newerafin.site Open in urlscan Pro
179.43.160.52 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://hubedib.page.link/XGHQcZjb8HicGHZY9?1671199759fscjyavtgCrowd4226https://hubedib.page.link/XGHQcZjb8HicGHZY9?167119...
Effective URL:
https://newerafin.site/LMD1Nns6
Submission: On August 03 via manual (August 3rd 2021, 7:25:44 pm UTC) from IN

Summary HTTP 279 Redirects Links 233 Behaviour Indicators

Summary

This website contacted 61 IPs in 11 countries across 50 domains to perform 279 HTTP transactions. The main IP is 179.43.160.52, located in Zurich, Switzerland and belongs to PLI-AS, PA. The main domain is newerafin.site.
TLS certificate: Issued by R3 on July 22nd 2021. Valid for: 3 months.

This is the only time newerafin.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
112	179.43.160.52 179.43.160.52	51852 (PLI-AS) (PLI-AS)
1	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	199.232.192.249 199.232.192.249	54113 (FASTLY) (FASTLY)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	13.224.90.44 13.224.90.44	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
1	13.32.123.85 13.32.123.85	16509 (AMAZON-02) (AMAZON-02)
2	151.101.13.95 151.101.13.95	54113 (FASTLY) (FASTLY)
4 22	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2	143.204.98.9 143.204.98.9	16509 (AMAZON-02) (AMAZON-02)
1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
2 4	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 6	37.252.173.27 37.252.173.27	29990 (ASN-APPNEX) (ASN-APPNEX)
1	23.37.38.181 23.37.38.181	16625 (AKAMAI-AS) (AKAMAI-AS)
2	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.162.133.150 178.162.133.150	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 7	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
4	69.173.144.141 69.173.144.141	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2 15	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1 3	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
7	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
22	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
2	2606:2800:233... 2606:2800:233:8173:898f:63b3:95c3:79d2	15133 (EDGECAST) (EDGECAST)
1 2	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
3	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
1 1	2a02:fa8:8806... 2a02:fa8:8806:20::2010	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
1 1	159.253.128.183 159.253.128.183	36351 (SOFTLAYER) (SOFTLAYER)
2 3	104.111.242.53 104.111.242.53	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6812:7b9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.224.96.124 13.224.96.124	16509 (AMAZON-02) (AMAZON-02)
1	54.36.109.48 54.36.109.48	16276 (OVH) (OVH)
2	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.6.242 37.157.6.242	198622 (ADFORM) (ADFORM)
1	185.33.220.242 185.33.220.242	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
1	52.49.238.187 52.49.238.187	16509 (AMAZON-02) (AMAZON-02)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
2 2	3.124.143.99 3.124.143.99	16509 (AMAZON-02) (AMAZON-02)
1 2	54.194.226.253 54.194.226.253	16509 (AMAZON-02) (AMAZON-02)
1	52.45.215.106 52.45.215.106	14618 (AMAZON-AES) (AMAZON-AES)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
279	61

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

hubedib.page.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

112 179.43.160.52 (Zurich, Switzerland)

ASN51852 (PLI-AS, PA)

newerafin.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.192.249 (United States)

ASN54113 (FASTLY, US)

dealnews.a.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.224.90.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-90-44.zrh50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.dealnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.123.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-123-85.hel50.r.cloudfront.net

api.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.13.95 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

c.dlnws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.250.184.226 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-9.fra50.r.cloudfront.net

tracker.marinsm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:1::13 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.173.27 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.150 (Madrid, Spain)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

pubgalaxy-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a319c56c9330b8a3477a6f71d9448438.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.200 (United States) 1 redirects

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:233:8173:898f:63b3:95c3:79d2 (United States)

ASN15133 (EDGECAST, US)

abs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.130.91 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2010 (United States) 1 redirects

ASN41041 (VCLK-EU-SE, US)

casale-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.129 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.253.128.183 (Amsterdam, Netherlands) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.242.53 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7b9 (United States)

ASN13335 (CLOUDFLARENET, US)

app.viralsweep.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-124.zrh50.r.cloudfront.net

ak.sail-horizon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.36.109.48 (France)

