newnationnews.org Open in urlscan Pro
2606:4700:3033::681f:4a0a Public Scan

Go To Rescan
Add Verdict Report

URL:
https://newnationnews.org/w2/dgme-employee-access-w2-4600264
Submission: On April 13 via manual (April 13th 2020, 3:44:32 pm UTC) from US

Summary HTTP 45 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 14 IPs in 5 countries across 13 domains to perform 45 HTTP transactions. The main IP is 2606:4700:3033::681f:4a0a, located in United States and belongs to CLOUDFLARENET, US. The main domain is newnationnews.org.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on February 6th 2020. Valid for: 8 months.

This is the only time newnationnews.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	2606:4700:303... 2606:4700:3033::681f:4a0a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:2a	20446 (HIGHWINDS3) (HIGHWINDS3)
4	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	198.27.80.143 198.27.80.143	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:303... 2606:4700:3036::6818:7dee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:821::2001	15169 (GOOGLE) (GOOGLE)
45	14

14 2606:4700:3033::681f:4a0a (United States)

ASN13335 (CLOUDFLARENET, US)

newnationnews.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

chart.apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.27.80.143 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns558056.ip-198-27-80.net

sstatic1.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6818:7dee (United States)

ASN13335 (CLOUDFLARENET, US)

trackings.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	newnationnews.org newnationnews.org	89 KB
7	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	131 KB
5	doubleclick.net googleads.g.doubleclick.net
4	google.com chart.apis.google.com adservice.google.com	7 KB
3	gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn3.gstatic.com fonts.gstatic.com	16 KB
2	facebook.net connect.facebook.net	115 KB
2	twitter.com platform.twitter.com	29 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	33 KB
2	googleapis.com fonts.googleapis.com	1 KB
1	trackings.top trackings.top
1	googletagservices.com www.googletagservices.com	28 KB
1	google.de adservice.google.de	171 B
1	histats.com sstatic1.histats.com	300 B
45	13

	Domain	Requested by
14	newnationnews.org	newnationnews.org
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com
5	pagead2.googlesyndication.com	newnationnews.org pagead2.googlesyndication.com
3	chart.apis.google.com	newnationnews.org
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	connect.facebook.net	newnationnews.org connect.facebook.net
2	platform.twitter.com	newnationnews.org platform.twitter.com
2	maxcdn.bootstrapcdn.com	newnationnews.org
2	fonts.googleapis.com	newnationnews.org
1	trackings.top	newnationnews.org
1	www.googletagservices.com	pagead2.googlesyndication.com
1	fonts.gstatic.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	sstatic1.histats.com	newnationnews.org
1	encrypted-tbn3.gstatic.com	newnationnews.org
1	encrypted-tbn1.gstatic.com	newnationnews.org
45	17

This site contains links to these domains. Also see Links.

Domain
www.google.iq

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-02-06` - `2020-10-09`	8 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
*.apis.google.com GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2019-11-12` - `2020-11-18`	a year	crt.sh
histats.com Let's Encrypt Authority X3	`2020-03-25` - `2020-06-23`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-03-01` - `2020-05-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
Frame ID: 6D14AD8673934840AA74000383F500CE
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200406/r20190131/zrt_lookup.html
Frame ID: A1D9D4EC0477CC53CCAD9A7F5DAB4417
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2133209650219680&output=html&adk=1812271804&adf=3025194257&lmt=1586792652&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fnewnationnews.org%2Fw2%2Fdgme-employee-access-w2-4600264&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1586792652405&bpp=15&bdt=53&fdt=83&idt=83&shv=r20200406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5432421086725&frm=20&pv=2&ga_vid=1198498578.1586792653&ga_sid=1586792653&ga_hid=2123517574&ga_fc=0&iag=0&icsg=47806&dssz=11&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065475%2C42530312%2C26835106&oid=3&pvsid=2602480642889953&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=104
Frame ID: 6104052BCA0C9CB10E23A5A8628FFA3D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2133209650219680&output=html&h=280&slotname=4577189050&adk=2885498329&adf=1859508161&w=767&fwrn=4&fwrnh=100&lmt=1586792652&rafmt=3&psa=0&guci=1.2.0.0.2.2.0.0&format=767x280&url=https%3A%2F%2Fnewnationnews.org%2Fw2%2Fdgme-employee-access-w2-4600264&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&adsid=NT&dt=1586792652537&bpp=17&bdt=185&fdt=17&idt=17&shv=r20200406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5432421086725&frm=20&pv=1&ga_vid=1198498578.1586792653&ga_sid=1586792653&ga_hid=2123517574&ga_fc=0&iag=0&icsg=715514&dssz=14&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=229&ady=1876&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065475%2C42530312%2C26835106&oid=3&pvsid=2602480642889953&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=5avQTrqubl&p=https%3A//newnationnews.org&dtd=25
Frame ID: 59C7692362A2D0300C9A6A576353A8A3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2133209650219680&output=html&h=280&slotname=4577189050&adk=2885498329&adf=2680982070&w=767&fwrn=4&fwrnh=100&lmt=1586792652&rafmt=3&psa=0&guci=1.2.0.0.2.2.0.0&format=767x280&url=https%3A%2F%2Fnewnationnews.org%2Fw2%2Fdgme-employee-access-w2-4600264&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&adsid=NT&dt=1586792652465&bpp=16&bdt=113&fdt=110&idt=110&shv=r20200406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C767x280&nras=1&correlator=5432421086725&frm=20&pv=1&ga_vid=1198498578.1586792653&ga_sid=1586792653&ga_hid=2123517574&ga_fc=0&iag=0&icsg=715514&dssz=14&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=229&ady=147&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065475%2C42530312%2C26835106&oid=3&pvsid=2602480642889953&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=1&uci=a!1&fsb=1&xpc=PASTy6EAu7&p=https%3A//newnationnews.org&dtd=115
Frame ID: 53C711F4100A641F6A80DEE0994BF40F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2133209650219680&output=html&h=600&slotname=4577189050&adk=1483046637&adf=351969766&w=300&fwrn=4&fwrnh=100&lmt=1586792652&rafmt=4&psa=0&guci=1.2.0.0.2.2.0.0&format=300x600&url=https%3A%2F%2Fnewnationnews.org%2Fw2%2Fdgme-employee-access-w2-4600264&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1586792652589&bpp=4&bdt=238&fdt=4&idt=4&shv=r20200406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C767x280%2C767x280&nras=1&correlator=5432421086725&frm=20&pv=1&ga_vid=1198498578.1586792653&ga_sid=1586792653&ga_hid=2123517574&ga_fc=0&iag=0&icsg=2862058&dssz=16&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1032&ady=1309&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065475%2C42530312%2C26835106&oid=3&pvsid=2602480642889953&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=bgOmjlHR9m&p=https%3A//newnationnews.org&dtd=7
Frame ID: F658648C340C8825D625CA1CB4BBCF9F
Requests: 1 HTTP requests in this frame

