-151f0a6cde02/aa33a79f-686d-4860-ae98-b5b29c4aee83/720p_30fps.m3u8
Requested by: Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/hls/hls@0.8.9.light.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: otfp /
Resource Hash: 3e17a9f835db99b61f695a9562521f2f898fef05a8577830e59fd90c0f3a4a86

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kjyo7100153-IAD, cache-bru1480055-BRU
date: Sun, 16 Jun 2024 17:06:38 GMT
via: 1.1 varnish, 1.1 varnish
server: otfp
age: 0
x-timer: S1718557599.904973,VS0,VE84
etag: "7DKi43psb3xBcLaJF-MvHvWeiWyzmx-6Ud68v4hGVD-WaHK0ru9aamtaO5-fy7Dteo4PAOifNVTOJOS4BtwBmaq3Ng"
x-cache: HIT, MISS
content-type: application/x-mpegurl
access-control-allow-origin: *
fastly-stats: otfp=1
accept-ranges: bytes
content-length: 392
x-cache-hits: 303, 0

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 01D6 0
0 75ms
22ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://cytuk.qrehans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 14177
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jun 2024 13:10:22 GMT
expires: Mon, 16 Jun 2025 13:10:22 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AppMeasurement.js Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/adobe/ 36 KB
14 KB 145ms
143ms Script
application/javascript 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/adobe/AppMeasurement.js

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

45fc508b1a25044da69ef0ee94a3494343002a04ed99d4708c39baa80eb33948

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:39 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 13946
x-served-by: cache-iad-kjyo7100136-IAD, cache-iad-kjyo7100076-IAD, cache-bru1480072-BRU
server: AmazonS3
x-timer: S1718557599.014497,VS0,VE124
etag: "388971df5c9dc10d7edabf1fbdadccea"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 720p_30fps-1.ts Show response
hlsmedia.gannett-cdn.com/authoring/video-renditions/9a1ad7b7-53dd-4415-ba37-151f0a6cde02/aa33a79f-686d-4860-ae98-b5b29c4aee83/ 2 MB
2 MB 111ms
111ms XHR
video/mp2t 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsmedia.gannett-cdn.com/authoring/video-renditions/9a1ad7b7-53dd-4415-ba37-151f0a6cde02/aa33a79f-686d-4860-ae98-b5b29c4aee83/720p_30fps-1.ts
Requested by: Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/hls/hls@0.8.9.light.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: otfp /
Resource Hash: 3567c89d19f9c77a0152b1de7e89ff3bd88ead1e1004870646f484c432a1605b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kiad7000169-IAD, cache-bru1480055-BRU
date: Sun, 16 Jun 2024 17:06:39 GMT
via: 1.1 varnish, 1.1 varnish
server: otfp
age: 0
x-timer: S1718557599.022692,VS0,VE88
etag: "w9vVfDdn50iezzvAFqWxghSzIi6rZXFBVlTE28dVgWujisb-T1wtBNmpd7tTnrabcQ7Dwa10uPPhby896quSn9XdlQ"
x-cache: HIT, HIT
content-type: video/mp2t
x-fastly-otfp-info: ss=0.000 sl=6.006 vl=53.187 rs=720x720
access-control-allow-origin: *
fastly-stats: otfp=1
accept-ranges: bytes
content-length: 2045816
x-cache-hits: 104, 0

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame A501 0
0 86ms
86ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstW8l8VvUWe9CMr7ADz8WzPlaFRwo7ZRXXsM9TRWluLNp2OlUWkAaA-Rz9rD_dBJk_Db4_dnnGn_dapH4mpvveRqGZ4N39O-jXSol_qCYaDvQsm22YSgN3YXeQjsjn7-9lnTVsGp_ZVW_xoQmwg7GlqvWh96Bmb445ez28JKJzN-JGAw83PcpS9ML0uC2lQopeE3YqLrD4XlW9vqyTK6Meal3f_y53m5St4cGZDMrgemnjSADkjSM6ji74YYBZynMi6BBQRY8SkyhFUvXybfCMjP1JWkGv9ulQjtr8SA0xSdBXghdFK5Wd8m6h9qawd5Ol5C3Lpd9JWEvbXi13YCeDWnZpMek8h77bH2rfbQluBC90h4JubQlsQRAP6ckHcnNyH9gol0HYDgeHJ-qkPkm1IzV2k9gdvXVdW&sig=Cg0ArKJSzEAP30PECc0fEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: cytuk.qrehans.com
URL: https://cytuk.qrehans.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240612/r20110914/ Frame A501 23 KB
9 KB 50ms
50ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240612/r20110914/abg_lite_fy2021.js

Requested by

Host: cytuk.qrehans.com
URL: https://cytuk.qrehans.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

817d7b5ec00b950c718b53fc859bd062eb6ea1f785a55116e72ce61fcfd772e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 10:05:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25277
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9123
x-xss-protection: 0
server: cafe
etag: 15459922955786958548
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Jun 2024 10:05:22 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240612/r20110914/client/ Frame A501 3 KB
1 KB 127ms
127ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240612/r20110914/client/window_focus_fy2021.js

Requested by

Host: cytuk.qrehans.com
URL: https://cytuk.qrehans.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 01:13:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57161
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Jun 2024 01:13:58 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame A501 211 KB
64 KB 50ms
50ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: cytuk.qrehans.com
URL: https://cytuk.qrehans.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

1af4b04a9fb1a9a81fa7dceb938120b87e0676df404575691943b58479c6d19b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 16:07:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3538
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65936
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 16 Jun 2024 17:07:41 GMT

GET
H2 200 5115864487057983539
tpc.googlesyndication.com/simgad/ Frame A501 116 KB
116 KB 24ms
24ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5115864487057983539

Requested by

Host: cytuk.qrehans.com
URL: https://cytuk.qrehans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a50e4777d8850ed0e3a9ed4d752c8c2c14f0abd7e4f7b1e2364981fde7b79c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 13 Jun 2025 07:24:40 GMT
date: Thu, 13 Jun 2024 07:24:40 GMT
x-content-type-options: nosniff
age: 294119
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118570
x-xss-protection: 0
last-modified: Mon, 25 Mar 2024 21:01:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
BLOB 200
OK 75ba2af7-7863-4d05-904c-b718cdf05a4d
https://cytuk.qrehans.com/ 62 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://cytuk.qrehans.com/75ba2af7-7863-4d05-904c-b718cdf05a4d
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ce32b0f86a3307542f028c502c43dc8ec24b5ccfba4fb1ecb04b10383c41db0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 63827
Content-Type: text/javascript

GET
DATA 200
OK truncated
/ Frame A501 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cd958ce4bef457ecd2d75a4980a792c72a39b2ad04edfab9db41e49ff4350244

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 bulk Show response
trc.taboola.com/usatodaydemo/log/3/ 0
86 B 42ms
42ms XHR
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/usatodaydemo/log/3/bulk?tvi2=16822&tvi50=17350&route=AM%3AAM%3AV&lti=deflated&bulkSize=7
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240613-38-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 7
date: Sun, 16 Jun 2024 17:06:39 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 3668
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-bru1480055-BRU
pragma: no-cache
server: nginx
x-timer: S1718557599.096027,VS0,VE7
content-type: image/gif
access-control-allow-origin: https://cytuk.qrehans.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 publishertag.prebid.144.js Show response
static.criteo.net/js/ld/ 96 KB
31 KB 77ms
37ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.144.js

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/partner/vendor/pbjsandwich-uw.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-1811e"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 17 Jun 2024 17:06:39 GMT

GET
H2 200 VideoHeartbeat.min.js Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/adobe/ 167 KB
34 KB 171ms
170ms Script
application/javascript 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/adobe/VideoHeartbeat.min.js

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c469acae439549a62ec68178c3d4e8962d3270f9aa9f293e57d59cf863d15c86