ASN16276 (OVH, FR)
PTR: p03.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.132.245 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:51e4:db4b:4436:b305 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.242 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.220.242 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.238.187 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-238-187.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.143.99 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-143-99.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.194.226.253 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-226-253.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.215.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-215-106.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
112	newerafin.site newerafin.site	3 MB
27	doubleclick.net 4 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net cm.g.doubleclick.net	125 KB
24	twimg.com cdn.syndication.twimg.com abs.twimg.com pbs.twimg.com	572 KB
15	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com a319c56c9330b8a3477a6f71d9448438.safeframe.googlesyndication.com	83 KB
13	casalemedia.com 2 redirects htlb.casalemedia.com ssum-sec.casalemedia.com dsum-sec.casalemedia.com dsum.casalemedia.com	15 KB
9	criteo.com 2 redirects gum.criteo.com mug.criteo.com bidder.criteo.com	8 KB
9	twitter.com 1 redirects platform.twitter.com syndication.twitter.com	185 KB
8	adnxs.com 2 redirects ib.adnxs.com acdn.adnxs.com secure.adnxs.com	22 KB
7	rubiconproject.com fastlane.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	16 KB
7	openx.net 1 redirects pubgalaxy-d.openx.net eu-u.openx.net us-u.openx.net	2 KB
6	google.com www.google.com adservice.google.com google.com Failed	1 KB
6	googletagservices.com www.googletagservices.com	201 KB
6	amazon-adsystem.com 1 redirects c.amazon-adsystem.com s.amazon-adsystem.com	38 KB
4	bing.com bat.bing.com	9 KB
3	indexww.com js-sec.indexww.com	2 KB
3	owneriq.net 2 redirects px.owneriq.net	1 KB
3	adsrvr.org match.adsrvr.org	1 KB
3	google.de www.google.de adservice.google.de	337 B
2	crwdcntrl.net 1 redirects bcp.crwdcntrl.net	1 KB
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	adform.net 2 redirects c1.adform.net	924 B
2	mathtag.com 2 redirects sync.mathtag.com	1 KB
2	marinsm.com tracker.marinsm.com	3 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	googletagmanager.com www.googletagmanager.com	96 KB
2	dlnws.com c.dlnws.com	3 KB
1	adentifi.com rtb.adentifi.com	88 B
1	turn.com 1 redirects ad.turn.com	425 B
1	bidr.io match.prod.bidr.io	430 B
1	yahoo.com pr-bh.ybp.yahoo.com	835 B
1	quantserve.com 1 redirects pixel.quantserve.com	498 B
1	id5-sync.com id5-sync.com	532 B
1	sail-horizon.com ak.sail-horizon.com	43 KB
1	viralsweep.com app.viralsweep.com
1	simpli.fi 1 redirects um.simpli.fi	627 B
1	rfihub.com 1 redirects p.rfihub.com	773 B
1	dotomi.com 1 redirects casale-match.dotomi.com	186 B
1	2mdn.net s0.2mdn.net	131 KB
1	sonobi.com apex.go.sonobi.com	616 B
1	googleadservices.com www.googleadservices.com	14 KB
1	pushnami.com api.pushnami.com	19 KB
1	dealnews.com www.dealnews.com
1	google.ru www.google.ru	569 B
1	criteo.net static.criteo.net	27 KB
1	fastly.net dealnews.a.ssl.fastly.net	2 KB
1	facebook.net connect.facebook.net	68 KB
1	page.link 1 redirects hubedib.page.link	888 B
0	rlcdn.com Failed api.rlcdn.com Failed
0	ns-cdn.com Failed ps.ns-cdn.com Failed
0	Failed function sub() { [native code] }. Failed
279	50