Frame: https://trackings.top/?utm_source=newnationnews.org&utm_medium=organic-search&utm_term=&utm_campaign=dgme-employee-access-w2-4600264
Frame ID: 1125FE77219D73C3002DF5A361A2F308
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.6787510241df65d128e2b60207ad4c25.html?origin=https%3A%2F%2Fnewnationnews.org
Frame ID: 6E710EFB0473329703A9B737A145B96F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 1D2B8059AEF83A13EF551962DD356D2E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

45
Requests

100 %
HTTPS

93 %
IPv6

13
Domains

17
Subdomains

14
IPs

5
Countries

449 kB
Transfer

1370 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.google.iq/url?q=https://us.socialdc.org/packet/dollar-general-employment-center-new-hire-packet-6240420
Title: w2

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request dgme-employee-access-w2-4600264 Show response
newnationnews.org/w2/ 30 KB
7 KB 473ms
427ms Document
text/html 2606:4700:3033::681f:4a0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:4a0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.35
Resource Hash: 8d83f3a8d198edba0071c9a3661ef73ffe4c580c6c08b145ecec836197187cdf

Request headers

:method: GET
:authority: newnationnews.org
:scheme: https
:path: /w2/dgme-employee-access-w2-4600264
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Mon, 13 Apr 2020 15:44:12 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=df0183221294ba2546caec3a2e46993031586792651; expires=Wed, 13-May-20 15:44:11 GMT; path=/; domain=.newnationnews.org; HttpOnly; SameSite=Lax
vary: Accept-Encoding
x-powered-by: PHP/5.6.35
link: <https://newnationnews.org/wp-json/>; rel="https://api.w.org/" <https://newnationnews.org/?p=11>; rel=shortlink
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 58364e9a7fa664e5-FRA
content-encoding: br

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 108 KB
39 KB 27ms
21ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: newnationnews.org
URL: https://newnationnews.org/w2/dgme-employee-access-w2-4600264

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce37e7f8c6a4c89cfdcf052dddb45e423295c90d0db72c430630ae8ce9b7c424

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 13 Apr 2020 15:44:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 39625
x-xss-protection: 0
server: cafe
etag: 6030511940536498671
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 13 Apr 2020 15:44:12 GMT

GET
H2 200 dashicons.min.css
newnationnews.org/wp-includes/css/ 45 KB
28 KB 20ms
16ms Stylesheet
text/css 2606:4700:3033::681f:4a0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newnationnews.org/wp-includes/css/dashicons.min.css?ver=4.9.10
Requested by: Host: newnationnews.org
URL: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:4a0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0df2ff25fded9e43a0cfa5159393d4482725bfb390e8ca94f34da85b5304117

Request headers

Referer: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 13 Apr 2020 15:44:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 06 Aug 2018 21:36:56 GMT
server: cloudflare
age: 5865
etag: W/"b1a1206-b518-572cb13994565"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 58364e9d397264e5-FRA

GET
H2 200 css
fonts.googleapis.com/ 2 KB
546 B 19ms
14ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway%3A400%2C700&ver=3.1.15

Requested by

Host: newnationnews.org
URL: https://newnationnews.org/w2/dgme-employee-access-w2-4600264

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

84ef1175854e5116158d8db078706e87896136f97aed314d8ad2a2e6f1f36e58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 13 Apr 2020 15:44:12 GMT
server: ESF
date: Mon, 13 Apr 2020 15:44:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Apr 2020 15:44:12 GMT

GET
H2 200 pagenavi-css.css
newnationnews.org/wp-content/themes/bootstrap/ 237 B
251 B 18ms
13ms Stylesheet
text/css 2606:4700:3033::681f:4a0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newnationnews.org/wp-content/themes/bootstrap/pagenavi-css.css?ver=3.1.15
Requested by: Host: newnationnews.org
URL: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:4a0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd517806b5264970918842cfadee40447b8a9d515ad19f7a3389ced872e8202f

Request headers

Referer: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 13 Apr 2020 15:44:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 18 Mar 2019 05:48:12 GMT
server: cloudflare
age: 5865
etag: W/"c260862-ed-58457ef197f00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 58364e9d397464e5-FRA

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ 141 KB
20 KB 40ms
8ms Stylesheet
text/css 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css?ver=4.9.10

Requested by

Host: newnationnews.org
URL: https://newnationnews.org/w2/dgme-employee-access-w2-4600264