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:39 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 34244
x-served-by: cache-iad-kiad7000161-IAD, cache-iad-kiad7000129-IAD, cache-bru1480072-BRU
server: AmazonS3
x-timer: S1718557599.161678,VS0,VE152
etag: "f86e9e642bcb9511db9a4c9355738148"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame A501 0
0 58ms
58ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstleY9DPNmnsiOze_SNeAaN2zZl14cK7fTy29yRJxENgJS0hZ4v7UjnVdXEHxg8ZHTXbJrgqJHCIvmX1eCuIX8LHYL3Nz-JbFsuTnNa4x_GArHZJmT93bkfMSb8gJo32Z-vgsycI4vVjrT1g5Fql0lyE3YzBGn5Hk8kU4jheIZtREKadLqZHAMQuR8tikkK4PCuNSFzyaTDlrNEspKoaCRRrrBi0SdUpqrmAQMULgfIem_Rl2hhOe_5JO1070j1fn6883jycRgu-mVDjN-UPCQ7LjJqN9FF5ddG12lC1WgMkvR1eVwz-tm0kTJxfOBni64okFoQqQGfbcUCwxOzUeWv9IjiTZ3AG4tkH1djvOtwsPIHk8-345r_fL7PYl8MNl5O4plG8mhBc1Z3e76mKACyQ5GLCNEhU1lTUwg&sig=Cg0ArKJSzP1gfTX9Sky8EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A501 0
0 172ms
172ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 17:06:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame FD70 61 KB
15 KB 164ms
164ms Script
application/javascript 35.155.115.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=922805&campId=300x250&pubId=13220208&chanId=21828218001&placementId=6696889610&pubCreative=138469914919&pubOrder=3532696752&cb=953615724&adsafe_par&impId=caff72f5-2c02-11ef-b54c-0a6d20ac7927&custom2=direct&custom3=story
Requested by: Host: cytuk.qrehans.com
URL: https://cytuk.qrehans.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.155.115.241 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-155-115-241.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 5053987657138be6bd09b97884bc649b5feda6d0141ec1f21475580838589f8b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 17:06:39 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 720p_30fps-2.ts Show response
hlsmedia.gannett-cdn.com/authoring/video-renditions/9a1ad7b7-53dd-4415-ba37-151f0a6cde02/aa33a79f-686d-4860-ae98-b5b29c4aee83/ 2 MB
2 MB 105ms
105ms XHR
video/mp2t 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://hlsmedia.gannett-cdn.com/authoring/video-renditions/9a1ad7b7-53dd-4415-ba37-151f0a6cde02/aa33a79f-686d-4860-ae98-b5b29c4aee83/720p_30fps-2.ts
Requested by: Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/hls/hls@0.8.9.light.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: otfp /
Resource Hash: 6ed2128b83ae84e01241e80d136e82ee5cbc6832f0eb98b9fd4b3aa03b4fcf01

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kiad7000164-IAD, cache-bru1480055-BRU
date: Sun, 16 Jun 2024 17:06:39 GMT
via: 1.1 varnish, 1.1 varnish
server: otfp
age: 64735
x-timer: S1718557599.345821,VS0,VE88
etag: "vT-Y7qSVdlm6nU0Yw8L18wpFuwwEXiROspVehhTc5GwX0oc2U_i7AvF3g1WrQHJ5pl9ni2UeUz-TN-vQFkFjy4LhRw"
x-cache: HIT, HIT
content-type: video/mp2t
x-fastly-otfp-info: ss=6.006 sl=6.006 vl=53.187 rs=720x720
access-control-allow-origin: *
fastly-stats: otfp=1
accept-ranges: bytes
content-length: 2102968
x-cache-hits: 97, 0

GET
DATA 200
OK truncated Show response
/ 5 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e086dd34744ec39dd71fcef7fd4ec29a4847a6d0dc6a362d2c1adff7a3e59c7

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 16 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf716415316dfa68c5165f5c7a4675b81e4952421cba07b7c1cd578f0d09971f

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
H2 200 partner-taboola-api-media-video.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/partner/partner-taboola-api-media-video/ 5 KB
2 KB 146ms
146ms XHR
text/html 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/partner/partner-taboola-api-media-video/partner-taboola-api-media-video.html

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7dd84be45fe88777f6353bc5c87a7d431f24eecd2d34c7e696b0db89221e6907

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:39 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, MISS
content-length: 1964
x-served-by: cache-iad-kiad7000069-IAD, cache-iad-kiad7000139-IAD, cache-bru1480076-BRU
server: AmazonS3
x-timer: S1718557599.352181,VS0,VE128
etag: "88182b459f596a0dc6611325c56776c8"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
DATA 200
OK truncated Show response
/ 5 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d110981142c4eed17687001dbc7ec6be3346f43d45f205afa0274ec791308ee5

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
H2 200 main.19.8.511.js Show response
static.adsafeprotected.com/ Frame FD70 222 KB
68 KB 27ms
27ms Script
application/javascript 2600:9000:223f:5600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.511.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=922805&campId=300x250&pubId=13220208&chanId=21828218001&placementId=6696889610&pubCreative=138469914919&pubOrder=3532696752&cb=953615724&adsafe_par&impId=caff72f5-2c02-11ef-b54c-0a6d20ac7927&custom2=direct&custom3=story
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4177211ae6a76aaf0d782dbf3eb19d46bd1af28fee17a5ce688caecc062072fc

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 01:44:31 GMT
x-amz-version-id: uqV03.6ogLSkqx_n1jI65E.EhJ6GL9GN
content-encoding: gzip
via: 1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 228129
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 11 Jun 2024 19:49:04 GMT
server: AmazonS3
etag: W/"b1a013da72e494ee7966fe0bd9ce6a2d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: noFs3UP4bUWD9bFyIemyBxMJxPj3sSXf9tJNBMnOuQUYmlmfvUQyvA==

GET
H2 200 jsdiagnostic
pixel.adsafeprotected.com/ 43 B
198 B 175ms
174ms Image
image/gif 35.155.115.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/jsdiagnostic?code:pet_profile&anid:922805&sessionId:545e9f03-11c1-e569-46eb-e55479d126f6&err:responsetime%3A604%26probability%3A10
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.155.115.241 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-155-115-241.us-west-2.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 16 Jun 2024 17:06:39 GMT
cache-control: no-cache
server: Apache-Coyote/1.1
content-length: 43
p3p: CP="COM NAV INT STA NID OUR IND NOI"

GET
H2 200 sca.17.6.4.js Show response
static.adsafeprotected.com/ Frame 41CC 91 KB
23 KB 27ms
27ms Script
application/javascript 2600:9000:223f:5600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.4.js
Requested by: Host: cytuk.qrehans.com
URL: https://cytuk.qrehans.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ac42cf20760d5b0f71be7a0391c76020002aa1dcfc75bae782360bf2761db29f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 01:44:31 GMT
x-amz-version-id: bOtNsqPibVajaDyuqqyqCrhSRcjcC6sa
content-encoding: gzip
via: 1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 228129
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 13 May 2024 16:44:02 GMT
server: AmazonS3
etag: W/"8fa66f8b94450bd040e7b5a7550c52de"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: BAoo7sBsIJb1sgD6DGI3qcnXaUYe1XX3DByNcWp-nkg9jy7s68uJiQ==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
198 B 174ms
174ms Image
image/gif 35.155.115.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=922805&campId=300x250&pubId=13220208&chanId=21828218001&placementId=6696889610&pubCreative=138469914919&pubOrder=3532696752&cb=953615724&adsafe_par&impId=caff72f5-2c02-11ef-b54c-0a6d20ac7927&custom2=direct&custom3=story&adsafe_url=https%3A%2F%2Fcytuk.qrehans.com%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:ef5b7226-2889-3042-bdf5-84eacfefc0f1,c:fOTlpn,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-d76dc8bd4-x2gbb,rg:or,pt:1-5-15,wc:1090.1090.1600.1200,ac:1374.1506.300.250,am:i,cc:1374.1506.300.250,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:79,mot:0,app:0,maw:0,tdt:s,fm:ufSIy40+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b1%7C1b2%7C1c%7C1d*.922805%7C1d1,idMap:1d*,pl:CV8L.CV8L.CV8L.CV8L.CV8L,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:97,oid:cbd008b7-2c02-11ef-a749-964773b27beb,v:19.8.511,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.155.115.241 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-155-115-241.us-west-2.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 16 Jun 2024 17:06:39 GMT
cache-control: no-cache
server: Apache-Coyote/1.1
content-length: 43
p3p: CP="COM NAV INT STA NID OUR IND NOI"