	Domain	Requested by
112	newerafin.site	newerafin.site
21	pbs.twimg.com	newerafin.site
17	securepubads.g.doubleclick.net	www.googletagservices.com newerafin.site
10	pagead2.googlesyndication.com	newerafin.site tpc.googlesyndication.com www.googletagservices.com
7	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
6	ib.adnxs.com	2 redirects newerafin.site acdn.adnxs.com
6	platform.twitter.com	newerafin.site
6	www.googletagservices.com	newerafin.site
5	cm.g.doubleclick.net	4 redirects eu-u.openx.net
4	eu-u.openx.net	1 redirects newerafin.site eu-u.openx.net
4	tpc.googlesyndication.com	newerafin.site tpc.googlesyndication.com
4	ssum-sec.casalemedia.com	1 redirects newerafin.site ssum-sec.casalemedia.com js-sec.indexww.com
4	fastlane.rubiconproject.com	newerafin.site
4	gum.criteo.com	2 redirects newerafin.site
4	bat.bing.com	newerafin.site bat.bing.com
4	www.google.com	newerafin.site tpc.googlesyndication.com
4	c.amazon-adsystem.com	newerafin.site c.amazon-adsystem.com
3	js-sec.indexww.com	ssum-sec.casalemedia.com newerafin.site
3	px.owneriq.net	2 redirects ssum-sec.casalemedia.com
3	match.adsrvr.org	ssum-sec.casalemedia.com newerafin.site eu-u.openx.net
3	syndication.twitter.com	1 redirects newerafin.site platform.twitter.com
3	mug.criteo.com	newerafin.site gum.criteo.com
2	bcp.crwdcntrl.net	1 redirects ssum-sec.casalemedia.com
2	pm.w55c.net	2 redirects
2	c1.adform.net	2 redirects
2	us-u.openx.net	eu-u.openx.net
2	sync.mathtag.com	2 redirects
2	eus.rubiconproject.com	newerafin.site eus.rubiconproject.com
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	abs.twimg.com	newerafin.site
2	www.google.de	newerafin.site
2	googleads4.g.doubleclick.net	newerafin.site
2	googleads.g.doubleclick.net	www.googleadservices.com newerafin.site
2	bidder.criteo.com	newerafin.site
2	tracker.marinsm.com	newerafin.site
2	www.google-analytics.com	newerafin.site
2	www.googletagmanager.com	newerafin.site
2	c.dlnws.com	newerafin.site
1	google.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	rtb.adentifi.com	ssum-sec.casalemedia.com
1	ad.turn.com	1 redirects
1	match.prod.bidr.io	ssum-sec.casalemedia.com
1	pr-bh.ybp.yahoo.com	ssum-sec.casalemedia.com
1	secure.adnxs.com	ssum-sec.casalemedia.com
1	pixel.quantserve.com	1 redirects
1	acdn.adnxs.com	newerafin.site
1	id5-sync.com	newerafin.site
1	ak.sail-horizon.com	newerafin.site
1	app.viralsweep.com	newerafin.site
1	um.simpli.fi	1 redirects
1	p.rfihub.com	1 redirects
1	dsum.casalemedia.com	ssum-sec.casalemedia.com
1	casale-match.dotomi.com	1 redirects
1	cdn.syndication.twimg.com	newerafin.site
1	a319c56c9330b8a3477a6f71d9448438.safeframe.googlesyndication.com	newerafin.site
1	adservice.google.com	newerafin.site
1	adservice.google.de	newerafin.site
1	s0.2mdn.net	newerafin.site
1	stats.g.doubleclick.net	newerafin.site
1	pubgalaxy-d.openx.net	newerafin.site
1	apex.go.sonobi.com	newerafin.site
1	htlb.casalemedia.com	newerafin.site
1	www.googleadservices.com	newerafin.site
1	api.pushnami.com	newerafin.site
1	www.dealnews.com	newerafin.site
1	www.google.ru	newerafin.site
1	static.criteo.net	newerafin.site
1	dealnews.a.ssl.fastly.net	newerafin.site
1	connect.facebook.net	newerafin.site
1	hubedib.page.link	1 redirects
0	api.rlcdn.com Failed	newerafin.site
0	ps.ns-cdn.com Failed	newerafin.site
0	scrapbook Failed	newerafin.site
279	74

This site contains links to these domains. Also see Links.