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 13 Apr 2020 15:44:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:34:10 GMT
status: 200
etag: "1544639650"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 20563

GET
H2 200 style.css
newnationnews.org/wp-content/themes/bootstrap/ 40 KB
8 KB 23ms
19ms Stylesheet
text/css 2606:4700:3033::681f:4a0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newnationnews.org/wp-content/themes/bootstrap/style.css?ver=3.1.15
Requested by: Host: newnationnews.org
URL: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:4a0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd26bcff40e65cd60c0eaf3473377f893ac66516958e23919d3734a818160a62

Request headers

Referer: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 13 Apr 2020 15:44:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 26 Aug 2019 01:21:53 GMT
server: cloudflare
age: 5865
etag: W/"c260856-9ed6-590fafb20ae40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 58364e9d397564e5-FRA

GET
H2 200 jquery.js Show response
newnationnews.org/wp-includes/js/jquery/ 95 KB
32 KB 28ms
24ms Script
text/javascript 2606:4700:3033::681f:4a0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newnationnews.org/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by: Host: newnationnews.org
URL: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:4a0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

Request headers

Referer: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 13 Apr 2020 15:44:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 06 Aug 2018 21:36:56 GMT
server: cloudflare
age: 5865
etag: W/"b1a13d2-17ba0-572cb1399a325"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=14400
cf-ray: 58364e9d397664e5-FRA

GET
H2 200 jquery-migrate.min.js Show response
newnationnews.org/wp-includes/js/jquery/ 10 KB
4 KB 21ms
16ms Script
text/javascript 2606:4700:3033::681f:4a0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newnationnews.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: newnationnews.org
URL: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:4a0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 13 Apr 2020 15:44:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 06 Aug 2018 21:36:56 GMT
server: cloudflare
age: 5865
etag: W/"b1a13cc-2748-572cb1399a325"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=14400
cf-ray: 58364e9d397764e5-FRA

GET
H2 200 chart
chart.apis.google.com/ 2 KB
2 KB 13ms
10ms Image
image/png 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chart.apis.google.com/chart?cht=qr&chs=300x300&chl=https%3A%2F%2Fnewnationnews.org%2Faccess%2Fdg-me-employee-access-2288042&chld=H|0

Requested by

Host: newnationnews.org
URL: https://newnationnews.org/w2/dgme-employee-access-w2-4600264

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GoogleChartAPI/1.0 /

Resource Hash

e4fdd0bcb54252c413625e05d4d0b06b7f6a34e70114f89a2bd465e7e9e4f1a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 13 Apr 2020 15:41:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 02 May 2018 18:35:04 GMT
server: GoogleChartAPI/1.0
age: 145
status: 200
x-frame-options: ALLOWALL
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 2080
x-xss-protection: 1; mode=block
expires: Tue, 14 Apr 2020 15:41:47 GMT

GET
H2 200 chart
chart.apis.google.com/ 2 KB
2 KB 10ms
7ms Image
image/png 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chart.apis.google.com/chart?cht=qr&chs=300x300&chl=https%3A%2F%2Fnewnationnews.org%2Femployees%2F2-and-form-1099-guide-for-employees-6464846&chld=H|0

Requested by

Host: newnationnews.org
URL: https://newnationnews.org/w2/dgme-employee-access-w2-4600264

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GoogleChartAPI/1.0 /

Resource Hash

264ab0cec54da9650341480257751ef2efa9316fb471ce4a480d8799a1168de9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 13 Apr 2020 15:41:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 02 May 2018 18:35:04 GMT
server: GoogleChartAPI/1.0
age: 145
status: 200
x-frame-options: ALLOWALL
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 2289
x-xss-protection: 1; mode=block
expires: Tue, 14 Apr 2020 15:41:47 GMT

GET
H2 200 chart
chart.apis.google.com/ 2 KB
2 KB 10ms
6ms Image
image/png 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chart.apis.google.com/chart?cht=qr&chs=300x300&chl=https%3A%2F%2Fnewnationnews.org%2Ftermination%2Fpaystub-access-after-termination-6668446&chld=H|0

Requested by

Host: newnationnews.org
URL: https://newnationnews.org/w2/dgme-employee-access-w2-4600264

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GoogleChartAPI/1.0 /

Resource Hash

7600dd96c92294f58eb2454da0b2fa6a24003523da52f588a7acdbb9fde3288f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 13 Apr 2020 15:41:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 02 May 2018 18:35:04 GMT
server: GoogleChartAPI/1.0
age: 145
status: 200
x-frame-options: ALLOWALL
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 2254
x-xss-protection: 1; mode=block
expires: Tue, 14 Apr 2020 15:41:47 GMT

GET
H2 200 images
encrypted-tbn1.gstatic.com/ 1 KB
2 KB 17ms
14ms Image
image/jpeg 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/images?q=tbn:ANd9GcRQGwKxmBzC6dfKE-BF58WVgfVEhntkF7pamhY0ULfM1wUvj_fDfcRQ

Requested by

Host: newnationnews.org
URL: https://newnationnews.org/w2/dgme-employee-access-w2-4600264

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acdb1b4bcb3eaf18eb546e5bdbea76072fd6a1c774d805de91c99ad59881c54e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 13 Apr 2020 15:44:12 GMT
x-content-type-options: nosniff
last-modified: Sat, 17 Mar 2018 12:23:19 GMT
server: sffe
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1403
x-xss-protection: 0
expires: Tue, 13 Apr 2021 15:44:12 GMT

GET
H2 200 images
encrypted-tbn3.gstatic.com/ 3 KB
3 KB 41ms
11ms Image
image/png 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/images?q=tbn:ANd9GcSaru0xZCSImb_2UBb5H4T0gYnuaAmUwKMbAnNMjy_5qa_ZPBIsEXL18azu