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
217 B 319ms
99ms Image
image/gif 2600:1f18:1aca:4280:1ba5:6bde:5c8e:bd09
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=922805&asId=ef5b7226-2889-3042-bdf5-84eacfefc0f1&tv=%7Bc:fOTlpX,pingTime:-2,time:133,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:330,beZ:331,mfA:409,cmA:410,inA:410,inZ:413,prA:413,prZ:422,si:427,poA:428,poZ:437,cmZ:437,mfZ:437,loA:443,loZ:445,ltA:463,ltZ:463,mdA:331,mdZ:385%7D%7D,sca:%7Blts:2024-06-16%2019.06.39,dfp:%7Bdf:4,sz:300.250,dom:body%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:300,h:250,t:97%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:133,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:97,wc:1090.1090.1600.1200,ac:1374.1506.300.250,am:i,cc:1374.1506.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B52~0%5D,as:%5B52~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:ufSIy40+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b1%7C1b2%7C1c%7C1d*.922805%7C1d1,idMap:1d*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:IMG.qs,siq:97,slid:%5Bgoogle_ads_iframe_/7103/usatoday/poster/lifestyle/health_0,google_ads_iframe_/7103/usatoday/poster/lifestyle/health_0__container__,partner-poster-5-container,partner-poster-5,aux%5D,sinceFw:35,readyFired:true%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:1ba5:6bde:5c8e:bd09 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 17:06:39 GMT
server: nginx
x-server-name: dt82.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
216 B 289ms
101ms Image
image/gif 2600:1f18:1aca:4280:1ba5:6bde:5c8e:bd09
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=922805&asId=ef5b7226-2889-3042-bdf5-84eacfefc0f1&tv=%7Bc:fOTlqt,time:165,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:165,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:97,wc:1090.1090.1600.1200,ac:1374.1506.300.250,am:i,cc:1374.1506.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B84~0%5D,as:%5B84~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:ufSIy40+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b1%7C1b2%7C1c%7C1d*.922805%7C1d1,idMap:1d*,rmeas:1,rend:1,renddet:IMG.qs,siq:97%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:1ba5:6bde:5c8e:bd09 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 17:06:39 GMT
server: nginx
x-server-name: dt56.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
216 B 101ms
101ms Image
image/gif 2600:1f18:1aca:4280:1ba5:6bde:5c8e:bd09
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=922805&asId=ef5b7226-2889-3042-bdf5-84eacfefc0f1&tv=%7Bc:fOTlui,pingTime:-10,time:402,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi40djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi40dk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTI2LjAuMC4wIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.4v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200222002220222202,asp:1718557599921%7C%7C58964fb781083dea2a8c7c640bdaba09%7C%7Cf1f6b29a6cc1f79a0fea05b885aa33d0%7C%7C76973ad6a3707207fd96b9640831fdfc%7C%7C07c96569b37d2bc97f615584538f1684%7C%7Cb74ef9b6a10e798eae8ee441971479bb%7C%7Cfafb1ff5d7a6c09657e2a7e97623a741%7C%7Cb7d5f620046619757d18f50fbaee8b7b%7C%7C1715618633%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:1ba5:6bde:5c8e:bd09 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 17:06:39 GMT
server: nginx
x-server-name: dt50.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 18ms
18ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240613-38-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding: gzip
via: 1.1 varnish
date: Sun, 16 Jun 2024 17:06:40 GMT
x-amz-request-id: MFM3ST99K4GA82Z2
age: 931
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1347
x-amz-id-2: xJdpYBRlj5CxhHM90mZ2A/SIY4c6QrI2iEZXa/q1Gcx0/YiLG62Ee7Dfj6lNzTkvuMCXwsoNjc8=
x-served-by: cache-bru1480055-BRU
last-modified: Sun, 29 Oct 2023 14:06:32 GMT
server: AmazonS3
x-timer: S1718557600.076192,VS0,VE0
etag: "c52aa1ea682aef8ad5ebf7aff9662e35"
vary: Accept-Encoding
content-type: application/javascript
abp: 52
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 825

GET
H2 200 / Show response
pips.taboola.com/ 4 B
123 B 24ms
17ms XHR
text/plain 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-bru1480046-BRU
date: Sun, 16 Jun 2024 17:06:40 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://cytuk.qrehans.com
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 279ms
89ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=9d216d1c-2e25-4740-b4c9-908ec0d81a32-tuctd68a11d&ptf=V2luMzI=&ptfv=MTAuMC4w&ufv=MTI2LjAuNjQ3OC42MQ==&bnd=R29vZ2xlIENocm9tZQ==&bndv=MTI2&bnd=Tm90OkEtQnJhbmQ=&bndv=OA==&bnd=Q2hyb21pdW0=&bndv=MTI2&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Sun, 16 Jun 2024 17:06:40 GMT
cache-control: no-store
server: nginx

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A501 42 B
65 B 176ms
175ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsswr0BKVyIE3aOtOiaZEWwYDV0O_k8YbVffqXYiDM-iy7H0gVIIpL46NO0NJQ_0-v_rfbzp1M2b4mW5AxE-6c1HLRhR0NpeiV4THRQkMDZ2oYQhRcJUGkihNFR_BTF0bG53LJ3De_-qrmQvR6Tz2dMdCVaxzwJOI1a8rngJoZMNMGU&sig=Cg0ArKJSzIdKRZQ0VGTIEAE&id=lidar2&mcvt=1000&p=415,284,665,584&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240612&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=4054224804&rs=4&la=0&cr=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguNjEiLG51bGwsMCxudWxsLCI2NCIsW1siTm90L0EpQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyNi4wLjY0NzguNjEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjYuMC42NDc4LjYxIl1dLDBd&vs=4&r=v&co=1449039900&rst=1718557599019&rpt=166&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=14

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 17:06:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe
gum.criteo.com/ Frame 3BB4 0
0 48ms
17ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=cytuk.qrehans.com&gpp=DBABBg~BUoAAAKA.QA&gpp_sid=8

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://cytuk.qrehans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jun 2024 17:06:40 GMT
server: Kestrel
server-processing-duration-in-ticks: 397175
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 publishertag.prebid.144.js Show response
static.criteo.net/js/ld/ 96 KB
0 0ms
0ms XHR
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:39 GMT
content-encoding: gzip
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-1811e"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 17 Jun 2024 17:06:39 GMT

GET
H2 200 prebid_iframe_sync.html
cdn.taboola.com/scripts/ Frame 8120 0
0 307ms
306ms Document
text/html 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/prebid_iframe_sync.html?gpp=%5Bobject%20Object%5D
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/partner/vendor/pbjsandwich-uw.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://cytuk.qrehans.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

abp: 33
accept-ranges: bytes
access-control-allow-origin: *
age: 0
cache-control: private,max-age=14400
content-encoding: gzip
content-length: 2025
content-type: text/html
date: Sun, 16 Jun 2024 17:06:41 GMT
etag: "ba0777792ce6c88cb6ac61d50f5ed420"
last-modified: Thu, 30 Nov 2023 18:35:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 varnish
x-amz-id-2: Bw0bLCJn3rCRJM1O6x+Ug2a1NA9tXatntMy+6VBRCdZXYcG9aSTZYGaCvg6B3zz7lP+mVpoA5CM=
x-amz-replication-status: COMPLETED
x-amz-request-id: 8532WA5HRHFC0Q7N
x-amz-server-side-encryption: AES256
x-amz-version-id: 7Bl.XaNXVuUlHrm3kacHfal8wWJB1784
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-bru1480075-BRU
x-timer: S1718557601.779011,VS0,VE289

GET
H2 200 p
sb.scorecardresearch.com/ 43 B
298 B 23ms
22ms Image
image/gif 18.244.18.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=2&c2=6035223&ns_type=hidden&ns_st_sv=5.1.1.160316&ns_st_smv=5.1&ns_st_it=r&ns_st_id=1718557598777&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=53000&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=5.1.1.160316&ns_st_pn=1&ns_st_tp=0&ns_st_ci=6136799001&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_ts=1718557604553&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=5776&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=life&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=2021-10-25T11%3A59%3A08Z&ns_st_tdt=*null&ns_st_pu=*null&ns_st_ti=*null&c3=usatoday&c4=life&c6=*null&c7=https%3A%2F%2Fwww.usatoday.com%2Fvideos%2Flife%2Fhealth-wellness%2F2021%2F10%2F25%2Fpb-j-sandwiches-classic-but-how-can-we-make-them-healthier%2F6136799001%2F&c8=Here%20are%20some%20ways%20the%20classic%20PB%26J%20sandwich%20can%20become%20a%20healthier%20meal%20option&c9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-38.fra56.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cytuk.qrehans.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 17:06:44 GMT
via: 1.1 5d328d2e734cff11e41c897ec72f465e.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P11
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: IFBQNazOeH5kMb2a9mhiS9yxaxop6sAzIcatn0gt0bGFN1w-lqoXQg==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: user.usatoday.com
URL: https://user.usatoday.com/USAT-GUP/user/

Domain: atoms.qrehans.com
URL: https://atoms.qrehans.com/atoms-configs/prod/dist/uw/USAT/control/journey.json