Domain
www.dealnews.com
corp.dealnews.com
apps.apple.com
play.google.com
www.youtube.com
dealnews.com
www.facebook.com
www.linkedin.com
www.twitter.com

Subject Issuer	Validity	Valid
newerafin.site R3	`2021-07-22` - `2021-10-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
default.ssl.fastly.net GlobalSign RSA OV SSL CA 2018	`2019-11-12` - `2022-01-08`	2 years	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.google.com.ru GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
www.dealnews.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.pushnami.com Amazon	`2021-04-18` - `2022-05-17`	a year	crt.sh
c.dlnws.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.marinsm.com DigiCert SHA2 Secure Server CA	`2020-02-24` - `2022-05-25`	2 years	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-07-06` - `2022-01-06`	6 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2021-07-14` - `2022-06-27`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.owneriq.net GeoTrust RSA CA 2018	`2021-01-29` - `2022-02-02`	a year	crt.sh
viralsweep.com Cloudflare Inc ECC CA-3	`2020-09-04` - `2021-09-04`	a year	crt.sh
ak.sail-horizon.com Amazon	`2021-01-07` - `2022-02-04`	a year	crt.sh
*.id5-sync.com R3	`2021-07-13` - `2021-10-11`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-29` - `2021-09-22`	6 months	crt.sh
*.match.prod.bidr.io Amazon	`2021-02-26` - `2022-03-27`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
adentifi.com Amazon	`2020-10-02` - `2021-11-02`	a year	crt.sh

This page contains 36 frames:

Primary Page: https://newerafin.site/LMD1Nns6
Frame ID: 4DE80219D22C70DF1ADCFE3EC1794E48
Requests: 125 HTTP requests in this frame

Frame: https://newerafin.site/lander/white5_1627283170/index_9.html
Frame ID: F32AE9BC9C7113B59BB54E4A7F517C64
Requests: 18 HTTP requests in this frame

Frame: https://newerafin.site/lander/white5_1627283170/index_1.html
Frame ID: F07FE2A2A2B9A087EF0F17B86E3A6D9F
Requests: 5 HTTP requests in this frame

Frame: https://newerafin.site/lander/white5_1627283170/index_16.html
Frame ID: 41170C5B1EF8D969FCE8F61D407DF3D7
Requests: 17 HTTP requests in this frame

Frame: https://newerafin.site/lander/white5_1627283170/index_2.html
Frame ID: 696D35FE0D43FDD5349AF8E46DA33D00
Requests: 5 HTTP requests in this frame

Frame: https://newerafin.site/lander/white5_1627283170/index_3.html
Frame ID: 8AAEDF1FD47DAD95A10F7EB8D29F371C
Requests: 5 HTTP requests in this frame

Frame: https://newerafin.site/lander/white5_1627283170/index_6.html
Frame ID: AAA19C22A1E6899F0F12CB704E3CAFA4
Requests: 2 HTTP requests in this frame

Frame: https://newerafin.site/lander/white5_1627283170/index_10.html
Frame ID: 576109CA8A5C77310118340D3BD51FCC
Requests: 1 HTTP requests in this frame

Frame: https://newerafin.site/lander/white5_1627283170/index_5.html
Frame ID: 5A20F34D9DB48C6A8D933F4384E10E42
Requests: 1 HTTP requests in this frame

Frame: https://newerafin.site/lander/white5_1627283170/index_4.html
Frame ID: 7BEFBEE5793D44F70BA17E3F25D0E059
Requests: 1 HTTP requests in this frame

Frame: https://newerafin.site/lander/white5_1627283170/index_18.html
Frame ID: F7746AB1886E390770D1CE155BE560C7
Requests: 2 HTTP requests in this frame

Frame: https://newerafin.site/lander/white5_1627283170/index_12.html
Frame ID: 24CCEF1E93AC36BED45B263CC90AF232
Requests: 1 HTTP requests in this frame

Frame: https://newerafin.site/lander/white5_1627283170/index_13.html
Frame ID: 4EC047447A8A2A578FDFCE161074E0F5
Requests: 3 HTTP requests in this frame

Frame: https://newerafin.site/lander/white5_1627283170/index_11.html
Frame ID: 5DBFF4B6F3BEEA950A46B202C7A02A27
Requests: 1 HTTP requests in this frame