Requested by

Host: newnationnews.org
URL: https://newnationnews.org/w2/dgme-employee-access-w2-4600264

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9d911cdda33acc60561a17ea188cd657bdc2ae4f3210b2e2c7fe77811cab332

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 13 Apr 2020 15:44:12 GMT
x-content-type-options: nosniff
last-modified: Sat, 22 Jun 2019 04:24:57 GMT
server: sffe
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 3061
x-xss-protection: 0
expires: Tue, 13 Apr 2021 15:44:12 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 8ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: newnationnews.org
URL: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40D4) /
Resource Hash: deb392febab4850ea24bd8516eed1b897991977ad63904261b9ffb21ccc66a4b

Request headers

Referer: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 13 Apr 2020 15:44:12 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Apr 2020 20:48:50 GMT
Server: ECS (fcn/40D4)
Age: 861
Etag: "bfee88d079c2668aea5525e2d719ba90+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 29121

GET
H/1.1 200
OK 0.gif
sstatic1.histats.com/ 43 B
300 B 637ms
219ms Image
image/gif 198.27.80.143
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sstatic1.histats.com/0.gif?4128955&101
Requested by: Host: newnationnews.org
URL: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.27.80.143 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns558056.ip-198-27-80.net
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 13 Apr 2020 15:44:12 GMT
Connection: close
Content-Length: 43
Content-Type: image/gif

GET
H2 200 jquery.matchHeight.min.js Show response
newnationnews.org/wp-content/themes/bootstrap/js/ 5 KB
1 KB 22ms
18ms Script
text/javascript 2606:4700:3033::681f:4a0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newnationnews.org/wp-content/themes/bootstrap/js/jquery.matchHeight.min.js?ver=3.1.15
Requested by: Host: newnationnews.org
URL: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:4a0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1eef99e75c032088c9f4fc2ae1741f6e6b21405d0d4562aa82fce3be22516853

Request headers

Referer: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 13 Apr 2020 15:44:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 06 Aug 2018 21:36:56 GMT
server: cloudflare
age: 5865
etag: W/"c260873-1345-572cb139c0485"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=14400
cf-ray: 58364e9d397864e5-FRA

GET
H2 200 global.js Show response
newnationnews.org/wp-content/themes/bootstrap/js/ 183 B
208 B 21ms
17ms Script
text/javascript 2606:4700:3033::681f:4a0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newnationnews.org/wp-content/themes/bootstrap/js/global.js?ver=3.1.15
Requested by: Host: newnationnews.org
URL: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:4a0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c991baf42b8aef13175ef60fc32c9b929a54f2529f400d941d6a744da3d6d64

Request headers

Referer: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 13 Apr 2020 15:44:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 06 Aug 2018 21:36:56 GMT
server: cloudflare
age: 5865
etag: W/"c260874-b7-572cb139c0485"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=14400
cf-ray: 58364e9d397964e5-FRA

GET
H2 200 responsive-menus.min.js Show response
newnationnews.org/wp-content/themes/bootstrap/js/ 4 KB
1 KB 23ms
19ms Script
text/javascript 2606:4700:3033::681f:4a0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newnationnews.org/wp-content/themes/bootstrap/js/responsive-menus.min.js?ver=3.1.15
Requested by: Host: newnationnews.org
URL: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:4a0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce0e81b6a3315a2bc4da2c35329f773884b8c7a8896070c590af3462951e0a2a

Request headers

Referer: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 13 Apr 2020 15:44:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 06 Aug 2018 21:36:56 GMT
server: cloudflare
age: 5865
etag: W/"c260872-e5c-572cb139c0485"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=14400
cf-ray: 58364e9d397a64e5-FRA

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 48 KB
13 KB 39ms
9ms Script
text/javascript 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js?ver=3.1.15

Requested by

Host: newnationnews.org
URL: https://newnationnews.org/w2/dgme-employee-access-w2-4600264

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 13 Apr 2020 15:44:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:33:52 GMT
status: 200
etag: "1544639632"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 13105

GET
H2 200 hoverIntent.min.js Show response
newnationnews.org/wp-includes/js/ 1 KB
514 B 23ms
20ms Script
text/javascript 2606:4700:3033::681f:4a0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newnationnews.org/wp-includes/js/hoverIntent.min.js?ver=1.8.1
Requested by: Host: newnationnews.org
URL: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:4a0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0df99d896f6b409b47703361145068963f76a08b8d49d4053a9f6d11628f9ef

Request headers

Referer: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 13 Apr 2020 15:44:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 06 Aug 2018 21:36:56 GMT
server: cloudflare
age: 5865
etag: W/"b1a1401-45b-572cb1399a325"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=14400
cf-ray: 58364e9d397b64e5-FRA

GET
H2 200 superfish.min.js Show response
newnationnews.org/wp-content/themes/genesis/lib/js/menu/ 5 KB
2 KB 20ms
17ms Script
text/javascript 2606:4700:3033::681f:4a0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newnationnews.org/wp-content/themes/genesis/lib/js/menu/superfish.min.js?ver=1.7.5
Requested by: Host: newnationnews.org
URL: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:4a0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68f2b0a3381830c544349d5df116c2b96ba1d8efa46cf0c15e3a130d91bf6ab4

Request headers

Referer: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 13 Apr 2020 15:44:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 06 Aug 2018 21:36:56 GMT
server: cloudflare
age: 5865
etag: W/"b1c04c7-13ae-572cb139c3365"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=14400
cf-ray: 58364e9d397c64e5-FRA