Domain: www.usatoday.com
URL: https://www.usatoday.com/pbd/cookie_sync

Domain: www.usatoday.com
URL: https://www.usatoday.com/pbd/openrtb2/auction

Domain: www.usatoday.com
URL: https://www.usatoday.com/pbd/openrtb2/auction

Domain: www.usatoday.com
URL: https://www.usatoday.com/pbd/openrtb2/auction

Domain: www.usatoday.com
URL: https://www.usatoday.com/pbd/openrtb2/auction

Domain: www.usatoday.com
URL: https://www.usatoday.com/pbd/openrtb2/auction

Domain: www.usatoday.com
URL: https://www.usatoday.com/pbd/openrtb2/auction

Domain: www.usatoday.com
URL: https://www.usatoday.com/pbd/openrtb2/auction

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202406130101&jk=3617989113722818&bg=!vL-lv_DNAAb64txl2uI7ADQBe5WfOL9I4wvUYVVD9QwCeRkKxctn4_yxSvTHQqUYFKzRyCmaOLXfvEDZlQQ6Z4Up9FM8AgAAADVSAAAAAWgBB34ANRhGtZJBFyxVM3P32nv_TiYk_LLC0-bsT6NccjfK_tPeiSaIdMjnMp5oCvjB0qFd7N-icVrKmQKhMGo7HYaLNEYGC6aPObgfwlzwMpLI9K06Yt1suAaON1jzL3KFDuncQm_HZ7T-k2bGaXDZwUYwpvVZ4FTE6Vm1lIsSGpTwqJ02HyntnukVFJSFI1EUGN-ccqstwN4NgBDl-wb5NyK3WOVtlefe1kM4GBa7Lt6aLbYpPs_LaNMhlkSmQdWkZb3iOYEouhPIENf_dr6jI_s3ZWVpOOYSfj_KeI_k0fmaApen3qmRvTeB1gWoTeFYHG3pKEgCKsBF2NnJT4PFh7q2yL-5Ga2qzIDrbvuYLQHXVmZN8PW6D3DSyr-6xwqw1v4_zBVinrCXp2QjH3DevjzaCnEI1PUdNhDwWHxwjK_bIaA0mS8UJZAH6HwmAEnQ_udbuu3ntTZlGo2lMxIm7_gm9_MzJ3EiBADSGIDyJLro6U2XRdkg4TqSVbfkxUNHX6HtZQ3-PGaRDvgt3EkSVQV0UCE6li05ak0aL5TnBRsoVkq06XDLf3ki38oh4K0PSR1v62MUKDmOMQo6rx2bjl6mg2Vr5drTSSsegIyJGAsu4ZLRoS3MGl09zrAow4yJ4t9ywj_ZqF6TJ7hOGb4FyqvdYyMX7Llf5sc16Svzn98IYLR8EqZKJnMFeIhzLAZPVPD_TvO6DkJ1K7Psovs78C4N44SWVcYL7iF6sqZwvDRIyaPrTTD0pjsj76eEu1UqeOUmLO3fVgWULBkoUsNQwH2WHvVVGLXY3aieVoepJt6S5F5FUTQ9OVzB-SiGMzqGibyW9WwnKibqwAz5CPRnI1TUxQlm9NwK0GdX5KZw4oQNTHXTLASkkSd7ZpgV9baCCsga3Z9M-ToBoZ9ihx3nh4PwtGi1BKogeRR1RSakidNH2l9fDd9e_zL5rL2rRI7kEv7XAf9CqGr47ldT0Q

Verdicts & Comments Add Verdict or Comment

248 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.liadm.com/j	1970-01-21 06:58:37	Name: lidid Value: 944b0263-8134-4e7f-baa9-dac79dee10bb
i.liadm.com/s	1970-01-20 22:05:49	Name: _li_ss Value: CjUKBQgKEJYYCgYI3QEQlhgKBgiBARCWGAoFCAwQoBgKBgiiARCWGAoGCNIBEJYYCgUIfhCWGA
.qrehans.com/	1970-01-20 21:24:03	Name: gca_lcu Value: https://www.usatoday.com/story/life/health-wellness/2023/04/28/how-eat-healthy-tips-healthiest-foods-and-unhealthy-ones-avoid/11758541002/
.qrehans.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .qrehans.com
.qrehans.com/	1970-01-21 06:58:37	Name: _lc2_fpi Value: f1ebb61b416b--01j0h07qzyzssf3cfaja1f97er
.qrehans.com/	1970-01-21 06:58:37	Name: _lc2_fpi_meta Value: {%22w%22:1718557597694}
.criteo.com/	1970-01-21 06:44:13	Name: receive-cookie-deprecation Value: 1
apv-launcher.minute.ly/	1970-01-20 21:32:42	Name: AWSALBCORS Value: Qk1Ip62VsXNkftuyUnuhrsLr8GoEUesGkAwNQM8PSikHaCQavlYDoH8BHYEE840ZlQCxWGZNDAgwLo+ODIcz2/PvZd24yUVlFmDV1ggTzN8J49PnhWO4FbCmx67H
.qrehans.com/	1970-01-20 21:24:03	Name: _gid Value: GA1.2.440034625.1718557598
.qrehans.com/	1970-01-20 21:22:37	Name: _gat_gciAnalytics Value: 1
.qrehans.com/	1970-01-20 21:22:39	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://cytuk.qrehans.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1718557597767%2C%22slts%22:0}
.qrehans.com/	1970-01-21 06:58:37	Name: _ga_QQ6YP2J211 Value: GS1.1.1718557597.1.0.1718557597.0.0.0
.qrehans.com/	1970-01-21 06:58:37	Name: _ga Value: GA1.1.1474893891.1718557597100
.qrehans.com/	1970-01-21 06:52:01	Name: _parsely_visitor Value: {%22id%22:%22pid=ff358996-8fb0-41da-b90f-032a579ce256%22%2C%22session_count%22:1%2C%22last_session_ts%22:1718557597767}
.qrehans.com/	1970-01-20 22:05:49	Name: minUnifiedSessionToken10 Value: %7B%22sessionId%22%3A%22af7d268d24-6f786e694b-cdf5e335ab-e7e62ed993-450fa2f2ae%22%2C%22uid%22%3A%22d53af470cc-cbddc20a41-2f89a0a652-cad70deebc-78bd3ec722%22%2C%22__sidts__%22%3A1718557597790%2C%22__uidts__%22%3A1718557597790%7D
cytuk.qrehans.com/	1970-01-21 06:08:13	Name: minVersion Value: {"experiment":-1292825208,"minFlavor":"Video Headlinemi-scraper-1.17.1.48.js100"}
.doubleclick.net/	1970-01-20 21:22:38	Name: test_cookie Value: CheckForPermission
.liadm.com/	1970-01-21 06:58:37	Name: lidid Value: 944b0263-8134-4e7f-baa9-dac79dee10bb
.qrehans.com/	1970-01-20 22:05:49	Name: _li_ss Value: CjUKBQgKEJYYCgYI3QEQlhgKBgiBARCWGAoFCAwQoBgKBgiiARCWGAoGCNIBEJYYCgUIfhCWGA
.qrehans.com/	1970-01-20 22:05:49	Name: _li_ss_meta Value: {%22w%22:1718557598978%2C%22e%22:1721149598978}
.turn.com/	1970-01-21 01:41:49	Name: uid Value: 6932371955398201463
.demdex.net/	1970-01-21 01:41:49	Name: demdex Value: 68215249265834258933416709410674253533
.dpm.demdex.net/	1970-01-21 01:41:49	Name: dpm Value: 68215249265834258933416709410674253533
.rezync.com/	1970-01-21 01:41:49	Name: zync-uuid Value: 432caf76-d6d4-45eb-8dbe-9e3435d6fc61:1718557599.2711327
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_wXByxHAIAgFwEvaITN8n9iNChaSyrP7PTCVsy6CKsrIvDeN2k3ZauoV9wRPBg93eOYrYFbBDx6Tb4Q6AAAA
.rfihub.com/	1970-01-21 06:44:13	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MTI2NjM3sjQ1BLItgTwhPkPd4vSSkuyIzMj84nJdAB79dtUlAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MTI2NjM3sjQ1BLItgTwhPkPd4vSSkuyIzMj84nJdAB79dtUlAAAA
.rfihub.com/	1970-01-21 06:44:13	Name: eud Value: H4sIAAAAAAAA_13Iuw2AMAwFwAmoMoeR_H0J25A4GYiSkkkpkSjvrgJTGedCUEYamc9ONfukNtXUM9YIPhhc3eGt7QJmFdxl-9IEz88v7LvlbloAAAA
live.rezync.com/	1970-01-21 01:41:49	Name: sd-session-id Value: .eJwNykEOhCAMQNG7dC0mpZQKlzEKNSEzMhNxNmO8u-z-S_4F81ePfalaT4jn8dMB0rt0NYgXtPLf9QURGJ0l8mIDY-_QBfcATVsrnzqX3B9HNi2beJN9dsaxrmbKq5qg5Iiz35LHiIITs3AIoxVEsgL3A8DRJgs.Zm8bnw.hK1gGjcqlWUuvBvo2MOWTWa5BHs
.rlcdn.com/	1970-01-21 06:08:13	Name: rlas3 Value: 3HL1Lhn7ydooGJJgk+rlyytKuZAx86wwCar9SWXF2q0=
.rlcdn.com/	1970-01-20 22:49:01	Name: pxrc Value: CJ+3vLMGEgUI6AcQABIGCLbqARAA
.adnxs.com/	1970-01-21 06:58:37	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 06:44:13	Name: uid Value: 26c6ff8c-dbac-445d-be69-0f2b24829d7c
.qrehans.com/	1970-01-21 06:44:13	Name: cto_bundle Value: IEGUf19uUCUyQldhVml1R1hJaGJWZE9oTFpoQTFvWmNQRE5SMkJPVlpEckhCZEtHYTFSWUQ3MU9FWjJWdFNXYzBpckFWWGRqQm9pckRTaXFXTEVsQ1dIbFNxS0FOMDVqQWFBUERHUjNOSXVLV21HcVFKcWNhRzNNRFRFeGtqbE0xblhmempldGo2dlpBNHlIWVFaaWklMkJSTnNEUlpnJTNEJTNE