Frame: https://newerafin.site/lander/white5_1627283170/index_8.html
Frame ID: DA657FCC366E0552880231DE7E698F41
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fnewerafin.site
Frame ID: 56E1D7B92F198CC0894E4D9337204959
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=newerafin.site
Frame ID: 8ED6B0A3F0A0D248BA3AE9BF2D212145
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://newerafin.site/LMD1Nns6&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: F1949B2EFB5F930F6CE7F633FBA820E6
Requests: 10 HTTP requests in this frame

Frame: https://newerafin.site/lander/white5_1627283170/index_17.html
Frame ID: 04314D83D126766DBD25007CF20346A6
Requests: 2 HTTP requests in this frame

Frame: https://newerafin.site/lander/white5_1627283170/index_15.html
Frame ID: 08E39CBF28020E01B5DE1BEC610E0F58
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 28ECE9EFDD9C2AF133FDB931C10147D8
Requests: 3 HTTP requests in this frame

Frame: https://a319c56c9330b8a3477a6f71d9448438.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0C898DD21F3F2726B5E5DD0D9FBB8E98
Requests: 1 HTTP requests in this frame

Frame: https://newerafin.site/lander/white5_1627283170/index_14.html
Frame ID: B0399AFC34DC264F64E1A47CDA65539B
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQrIQbM6V6A2fGXkYSaSrDuyaRNggmLS0ScxPqlc-GWS3t9UvAncp3NmQqWeoPsuYOW3DxSUDq1Q2RyVcj_-h7hptZ-M-za1X4h_1m_YRZ1mPlLion6qRhuYE9breDfLzkVIA35r9YNNj98OW4ASGlEU_s0CYY1z_rxmwheJGr0368Lce4BuVm5tQ546TQgdIBdZYgczKbfuJWDT4x-0PpPQS1IvzQ3QOnoZim0vaaGJ7dzV9bddHaWBvfIOceSBXOlRERribX4M7Xmg8yKWsPVZrTm7v9-RhUL9XpBNzC1SrfDO6Pe5slqQlImE1VWv7qxCm7O3HuVO0&sig=Cg0ArKJSzMCgnSwwG3f6EAE&urlfix=1&adurl=
Frame ID: 7F34768BBD8E716A32004CD922F7D7AE
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuIDvqSL3F3pk5KnLEFa9mIBFfRNgPai6TvDrtvi-Rxi3UG1hvkapa9y634Doki5e30iD7XzmD9GRRYUoWgS4XFcdz-bCRXHx9diX0PLVAmbHNDNVM3TUI1ypEDArpbJowuLbfvOwNQ-4Fy-WEQ3VC9m8Gm-FvIogCeH2IzHxguJgo9KN_rXo0p6-R5P3C_ms9-a5IuJt3ju7KPL3XuPOxG6RU1mFHAlJ-7trCK_9O_k8r5_q5hEUarkSk5mUesyz63OEsvQ-aHw6Ix44-UerMF04yt4XzsXD8KAIy4aK5KH-aCO7refqPyId-WbH9bPbkMOge9bD62sdU&sig=Cg0ArKJSzHn3LGwYq887EAE&urlfix=1&adurl=
Frame ID: CEC8E583C089431F0335E55FEEA3D614
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstoTFSFmnVblFBbpX1MXqr5eOQEbJOEvwWnwpR_0diHmgMyaT4e0cZDLwWwwpQx5PRZ2j1Sa5gH0_8J1TFuDL55lkmSux9UU3hK0nLI4ufxchmGnzcqOC1r-vP-hcfzoHclrOh-foUxYz7YNtR722LetVk3mTYXPlJigKWsPMK66nBZlFROwI1d2YC5GDIuRZHtF2Ct8O4--sBwICGO726kb-ZTL_LOLRXqK2KNp7hditlmH778qbyFbwLo3n_zy8oC4zXjTja_z6Yg9jJHIHxsDXa9kw9u79wQEpf-CcAYH0F4L-PtqYSne7kZGf_AKk5cIO4iZQvmTXI&sig=Cg0ArKJSzPVKrH-CwyWLEAE&urlfix=1&adurl=
Frame ID: 22884700FAFE43FD380ABD29DC8FC5AD
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuEbbNh0yUzUnuoGbxTOOp4fOULTTBZdiqZm2AipEvrKGZov-bJklc94Bu7PhFBwkXeaJG_qxtOQNwbKma9H1fC1_ExrrHv3FwqJYGGSnkdU9d8eUmucc3CPeEHcXFJ3q7TJqEoXpQbSvxFsiHj7s9vwAgkGL8dGwPVk3Y_ScbjePws8Y7ofnpy5f4Jvy7E8V-xfcRcd2YKtxJSXrxgGMMZAlTE-hwYJKLkufQPQsSggq8FTqG8MVsQLK-JfVdx0ZsO0Owq4rJbt7BbPnMnaKjBkYAE53ErBmu8bsXFn5fcIU5C91094wuaXRZ2qKDTmIucL-ER_gvzaos&sig=Cg0ArKJSzL2rNceQbgTREAE&urlfix=1&adurl=
Frame ID: 6517429016E1724476CB4AD99B97752A
Requests: 4 HTTP requests in this frame