GET
H2 200 superfish.args.min.js Show response
newnationnews.org/wp-content/themes/genesis/lib/js/menu/ 132 B
182 B 21ms
17ms Script
text/javascript 2606:4700:3033::681f:4a0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newnationnews.org/wp-content/themes/genesis/lib/js/menu/superfish.args.min.js?ver=2.6.1
Requested by: Host: newnationnews.org
URL: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:4a0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20550f7bcb2a817ac9a5879e04260da8268e971c0b8031a6b7a2f48a55ee60d5

Request headers

Referer: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 13 Apr 2020 15:44:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 06 Aug 2018 21:36:56 GMT
server: cloudflare
age: 5865
etag: W/"b1c04c4-84-572cb139c3365"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=14400
cf-ray: 58364e9d397d64e5-FRA

GET
H2 200 skip-links.min.js Show response
newnationnews.org/wp-content/themes/genesis/lib/js/ 344 B
255 B 31ms
27ms Script
text/javascript 2606:4700:3033::681f:4a0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newnationnews.org/wp-content/themes/genesis/lib/js/skip-links.min.js?ver=2.6.1
Requested by: Host: newnationnews.org
URL: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:4a0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0556982c2b3cf8fc78bc3d5d3c1e98b7861a0a8150ef7ecf2f3c7a733e4e0cf8

Request headers

Referer: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 13 Apr 2020 15:44:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 06 Aug 2018 21:36:56 GMT
server: cloudflare
age: 5865
etag: W/"b1c04cb-158-572cb139c3365"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=14400
cf-ray: 58364e9d397e64e5-FRA

GET
H2 200 wp-emoji-release.min.js Show response
newnationnews.org/wp-includes/js/ 12 KB
4 KB 73ms
66ms Script
text/javascript 2606:4700:3033::681f:4a0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newnationnews.org/wp-includes/js/wp-emoji-release.min.js?ver=4.9.10
Requested by: Host: newnationnews.org
URL: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:4a0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5

Request headers

Referer: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 13 Apr 2020 15:44:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 06 Aug 2018 21:36:56 GMT
server: cloudflare
age: 5865
etag: W/"b1a1405-2efa-572cb1399b2c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=14400
cf-ray: 58364e9d699964e5-FRA

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 18ms
17ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=newnationnews.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Apr 2020 15:44:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 19ms
18ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=newnationnews.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Apr 2020 15:44:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200406/r20190131/ 215 KB
81 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200406/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ce8e9e137ee6f76fc6b9d1be5e70fdc9b354a976607081d0987c4ff05243369

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 13 Apr 2020 15:44:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 82826
x-xss-protection: 0
server: cafe
etag: 8787963883823995547
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Apr 2020 15:44:12 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200406/r20190131/ Frame A1D9 0
0 6ms
5ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200406/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200406/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://newnationnews.org/w2/dgme-employee-access-w2-4600264

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Sat, 11 Apr 2020 11:48:13 GMT
expires: Sat, 25 Apr 2020 11:48:13 GMT
content-type: text/html; charset=UTF-8
etag: 1284906565632978074
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4913
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 186959
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 css
fonts.googleapis.com/ 2 KB
632 B 21ms
21ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto&display=swap

Requested by

Host: newnationnews.org
URL: https://newnationnews.org/w2/dgme-employee-access-w2-4600264

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

00d4fbacbadc6ecbd73be323ec77febf3d856ce00dc5334d06462a315c7da8e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 13 Apr 2020 15:44:12 GMT
server: ESF
date: Mon, 13 Apr 2020 15:44:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Apr 2020 15:44:12 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto&display=swap
Origin: https://newnationnews.org

Response headers

date: Wed, 01 Apr 2020 18:22:23 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 1027309
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 11016
x-xss-protection: 0
expires: Thu, 01 Apr 2021 18:22:23 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 6104 0
0 64ms
64ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2133209650219680&output=html&adk=1812271804&adf=3025194257&lmt=1586792652&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fnewnationnews.org%2Fw2%2Fdgme-employee-access-w2-4600264&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1586792652405&bpp=15&bdt=53&fdt=83&idt=83&shv=r20200406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5432421086725&frm=20&pv=2&ga_vid=1198498578.1586792653&ga_sid=1586792653&ga_hid=2123517574&ga_fc=0&iag=0&icsg=47806&dssz=11&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065475%2C42530312%2C26835106&oid=3&pvsid=2602480642889953&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=104

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200406/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2133209650219680&output=html&adk=1812271804&adf=3025194257&lmt=1586792652&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fnewnationnews.org%2Fw2%2Fdgme-employee-access-w2-4600264&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1586792652405&bpp=15&bdt=53&fdt=83&idt=83&shv=r20200406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5432421086725&frm=20&pv=2&ga_vid=1198498578.1586792653&ga_sid=1586792653&ga_hid=2123517574&ga_fc=0&iag=0&icsg=47806&dssz=11&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065475%2C42530312%2C26835106&oid=3&pvsid=2602480642889953&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=104
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://newnationnews.org/w2/dgme-employee-access-w2-4600264

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 13 Apr 2020 15:44:12 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 13-Apr-2020 15:59:12 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
expires: Mon, 13 Apr 2020 15:44:12 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200406/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4f6c8facc737d905ab43689582f4ae0f98425a4d28dd3f98a211639a59640ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 13 Apr 2020 15:44:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1586517606126590"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28434
x-xss-protection: 0
expires: Mon, 13 Apr 2020 15:44:12 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 59C7 0
0 168ms
167ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2133209650219680&output=html&h=280&slotname=4577189050&adk=2885498329&adf=1859508161&w=767&fwrn=4&fwrnh=100&lmt=1586792652&rafmt=3&psa=0&guci=1.2.0.0.2.2.0.0&format=767x280&url=https%3A%2F%2Fnewnationnews.org%2Fw2%2Fdgme-employee-access-w2-4600264&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&adsid=NT&dt=1586792652537&bpp=17&bdt=185&fdt=17&idt=17&shv=r20200406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5432421086725&frm=20&pv=1&ga_vid=1198498578.1586792653&ga_sid=1586792653&ga_hid=2123517574&ga_fc=0&iag=0&icsg=715514&dssz=14&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=229&ady=1876&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065475%2C42530312%2C26835106&oid=3&pvsid=2602480642889953&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=5avQTrqubl&p=https%3A//newnationnews.org&dtd=25