19 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://cytuk.qrehans.com/ Message: Access to fetch at 'https://user.usatoday.com/USAT-GUP/user/' from origin 'https://cytuk.qrehans.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://user.usatoday.com/USAT-GUP/user/ Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://atoms.qrehans.com/atoms-configs/prod/dist/uw/USAT/control/journey.json Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript	error	URL: https://cytuk.qrehans.com/ Message: Access to fetch at 'https://www.usatoday.com/pbd/cookie_sync' from origin 'https://cytuk.qrehans.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://www.usatoday.com/pbd/cookie_sync Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://cytuk.qrehans.com/ Message: Access to fetch at 'https://www.usatoday.com/pbd/openrtb2/auction' from origin 'https://cytuk.qrehans.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://www.usatoday.com/pbd/openrtb2/auction Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://cytuk.qrehans.com/ Message: Access to fetch at 'https://www.usatoday.com/pbd/openrtb2/auction' from origin 'https://cytuk.qrehans.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://www.usatoday.com/pbd/openrtb2/auction Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://cytuk.qrehans.com/ Message: Access to fetch at 'https://www.usatoday.com/pbd/openrtb2/auction' from origin 'https://cytuk.qrehans.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://www.usatoday.com/pbd/openrtb2/auction Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://cytuk.qrehans.com/ Message: Access to fetch at 'https://www.usatoday.com/pbd/openrtb2/auction' from origin 'https://cytuk.qrehans.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://www.usatoday.com/pbd/openrtb2/auction Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://cytuk.qrehans.com/ Message: Access to fetch at 'https://www.usatoday.com/pbd/openrtb2/auction' from origin 'https://cytuk.qrehans.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://www.usatoday.com/pbd/openrtb2/auction Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://cytuk.qrehans.com/ Message: Access to fetch at 'https://www.usatoday.com/pbd/openrtb2/auction' from origin 'https://cytuk.qrehans.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://www.usatoday.com/pbd/openrtb2/auction Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://cytuk.qrehans.com/ Message: Access to fetch at 'https://www.usatoday.com/pbd/openrtb2/auction' from origin 'https://cytuk.qrehans.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://www.usatoday.com/pbd/openrtb2/auction Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0698c99672e8649c1c16907a6665e5d7.safeframe.googlesyndication.com
a.teads.tv
aax.amazon-adsystem.com
ads.pubmatic.com
am-trc-events.taboola.com
api.gannett-cdn.com
apv-launcher.minute.ly
atoms.qrehans.com
atoms.usatoday.com
b-code.liadm.com
bidder.criteo.com
c.amazon-adsystem.com
cdn.adsafeprotected.com
cdn.confiant-integrations.net
cdn.cookielaw.org
cdn.parsely.com
cdn.taboola.com
cds.taboola.com
config.aps.amazon-adsystem.com
counter.snackly.co
cpt-static.gannettdigital.com
cytuk.qrehans.com
display.bidder.taboola.com
dt.adsafeprotected.com
googleads.g.doubleclick.net
gum.criteo.com
hlsmedia.gannett-cdn.com
i.liadm.com
images.taboola.com
imasdk.googleapis.com
p1.parsely.com
pagead2.googlesyndication.com
pips.taboola.com
pixel.adsafeprotected.com
pm-widget.taboola.com
polyfill-fastly.io
region1.google-analytics.com
rp.liadm.com
rp4.liadm.com
s0.2mdn.net
sb.scorecardresearch.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
snippet.minute.ly
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
topics.authorizedvault.com
tpc.googlesyndication.com
traxex.gannettdigital.com
trc.taboola.com
user.usatoday.com
www.gannett-cdn.com
www.google-analytics.com
www.googleadservices.com
www.googletagmanager.com
www.usatoday.com
atoms.qrehans.com
pagead2.googlesyndication.com
user.usatoday.com
www.usatoday.com
13.224.186.120
141.226.224.32
141.226.228.48
142.250.186.162
142.250.186.66
142.250.186.98
151.101.1.44
151.101.129.44
151.101.130.62
151.101.194.62
151.101.2.62
172.217.18.2
172.64.144.166
178.250.1.8
18.172.112.107
18.238.243.129
18.239.88.34
18.244.18.38
184.28.88.244
184.30.211.26
188.114.97.3
199.232.215.52
2.19.217.101
2001:4860:4802:32::36
2600:1f18:1aca:4280:1ba5:6bde:5c8e:bd09
2600:1f18:730:b150:e4d6:9677:b997:f53c
2600:9000:223f:5600:8:48e:53c0:93a1
2600:9000:275d:ee00:8:8845:1500:93a1
2606:4700:10::6816:48ae
2606:4700:20::ac43:48f0
2606:4700::6813:b134
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2006
2a00:1450:4001:81c::200a
2a00:1450:4001:82a::2001
2a00:1450:4001:830::2008
2a00:1450:4001:831::200e
2a00:1450:400c:c0b::9a
2a02:2638:3::3
2a02:2638:3::c
2a02:6ea0:c700::22
2a04:4e42:600::347
3.161.77.50
34.149.193.192
35.155.115.241
35.171.216.113
52.17.99.225
52.5.81.134
004a11ec006ae584aaef498e667db3ae638da9586d7e898865547b0e439ff45f
0153eb65f58eb0b5f33d0ba1734b7ac3de41deb4e55536c39e72e88827175dca
02039d4ac88e77884d8dab4b011fbb756ab82dd85c64ce39a19e2151d92c751c
02bcac28f87dfcd0ec146c6d085d38ce01f412dcdbd194127f5d5667808125f9
039027fdfb64d533991b24885cf5d2cb4ca2ce917d9b4c73f464fe0cc015024f
04530fe1e13a15cb5f563d763cab46282cb7fd2201dba7a8257da564fe9eda6b
04c6ef5e48cceec44d94a408d376f8bb62956d8aa5b50cc0b26adf78ad1cbfaa
06103ce43485e865bcb6abc55ff75342dbf58c6e2ec94315ca3057a58e8f6a51
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
070af9b9cc3a83f9b6ae9238e6d1fef9f1fb840d73b65f65c2a4328fc4e7c729
071b529cc93e0745d5fe2e03571e0817479878e2d51006281658a6232b3b5dd0
0767e2ab2440f261df5380fa8e42627d602bc78be339b8dbebfc436cc60e139d
0862d3c8b349b9f7e0d49b4a68573691d390395a020002819d0723d7c5fe562e
08deecbce56cfb8222d8b2f89d9ba7fb6abc73c11c250815ed6d7eacfc0a48d5
0c42a7bb6bab2526b60a115423a6c41f003b75705e84b0ae24910d7d0b162c41
0ce32b0f86a3307542f028c502c43dc8ec24b5ccfba4fb1ecb04b10383c41db0
0cff03129f16a73a8ff89d06578b0b1a1127bddb582fd05f0ab62f8ccc6b62f7
0d91883b892841e5140d97e18ed26a8a0f04c27a644f00104655dc94e5d3c13c
0f01ef19df758793f58a530b555cc3b838cead0d6730d54cc26ccf168f69d936
0f790bdfb9c12c83da88b657a00be6b9aee3d14d167002faaa9562bc74404325
107b436a586593db2da55491059067936714125a9c8289969db71402fcf58af4
11392ca5b4fca00e3ddb62937fbfa74557dba5c5685b3d4939649a680c06656c
113b988757f4101d160571f19771fd5ea84f373457a7ca7f56b104cc51cd3d0f
123bb290d7e535508dc84350e2152c6a561dcda94f4c5bbf1fcc1f50fd89b63b
126c5f0c8c4cd0135b5e9ffb1c113a6f229de3f89bce9e099b3c85bea641bd7c
1304fd03c5abacb5d5bd8fe8a03f6f2a725b05f268b69cdee74bbb84557e5779
13ca66cf6767366a16dcab079a022ab7efaff7ad1f44fe904543916d56bb2d9b
17bad6b58552497a92e47c6fa5a5bed739e2d8cb46b8097e3dd98d54b8661585
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1af4b04a9fb1a9a81fa7dceb938120b87e0676df404575691943b58479c6d19b
1c3f29b93d961e02766afc79e1fc7e7bf8510ec831d77aabff63e87aea18d8d8
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e93d1966552e0ec57b358850e3a1bbd4ee91eaf77ecbc665d634fa78cd99f0c
1edbf56d4c457cd9dd9c91d16f48b96678dbd7ec2ebf39778e1a04a3a72ce302
20860cd85b16709e5f98332ecf82297b784da87651bb872006c151501f972cb9
20ba49665bf99f2cc5e23e68536c23ac981329935e9a98f2efca647e1acd8ca3
23d91550a74f26530c40ff852852d88a85c7fe06ef33d1f33e4508759230c140
24fb2fd7741936d841da2d696277529b18347a2cdcab81d138c07bfd6f36e60e
26eee452779b97bf35c0e8b1238dc91c8ed1a736c427251ebb5574e8de3bb756
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2b63b3bee4bb1876f2c43ec5decb408dc8e29c928623b7f60094865c4ad2a4a7
2feaea79bf8d0b941dac8dd4508347b6cf19278096180a308f56eaa040235759
32bbc893217eed1f27f02a5f6800e4b6153bfc8d71abb73af9ffcbb53f0307df
32ef7b2c958df422a41169feb6e0dc8a6a149c94957f148ac1f522683bb1522a
343156d6746b0dbfaaf5338d6676f94f37048a171b9c7e58f3ec15a7111d84f7
3474fb31bfd74dcda22f3aeabb40b581048dcb5ef281c5324fedd4bf4df72c10
3567c89d19f9c77a0152b1de7e89ff3bd88ead1e1004870646f484c432a1605b
36d0f6150f2eaaed37a21fbe52156a4cab87e4fea0b6d69663d27dcf0b3d4424
371dbda9619cf12162b68749c76b9e9b1692dad84bba175d5718072ae674c559
376710062084ea2165061850fd4e1b66fac2191a1c7f003acd1b9f98dfe4068b
380b59b697189c5e5b22599a8b6ea78be45273dbde8236887d7c140aa11a0ba3
3854294ad0231749f307027820af7903f60f7410054c953cac1f527115daaa2a
3a364d6676231e5ebefb13c57f4e9e2f29e3b6897b985d4f87e21cfc2124cdd0
3b7a86a7ce0392af890ca11fe6f7ee5746b975cb98204a39ec8cd43d817c389e
3bfc4ebfae3cd45e9e8783fd9178b7487078df7c8daa5a302b39892851a38925
3c65d8eb3fd2723437c9770fbbe1449e4e21f37990d97ebb0f8b63db9e502c04
3ce9d5a52f0d6b39c94f645cb0f47d76010cca64a134352269ee3795120c3764
3e17a9f835db99b61f695a9562521f2f898fef05a8577830e59fd90c0f3a4a86
3ee14ab9c91eaa98c77adab568df55da8db6fe9aa701e9a869506c3732cea15e
3fc4fd0f7cd64fce23b77dcf0142a96314e691e5b9bd0475910202865d0793ed
40d43c9d3b547d37f3190b4d01f89c8b1d8b3c19bdc7378c0578a8faf3f44176
40ee3b544054d51e1641034e4336492eefe2d2c063a370ed11d4970ae6423eca
4177211ae6a76aaf0d782dbf3eb19d46bd1af28fee17a5ce688caecc062072fc
4295341928984eb4a9fe7ebbcb81c91d9f5a56a029a698795b808fdb4f90a6fc
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
43fc652db51c181fa1ae056ffde2443db9bce4f6ed0e7c1bd84412235dba2204
4447a256561b21db18e4de51442d92ed316873151e712e8539830abf816a0d5f
44c92f78e9c922a19975b0d15fc19ebf609b0d61f9fa6366bc1647c3e45f6981
45c4e467e9fb2f1f211439f30027a07957b415398601cd08bd495e87ff480eb6
45fc508b1a25044da69ef0ee94a3494343002a04ed99d4708c39baa80eb33948
46ea8464d2c3f35b1f5031bf2a9c0e422eaf4e0d45faa9dc5e03f465a6a8c486
47e4dc7f1b1175872ccfd77af5f2b8deb9369da8bf33b126121ae25c5af845e6
4832ef08e9658a2aeb523553ac23a657ed8e554a07690e243424390fe797868a
495129eb53b44e4d99c5540b43d5a1e5b352917411bcdf164ea4a22edc37036d
4993695f92f4e4c324f9540baa0478cb2fec43cbd86992974d33c2c4289066ec
49a71e81d2d2e307cd33ad81624099c2aa905435a5edf8dddd1a99733de218aa
4a499c323f2a3aa74a14ca3e66d28006f34c9ad408df046a5384f2aab16e2991
4b56346abd8ac9a16c8ed3e5723ea0eeed3d8b3a6c0abf035f3f1623994aa75b
4b9180dd86f6afb03bb7570c71c615e5522b6013d5cda37c1896141d4c4fe922
4dc4fff9aab3a93f787c41e65e7f42e3ce5412f919efd59335d4cd68a30b6561
4dd82c30df09e7ef19a2f4c059fe750ea8d363ff0e2ac8c554d4a4bdd84188fe
5053987657138be6bd09b97884bc649b5feda6d0141ec1f21475580838589f8b
508c24848739b8219fd947eecabf6b5a388049479593890c5f5d9d0aae0f2bda
50b151128e92bf38325fab38896be2f5c6c78d557e10e649bb764dad42188e75
511f127a1868984cf9d3d9545da20d1c43222d656515a2ee13737a38ba30c791
528d6442ed3163fb9323c1b6c2bda10dff87c8c4fe1abc3d49d85503b402c6bb
5438244d57a2d3f821c38f0d3331c123567c53325cf995beab127b76966c8f7c
5680984cafd03b7ffac79009300c94b135354bd7741d6ebd8e13f010be38c50a
5763ffcdc92f9c4e46207cef0e23f34a54b41bc1aefd734a5a3aced5c7544ef2
59aba2008cdd8c0a3a24fef082e01c1cacdcc6cadd939396166eab475c1e925d
5b529448eb68dc6a434e58709ade0b8d9458f4a0082ef03dae87ccbd9f7d8ce8
5b9cfa0283d9a9f6a909df2b61c9933c11130343f08aec96cdd8f49c29972526
5be2dfa172d505acb197760b55c4731347cc239a7a046013c251948bb8214dbc
5e086dd34744ec39dd71fcef7fd4ec29a4847a6d0dc6a362d2c1adff7a3e59c7
5e0f3e088896d15c5b2d1a0396fe84159eeee608a535c6f4e62992c927e8434f
5efaa2ccf201122813b7fce67ad176f86437b34b57425cd55375fda10e52daed
5f12a7e83b53174324fb3ac6b4851779470b088584f3d4349eb66bdf2c2222de
5f65a0f11dfb663a620dde743cab6c8434307b9aedea52c0f4c3f9ba52e5d706
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
60e0d3bc202871fc6a3126bace9ea0e533987ae39e613e6f44a8e49e96569696
6177996af84c4e9e810c240e4f7fb1efa82ba95862fa36b3aae360e0568cecca
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63ebd809b2988be498b87eadffc18b32f301c477d58128e508b7268e1df4b105
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