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200406/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2133209650219680&output=html&h=280&slotname=4577189050&adk=2885498329&adf=1859508161&w=767&fwrn=4&fwrnh=100&lmt=1586792652&rafmt=3&psa=0&guci=1.2.0.0.2.2.0.0&format=767x280&url=https%3A%2F%2Fnewnationnews.org%2Fw2%2Fdgme-employee-access-w2-4600264&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&adsid=NT&dt=1586792652537&bpp=17&bdt=185&fdt=17&idt=17&shv=r20200406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5432421086725&frm=20&pv=1&ga_vid=1198498578.1586792653&ga_sid=1586792653&ga_hid=2123517574&ga_fc=0&iag=0&icsg=715514&dssz=14&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=229&ady=1876&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065475%2C42530312%2C26835106&oid=3&pvsid=2602480642889953&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=5avQTrqubl&p=https%3A//newnationnews.org&dtd=25
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://newnationnews.org/w2/dgme-employee-access-w2-4600264

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 13 Apr 2020 15:44:12 GMT
server: cafe
content-length: 199
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 13-Apr-2020 15:59:12 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
expires: Mon, 13 Apr 2020 15:44:12 GMT
cache-control: private

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 53C7 0
0 167ms
166ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2133209650219680&output=html&h=280&slotname=4577189050&adk=2885498329&adf=2680982070&w=767&fwrn=4&fwrnh=100&lmt=1586792652&rafmt=3&psa=0&guci=1.2.0.0.2.2.0.0&format=767x280&url=https%3A%2F%2Fnewnationnews.org%2Fw2%2Fdgme-employee-access-w2-4600264&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&adsid=NT&dt=1586792652465&bpp=16&bdt=113&fdt=110&idt=110&shv=r20200406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C767x280&nras=1&correlator=5432421086725&frm=20&pv=1&ga_vid=1198498578.1586792653&ga_sid=1586792653&ga_hid=2123517574&ga_fc=0&iag=0&icsg=715514&dssz=14&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=229&ady=147&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065475%2C42530312%2C26835106&oid=3&pvsid=2602480642889953&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=1&uci=a!1&fsb=1&xpc=PASTy6EAu7&p=https%3A//newnationnews.org&dtd=115

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200406/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2133209650219680&output=html&h=280&slotname=4577189050&adk=2885498329&adf=2680982070&w=767&fwrn=4&fwrnh=100&lmt=1586792652&rafmt=3&psa=0&guci=1.2.0.0.2.2.0.0&format=767x280&url=https%3A%2F%2Fnewnationnews.org%2Fw2%2Fdgme-employee-access-w2-4600264&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&adsid=NT&dt=1586792652465&bpp=16&bdt=113&fdt=110&idt=110&shv=r20200406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C767x280&nras=1&correlator=5432421086725&frm=20&pv=1&ga_vid=1198498578.1586792653&ga_sid=1586792653&ga_hid=2123517574&ga_fc=0&iag=0&icsg=715514&dssz=14&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=229&ady=147&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065475%2C42530312%2C26835106&oid=3&pvsid=2602480642889953&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=1&uci=a!1&fsb=1&xpc=PASTy6EAu7&p=https%3A//newnationnews.org&dtd=115
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://newnationnews.org/w2/dgme-employee-access-w2-4600264

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 13 Apr 2020 15:44:12 GMT
server: cafe
content-length: 200
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 13-Apr-2020 15:59:12 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
expires: Mon, 13 Apr 2020 15:44:12 GMT
cache-control: private

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame F658 0
0 186ms
186ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2133209650219680&output=html&h=600&slotname=4577189050&adk=1483046637&adf=351969766&w=300&fwrn=4&fwrnh=100&lmt=1586792652&rafmt=4&psa=0&guci=1.2.0.0.2.2.0.0&format=300x600&url=https%3A%2F%2Fnewnationnews.org%2Fw2%2Fdgme-employee-access-w2-4600264&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1586792652589&bpp=4&bdt=238&fdt=4&idt=4&shv=r20200406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C767x280%2C767x280&nras=1&correlator=5432421086725&frm=20&pv=1&ga_vid=1198498578.1586792653&ga_sid=1586792653&ga_hid=2123517574&ga_fc=0&iag=0&icsg=2862058&dssz=16&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1032&ady=1309&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065475%2C42530312%2C26835106&oid=3&pvsid=2602480642889953&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=bgOmjlHR9m&p=https%3A//newnationnews.org&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200406/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2133209650219680&output=html&h=600&slotname=4577189050&adk=1483046637&adf=351969766&w=300&fwrn=4&fwrnh=100&lmt=1586792652&rafmt=4&psa=0&guci=1.2.0.0.2.2.0.0&format=300x600&url=https%3A%2F%2Fnewnationnews.org%2Fw2%2Fdgme-employee-access-w2-4600264&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1586792652589&bpp=4&bdt=238&fdt=4&idt=4&shv=r20200406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C767x280%2C767x280&nras=1&correlator=5432421086725&frm=20&pv=1&ga_vid=1198498578.1586792653&ga_sid=1586792653&ga_hid=2123517574&ga_fc=0&iag=0&icsg=2862058&dssz=16&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1032&ady=1309&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065475%2C42530312%2C26835106&oid=3&pvsid=2602480642889953&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=bgOmjlHR9m&p=https%3A//newnationnews.org&dtd=7
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://newnationnews.org/w2/dgme-employee-access-w2-4600264