692ae4751ee9cf34c8a76a91f1d8df47bf098da4b9b2fb10e9181d9cf4dc81f7
694d1775babd17bdfd1e2a8c84db0c023d91b4d12f8e3e63b0eab3047376338d
6a50e4777d8850ed0e3a9ed4d752c8c2c14f0abd7e4f7b1e2364981fde7b79c0
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6b2a585166a344d389abbdb93478b3fed0a2345055db2c81af069496fd63b809
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c53441d1a937468383d786be79d2e01bdd99af37634a2d883f6d58c8219a79d
6d17f02f855e44c5671557aeea54a29281875098b13c42805020ff577f8a5972
6ed2128b83ae84e01241e80d136e82ee5cbc6832f0eb98b9fd4b3aa03b4fcf01
6fa5fad4f499ec8b02f1eaf8c570e80dc6f66f1772245b902c5dd91e69773d70
70dac0bff0be690d0fe75181a06e3bc54c470c8491cc9a32e5cf89f5ed9b0179
71e240fc2794b33d8dcb0b5d17ebb19fd9a69c717a1854fa6f4296cd3c9579b7
72594b51b5aee1db06bcda724589ef3d75796bbc9a13abc74e5533b4b06315e5
72bb073808a89194c0d30db9f290a41c55a69567815dd0efcb55dc59dd49ba17
75f26e45a5ecd0855668595b59282d650f87bcf6a3eecc078436df6e9ff0904a
767545fe0573d8f6f0b22c67afbe0738ba8cb86f89cbb986429b0ce1afd1e868
777b4b4a083fe36afca14edfa9de06db28dacfe106659598d9c88f576428e2d1
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
77f9a1daae58a71c8f58a083690750198203b29d049e67389859009979d8a8c1
7a8d0a1512a5ecd047a3a9fbb1bdc116de8f6676d580edd9e57867c6fa9bc1bb
7b7263f245cb65f2fa59b99f41a8abd9879cfa1cde9d12a7326bcc3111962808
7da034b7466483840babbef96244488c66aaff1d3caf75815525324194c817e0
7dd84be45fe88777f6353bc5c87a7d431f24eecd2d34c7e696b0db89221e6907
7f3ed53279a8da1ed394cec205e6bcfefa5b5a97509dba76d139f0991c22fca5
7fa26cb73d6d9fe8a70881f90b76deea23af087bfabe86f43b98f6739f0a6622
8126da8bb4af8f970a2acb8640a3c3d7a38bafc2dcbc41fde93fd55473a5de66
812761fecf21584ca20e6872a0fce8719749192b09f8d99f20d7628c24861447
817d7b5ec00b950c718b53fc859bd062eb6ea1f785a55116e72ce61fcfd772e8
82c74d3934bf6786f9b9eea2bf4021f2bf52ebeb7bf238175740da4f458fdc60
84635bb1a39f7457cda6c6fcea210710172839676a6d9abbd4716ac8ed9f886b
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
86943b08e849ab5a8a7357e576b8fedc6ade44e01a5a1bff8d2e110dddd64c06
86fbce59e4f7ec7e30dcea5f3a591c731b2f25988103299857293e45d4be53a2
8bd72d23fabec245757bc6bb991a51f31052fe0c17936bcc4b2da4b18b8f48b6
8ce6e59de59ccc4e45c4798434e1e3885a91f5e7b9d916b5085ba91ea27c29d9
8cf78114dc98e5c4843b6e78e6f34758a7864dbd8d14f1db0f2e8090072f1c17
8d2baa2ac9700bb0c985b7cbe87b96875b87c9291600f4279e3805aa10a1ecd1
8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09
8e3c3fc567e063db25422215fc10b76ee66183dfbf0efb25fbf2a21f2b4a8573
8f069e85fac1a453df0ae1076b40cfad7b0c70ce9dea635f7c38aad900ddf232
8f75181e1a1c64f818084a3ec430594411c68db51959008f6e25da7236a02a7e
90e901fbbc352c09a20013f5e984159ab7373e9695dcc4d3569a589c99a6c67b
90fea27d2574536c9c0e775e725d3d74846d0ea749019a0ff799106b572b756a
9167eb479d1c9dd7fbf4161b1c18dcab7a7a0ce931dc801768d5f83941ea47a4
922dea847dca89758d2c87751a24d057bff5a13e08e16c1ee2c397c57e2b7ca2
9308791f3878ea22e6ac4a7a725cb1999fc9a68ab99292ed40e7e30a6852fba5
9392494b5520552ff58e5340a953485bdb758a5ee0c8f3181f08799ef91fefa6
9484f035f77fcc2a4d231a271e0ba3f8a40dafbf2c1efc5f41f9a95f54a2a613
94bc6474b905706b2f431231534a5f21557716c3be68238a5c7d6f3f5c1a956d
962017c869448ba8bbb8827cc9262ebd51a03b5ac9957aaba7725f79ebf8d056
9826782136f9db8701f781b6abc472cd8d008ad818a4433c0a61a172083913a7
99090b3cc7ed201c2bbd8dcd1e0e4ebf54f6fe8b64f46b9dc4c6bf5345b3f34a
999df1df8580b45ecba301e86bbfe103af61e13331bb8b765c26f47135cb8668
9abf80d3a46582afb816fc2d86bee64132a685e2dc828c7609403d4e6497e1bd
9abff9995a7362f7796c37d841691e11d27d833726af171353c6d270ea7302ec
9b9aaf9bfded485eb830ac86f6d06057dd489fb568e6d399af9c97dc7eace13c
9c556f9d3641830200b35038bf7df0f8485602111032cc186fc35d912dd63eee
9c746eebbd1f5dc683fe46da064c013b83da7821ec65cd410f094bec6ec1c2ac
9c8d3ff1abda25f3c29f8f39f2e3a7ee78888be513dbc59f9d937e4b620cec5e
9db75cf3965907df50e6208dd5ff4f447c8bd15d27c7ae6ae59919f5ef1b9251
9dd31c57dac02a3c721011229fdc35929fe0357084df22665ec9d26bba15657b
9e8391b622ec62d449bc2aed30c562965ce8e2054a3374d6f149d0a156de9eaa
a1780064eef819131bf6edccdc1d109d19f7be03b5aad25894b38b10bb07f66a
a17ed2829e19ecd0a8c2cbb9a3bb66cc12e110ad475b53256f02f65f152019b6
a27b51f0f695fb3a45828855e1c3699fbbbd6f2423c6be13380649dc2d46b052
a29a29f34ab64d13ec7d58ccaa268bb7fa78352a9882152d77c4e564af4802ab
a3b7067f00f9a2ac16d847bc12270871523004cf1ac09aa959d0df310070000a
a3d6ad566eff7329a1f1b293b25c4bde551fc98d4e374d5745bf33cf89f83b0d
a464066e4d7f19defe2fdec4add2db9276892a8a9679f2a08893c7db36bf4226
a4922f420187a455fddadbc388406730eaa05aa0af6ff518664a480cd63a049c
a51a6b9505b330a7ba17f38a926ef0382f5d2ca1c957ad4e2975f06aa2352f70
a5bcfacf11a89f363734256b946a65eedb58358f2c41ccd698ce47c2206aba42
a5c1fe0cf0dc326bf798af85d26479ef0107349ffb18dc26f200eaaa5249ecc8
a6972c49e66fe3c5026a1a1e26a06c49995cec36fc522cb56461f5cf0b2b2978
a73c999d28afd2be114b8c3c0de7c8fc46d07f92213320673f542421aafc149d
a84988fac295b57795e8ca8688cac10195c471c7972e0cc78b50fbf881c09ca8
a894750a0d7f13755770ebda4cd08d29327207a2a3ff714525cbf6627009590b
a920c91de5db43e6f6634e5f757541141a31117fd881c848647671fbda83602b
a960c7b4dd3b532e4c31e866e1236bed2ab577a91ed4d2bd255feb0d18631572
ac42cf20760d5b0f71be7a0391c76020002aa1dcfc75bae782360bf2761db29f
ad40069c50336f51ed1022399d18699ea8760b52fc24ec9b85209f0d3c9bd8ec
afdc79461c1c0d89f26dec49f951fd5a0c2c09e52802155c85ed03105482d93d
b016f0834f6fe219f0a3483029b57170b8b4ff9841b0224d5325b7f8cee1e6f1
b048e87cf82ab73e27b97c3cc5a1568c90089086960978b2a397b0d1408f884e
b130968080fe103320d11b55daf5ae90350ae43b50068b48d868b527f01ba021
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2b00ea70ff88002089f5bd888e13f4718e7802d8a650ae2c3a5b38dee0a9f69
b2ef79fd7b05000bfb5c0175224fbd3a5428baccc438a8eddef4a52745751b3d
b3a9ee0f5208f23756bd32b359464f961eb4a600ecd50c96a08626458789eb9d
b5a60a7fff5518b6f07c00d792f50771c5a87d0a876aa533fabfe8890b6cab95
b92490f0e08edd6e7b5e9704b1208cb9124eeac94841dda895b0dff4854ac956
ba0dedf013a3fc91964b0077e9c9e8eaf12d1f5f0d112a72fa4d0d30af2def0a
ba7ee0f420d8ea6e8751036a7a6693404676c9e63d66e6eaa2dd352f46d9883f
bb8316121ab1fb502d56b1f8ce3fc3c7047447626255820a01cbedd807363b6b
bbbfe8fb0d69e7b4f1b5d9df7c81c575682e31076bb6a1ae0c3bbdf3251195bd
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
bcf610c3f2222699d45638201a33934e6a07f37ea5effeb32add9ea6974b3e5f
bd3371cdc79f60cdd3b435f3b8dd3de44e37cb3636e6e193235b87386624652a
bf716415316dfa68c5165f5c7a4675b81e4952421cba07b7c1cd578f0d09971f
c19cec2f3dea3367716a38b3abbbb6365239c7b9223ac60943534a7c91b7cb75
c1dd93cc3f1638f369af566115ae74546e64bdafc4319d9853b5c15a3d3f4970
c1ee48fdc9c11e6866e86ddc8c850aceff697a6e0b1ee20f1dd2d1877b3c66cd
c2d4a0ba4bd90583967154316491cad9ab4b5768e37efa6042049a2b226067ab
c3568c5c92de21fb413e3ff90c16a2e8b61dfb67477b519e04881199607316f2
c405c62ad6f8efd7f31255ec0866937b3632a33cda84167ba8fddb4125d77a9e
c469acae439549a62ec68178c3d4e8962d3270f9aa9f293e57d59cf863d15c86
c594a209fcffcfcfa1e70062f7e7ead35bbd20b78e18f1c0d6e8e2ef2de8256e
c5cd4c551b992a7ddb0f6e020a5fc918a416bf587b954d7ec9bbaf537dd587d2
c745a6114bddb356770c22a8dce7861cff4a1502a81ff222fac8c21efb6b2f85
c77f75f30b8fe3e4a803cb54aed45d1f12f364a03b221240cd77a0abbff6a2ca
c78bc090b97cab3c5ec5d6700f4eeed3d08abeb910b3f057384d9c9e555a9f5f
c7dc8b0d0933d7837b3df7d28197f4d2f502b06638ea3bbb1bd7e1ec94cafa9d
c886b882ceb4e5bbdba54ec96c459c371a659df92f49074172c9bc57f43b3f76
cbc518db79208c036d06d29203d4e29dbcb8086dca232f4e2c0a00d13f6118fb
cc6f944ee53b7874d4811c2365cb731b1c48a71fc99a28b9dd592c96a4a05bdb
cd958ce4bef457ecd2d75a4980a792c72a39b2ad04edfab9db41e49ff4350244
ceb3a4d76bb48c8327d82eeba9946114a5dd980d44aa339001493375199c898a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d01e5e19fc6662b5598386d8a6368e5ba3ff7d9ddc57e43aad766faf24ac7068
d0837e1d9531e45205299c505173d4e16ac60a1903b0bd951e2b807a72b031ed
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0f7c1ea8c0452b0c347c2f5949f8e9ab0936a255ce7615f22979280d60e50a0
d110981142c4eed17687001dbc7ec6be3346f43d45f205afa0274ec791308ee5
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d323fec68985c079963ffe8b65f8abf4428940b03a97295e0e4eaa1299f95315
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d5411a7ffd764c2db252c2f5d464c5adefef40b9338ee46f2b3a3e43ac61db48
d5cfeb60d30441933afb2549dec0cce68fd3a24e26401d54013358a0fa1a158a
d62bb6bc3b26e9fd848bb277f71be2a35001d7c07f41cc2012655cefd1119f39
d7427f226caa0100b63c9e234e09acb809896a493126bc9847fc5331f80c7dcb
dbf62b3d96ab46c2c2c67edec16aca51b6534f8996b6bd8b64182bace59058a7
de312c4f4483ba2587917528e7218274b0363fc71a4212467cf41ea5c8a8c286
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de90e56c63d2b963ccc54a00aba3ce82287605c37544a2a43b5a5f2fea65570c
df2891b4f41145bb4e71719541ae314e9c165613fd3c370108e36a93e71b2970
df4d980f258ec33f11d956d8997dd6dffd074509e43884e99f01ab829868d1a3
e07224f1f0b0cd61cba9e38292bb340d553bbaa9a35060f1a194166b53982390
e09640705202c275bf9e6e88c9ad5e83a989bd3868721d643f1932bd4875750a
e136ab2c75ae90f9338087e38c15ad5b2d67e883b5e0647f11b71a10a43713c1
e17ef9c7a2b314b65694fcd9975dcc8172f7ead620f5b17441f8f393d69911c4
e18a7dc11519275300b8ad7ed22326c69d0143ace71b01b990ff3a62ab214121
e1f61e9ba17a692d70e92eae847d1ed6133faa72178e5204a30e2c5a298fd1b6
e37e0394ab43e6c9290de01c8b0ebdad8aab18230215211e6d84129de22f3bac
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ae17cf17d15572dffa5f0e3c6d81f7f2c391aaaf502859073f0e14d7c0a9d6
e631f1c56b5510adac402270a3a80f7167fa6638124ed750ce16c744a5c1dadf
e74fc9882fd1b046474630282635991e5aa59cb761302f13d7a304c1a3bae89b
eb62b2b321adf59e57b4fe1ac5e1fdcaf7ab8efed640a528c0bb0ab15ab09289
ec39b01c46403315b367713b3d38cc5d6ca4375401e0d39e7b38c435fc8327ff
ed0db7069f82e411f3927a349141d8ef3b878250fe9d6d0ec9d4c96b5a406362
ed50bca7a585b81c0b9573ce8f238b0c5dc249779cfe93390a1bddf8a64f1e7b
ed5e2209eaeee4c47803e365b281dccb2500fa9f62948dc748674a026f885e12
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
efc3a7ac965ff7be8e6d03a67307eecd8b48a564a98dfd853fe03a8e1d702f78
f03395cf944cf755a4be137fb7d0f1d5da26c52ac33fab166b2a3f17b0bf80a5
f07dc3bb776dedc5385377c3b7cd96499a67a41aed91ff11d3a03571daf94a06
f0e432fe6c86105fd5d8d07877aab0ca1cac7559abe56ea3ef28e3d3b328f6ea
f0fe7e69e970311a87c3b57b217e6fc19f0a65b25813ad64426169712f61e402
f24e10919a1f2cc958f78a95f5980b701a7348bf067c2f063823a4efb4184b90
f3e3353bd01e767ff59da7875dc275115913898a536f5542349fcce15b66a48b
f483a1933a571853edb373ea40fbd8b18d8cd0de0d9f76e9467141da414fcc92
f4aaa18c55c90588c5e828e56dcc6b2cb0acf9a4280494c7d1a53fc5e3669112
f63ef78fcc7646c3c5ccf1596cdaa893120f8f417924707d1b7816be1fabff91
f6bf19b5ed465a9615ef995927db1b5c52bf952476110c52ed39dec63b96dd86
f8cad28ce143fab883fb3bf04b6ed87e7de84102b2b44c86a60804f82bac8580
f8d376e82a994285cc5382ac74d502fa36b999572b352c1a5438026e18a50f79
f927c2faf7ebe9fe3e39e541b98c715c285069883b498f2ebe045cc08550f2cf
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fd2cd8ef74975ca9c35d691765ff028c6f91410a5d426d36c9aa439cfa893be8
fd64ae157392a9241b2102acdf063d837b1c44ec39ae259dc32c2c215df57f9c
ff4460fccd65e471cf1af46da8c20b5d14e88cce41a1199cf6932dcc0faf6354

cytuk.qrehans.com Open in urlscan Pro 188.114.97.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

288 Requests

95 %HTTPS

40 %IPv6

28 Domains

57 Subdomains

48 IPs

7 Countries

7432 kBTransfer

14946 kBSize

34 Cookies

51 Outgoing links

Redirected requests

288 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 65 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

cytuk.qrehans.com Open in urlscan Pro
188.114.97.3 Public Scan

Screenshot
Live screenshot

Full Image

288
Requests

95 %
HTTPS

40 %
IPv6

28
Domains

57
Subdomains

48
IPs

7
Countries

7432 kB
Transfer

14946 kB
Size

34
Cookies

288 HTTP transactions
65 data transactions