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 13 Apr 2020 15:44:12 GMT
server: cafe
content-length: 199
x-xss-protection: 0
set-cookie: IDE=AHWqTUmmamQLMIHcrsJ-9y36jUCQfmr8p-1gX_BXIOtfkV4fDMtDRj2Y3UfIpANw; expires=Sat, 08-May-2021 15:44:12 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
expires: Mon, 13 Apr 2020 15:44:12 GMT
cache-control: private

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: newnationnews.org
URL: https://newnationnews.org/w2/dgme-employee-access-w2-4600264

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7102569cc81ff68cd037a495919a379ccae9bae08a64c5498f493d50e60e72b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: T4jt09wF01ZEHU0b7kFIgA==
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 1778
etag: "0f324fb619a9f6358710147c016233ab"
x-fb-debug: BAnya4NjAfQvggOoGrek6kR09hPWFjPhT5hOQTgJLbNOsx9IVPO3umDOUqnKzLD8ezRTeUniPpGrEsQki8kPZQ==
x-fb-trip-id: 420120009
x-fb-content-md5: 419035dd6cbed5c47983059cdb860a13
x-frame-options: DENY
date: Mon, 13 Apr 2020 15:44:12 GMT, Mon, 13 Apr 2020 15:44:12 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 13 Apr 2020 15:50:24 GMT

GET
H2 200 /
trackings.top/ Frame 1125 0
0 610ms
237ms Document
text/html 2606:4700:3036::6818:7dee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trackings.top/?utm_source=newnationnews.org&utm_medium=organic-search&utm_term=&utm_campaign=dgme-employee-access-w2-4600264
Requested by: Host: newnationnews.org
URL: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6818:7dee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.31
Resource Hash

Request headers

:method: GET
:authority: trackings.top
:scheme: https
:path: /?utm_source=newnationnews.org&utm_medium=organic-search&utm_term=&utm_campaign=dgme-employee-access-w2-4600264
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://newnationnews.org/w2/dgme-employee-access-w2-4600264

Response headers

status: 200
date: Mon, 13 Apr 2020 15:44:13 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d237d0ff2c3e11b71cd38e35f8718b8991586792652; expires=Wed, 13-May-20 15:44:12 GMT; path=/; domain=.trackings.top; HttpOnly; SameSite=Lax
vary: Accept-Encoding
x-powered-by: PHP/5.6.31
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 58364ea11ad0979c-FRA
content-encoding: br

GET
H/1.1 200
OK widget_iframe.6787510241df65d128e2b60207ad4c25.html
platform.twitter.com/widgets/ Frame 6E71 0
0 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.6787510241df65d128e2b60207ad4c25.html?origin=https%3A%2F%2Fnewnationnews.org
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40DE) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://newnationnews.org/w2/dgme-employee-access-w2-4600264

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 196200
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 13 Apr 2020 15:44:12 GMT
Etag: "9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified: Tue, 07 Apr 2020 20:47:48 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40DE)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5825

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 390 KB
114 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=b4ef8b950a400a86fa9befe07d10673e&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bb88dd3d8ed26d74f5395263ad92369ffbda97341f563a909a82d6c59a4a2318

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
Origin: https://newnationnews.org

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: k7O/mrqq8iRr8vAs11ssEQ==
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 116044
etag: "07f0cf193c801665717607651b8c273b"
x-fb-debug: 44z0n8ToWZcQf1E4ZGI5TyG4Zs8LYCsrcFI0BlI9IU6UKywc8p634WBIheNUUN+AGrh/l3xX2C0EM5mk0E/QXA==
x-fb-trip-id: 420120009
x-fb-content-md5: 9606b5c2930047cf16da373650173e8b
x-frame-options: DENY
date: Mon, 13 Apr 2020 15:44:12 GMT, Mon, 13 Apr 2020 15:44:12 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Tue, 13 Apr 2021 15:30:24 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
58 B 15ms
14ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ovlp&adf=2680982070&client=ca-pub-2133209650219680&eid=42530312%2C21065475&et=2&io=0&saldr=aa&oa=0.00&qid=CNy5j6Pf5egCFVGxewodnj4CQg&rafmt=3&roa=0&slot=4577189050&sp=0%2C0&tgt=ins%2Faswift_1_expand.0&tr=228.5%2C147%2C995.5%2C427&url=https%3A%2F%2Fnewnationnews.org%2Fw2%2Fdgme-employee-access-w2-4600264&vp=1585x1200

Requested by

Host: newnationnews.org
URL: https://newnationnews.org/w2/dgme-employee-access-w2-4600264

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Apr 2020 15:44:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
5 KB 23ms
23ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200406&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200406/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7858a93a6106cdeb9f8d0aac4cee5b8add375aa6bab837c07ebf06ce31413638

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Apr 2020 15:44:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5188
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
5 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200406/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 13 Apr 2020 15:44:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Mon, 13 Apr 2020 15:44:13 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 1D2B 0
0 6ms
5ms Document
text/html 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://newnationnews.org/w2/dgme-employee-access-w2-4600264

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Mon, 13 Apr 2020 14:44:21 GMT
expires: Tue, 13 Apr 2021 14:44:21 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3592
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
58 B 15ms
14ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200406&jk=2602480642889953&bg=!zs2lzdVYGv1xq3SfPxMCAAAAOVIAAAAKmQFdoVpH9lG20GfD2Ex0ppGN4KoSfIGkI7XPsp_g81NEJgqprzM_acwbE0mUMMMw_69Ralnvds6OXyu-Io3d7S_SmcYB7ldZdVEqbh-aoVrT1p99smbeyCeOlMz5_kLERIHyPlTdLddRFQhxrW88hy2PlpUe9aofqSkgTJR8CTgAjlti906ljogZyEtCJrAXmI1t9qfKHT_35-skeGmE9lPjzA7u1JKnsxRbEFzRsKGQVrE7YIjoo0qTMMR9rjozORi7O0ZPJX8L32UQLO5DUodAYZby2S5l5iG4Z6LYDGiqGrF0tMFiA3lbdS_NCulmRZzBkHC-2jcl0r0iWz427UmqyZZU0TrexUpioqrqD1GPH6bIXvLBAAgLqs8bN5vfGo_B3xMKs3IURdwCkR34dO8RsImn2u-udgE-SijUbBgfytL1I-wEElCv5CvGkXGVTMRDaKgFn0tLsLkQM15hJg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newnationnews.org/w2/dgme-employee-access-w2-4600264
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Apr 2020 15:44:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 18:08:08	Name: IDE Value: AHWqTUmmamQLMIHcrsJ-9y36jUCQfmr8p-1gX_BXIOtfkV4fDMtDRj2Y3UfIpANw
			.newnationnews.org/	1970-01-19 09:29:44	Name: __cfduid Value: df0183221294ba2546caec3a2e46993031586792651

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://newnationnews.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
chart.apis.google.com
connect.facebook.net
encrypted-tbn1.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
maxcdn.bootstrapcdn.com
newnationnews.org
pagead2.googlesyndication.com
platform.twitter.com
sstatic1.histats.com
tpc.googlesyndication.com
trackings.top
www.googletagservices.com
198.27.80.143
2001:4de0:ac19::1:b:2a
2606:2800:234:59:254c:406:2366:268c
2606:4700:3033::681f:4a0a
2606:4700:3036::6818:7dee
2a00:1450:4001:800::2002
2a00:1450:4001:808::200a
2a00:1450:4001:809::2002
2a00:1450:4001:809::200e
2a00:1450:4001:820::2003
2a00:1450:4001:821::2001
2a00:1450:4001:821::2002
2a00:1450:4001:821::200e
2a03:2880:f01c:8012:face:b00c:0:3
00d4fbacbadc6ecbd73be323ec77febf3d856ce00dc5334d06462a315c7da8e7
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0556982c2b3cf8fc78bc3d5d3c1e98b7861a0a8150ef7ecf2f3c7a733e4e0cf8
1eef99e75c032088c9f4fc2ae1741f6e6b21405d0d4562aa82fce3be22516853
20550f7bcb2a817ac9a5879e04260da8268e971c0b8031a6b7a2f48a55ee60d5
264ab0cec54da9650341480257751ef2efa9316fb471ce4a480d8799a1168de9
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
3c991baf42b8aef13175ef60fc32c9b929a54f2529f400d941d6a744da3d6d64
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
68f2b0a3381830c544349d5df116c2b96ba1d8efa46cf0c15e3a130d91bf6ab4
6ce8e9e137ee6f76fc6b9d1be5e70fdc9b354a976607081d0987c4ff05243369
7102569cc81ff68cd037a495919a379ccae9bae08a64c5498f493d50e60e72b1
7600dd96c92294f58eb2454da0b2fa6a24003523da52f588a7acdbb9fde3288f
7858a93a6106cdeb9f8d0aac4cee5b8add375aa6bab837c07ebf06ce31413638
84ef1175854e5116158d8db078706e87896136f97aed314d8ad2a2e6f1f36e58
8d83f3a8d198edba0071c9a3661ef73ffe4c580c6c08b145ecec836197187cdf
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
acdb1b4bcb3eaf18eb546e5bdbea76072fd6a1c774d805de91c99ad59881c54e
bb88dd3d8ed26d74f5395263ad92369ffbda97341f563a909a82d6c59a4a2318
bd26bcff40e65cd60c0eaf3473377f893ac66516958e23919d3734a818160a62
bd517806b5264970918842cfadee40447b8a9d515ad19f7a3389ced872e8202f
c0df99d896f6b409b47703361145068963f76a08b8d49d4053a9f6d11628f9ef
ce0e81b6a3315a2bc4da2c35329f773884b8c7a8896070c590af3462951e0a2a
ce37e7f8c6a4c89cfdcf052dddb45e423295c90d0db72c430630ae8ce9b7c424
d0df2ff25fded9e43a0cfa5159393d4482725bfb390e8ca94f34da85b5304117
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5
deb392febab4850ea24bd8516eed1b897991977ad63904261b9ffb21ccc66a4b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f6c8facc737d905ab43689582f4ae0f98425a4d28dd3f98a211639a59640ef
e4fdd0bcb54252c413625e05d4d0b06b7f6a34e70114f89a2bd465e7e9e4f1a1
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
f9d911cdda33acc60561a17ea188cd657bdc2ae4f3210b2e2c7fe77811cab332
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

newnationnews.org Open in urlscan Pro 2606:4700:3033::681f:4a0a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

45 Requests

100 %HTTPS

93 %IPv6

13 Domains

17 Subdomains

14 IPs

5 Countries

449 kBTransfer

1370 kBSize

2 Cookies

1 Outgoing links

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

newnationnews.org Open in urlscan Pro
2606:4700:3033::681f:4a0a Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

100 %
HTTPS

93 %
IPv6

13
Domains

17
Subdomains

14
IPs

5
Countries

449 kB
Transfer

1370 kB
Size

2
Cookies

45 HTTP transactions
0 data transactions