Frame: https://abs.twimg.com/emoji/v2/72x72/1f440.png
Frame ID: 338DC651A4A192C0FE33EB1F64E0EB03
Requests: 29 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: B2C47BC7E6D44B2417B31754687E7651
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: F74529BEAB8060799CD747EED0AC451D
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6BA6B854FB8DAF4B2A797A39B5CEA1FA
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: F0514B39C06128BF01F35C3546BCD82D
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=674700d8-56f8-4e0c-aecf-b9c3ebe8f945&gdpr=1
Frame ID: 6CEA08042F34B8BB2275D5D32A1106D2
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 66FF53E01C393FD30C852DA8FD10CE23
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3C7A1C239A21B1CB7B283FEB1B3A17F8
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://newerafin.site/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 2A6E865ABDFB77775FEEBB16826E58B2
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://hubedib.page.link/XGHQcZjb8HicGHZY9?1671199759fscjyavtgCrowd4226https://hubedib.page.link/XGHQ... HTTP 302
https://newerafin.site/LMD1Nns6 Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

279
Requests

98 %
HTTPS

48 %
IPv6

50
Domains

74
Subdomains

61
IPs

11
Countries

4572 kB
Transfer

11384 kB
Size

5
Cookies

233 Outgoing links

These are links going to different origins than the main page.

URL: https://www.dealnews.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/mydealnews/signin/
Title: Sign In

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/categories/
Title: Categories

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c202/Clothing-Accessories/
Title: Clothing

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c275/Clothing-Accessories/Accessories/f1/Mens/
Title: Accessories

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c487/Clothing-Accessories/Activewear/f1/Mens/
Title: Activewear

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c280/Clothing-Accessories/Shoes/f1/Mens/f1107/Sandals/
Title: Sandals

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c716/Clothing-Accessories/Shirts/f1/Mens/
Title: Shirts

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c280/Clothing-Accessories/Shoes/f1/Mens/
Title: Shoes

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c717/Clothing-Accessories/Shorts/f1/Mens/
Title: Shorts

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c454/Clothing-Accessories/Accessories/Sunglasses/f1/Mens/
Title: Sunglasses

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c721/Clothing-Accessories/T-Shirts/f1/Mens/
Title: T-Shirts

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c436/Clothing-Accessories/Accessories/Watches/f1/Mens/
Title: Watches

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c202/Clothing-Accessories/f1/Mens/
Title: All Men's Clothing

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c202/Clothing-Accessories/f4/Boys/
Title: Boy's Clothing

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c202/Clothing-Accessories/f5/Girls/
Title: Girl's Clothing

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c205/Clothing-Accessories/Kids-Clothes/
Title: Kid's Clothing

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c275/Clothing-Accessories/Accessories/f2/Womens/
Title: Accessories

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c487/Clothing-Accessories/Activewear/f2/Womens/
Title: Activewear

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c490/Clothing-Accessories/Dresses/f2/Womens/
Title: Dresses

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c481/Clothing-Accessories/Accessories/Handbags/
Title: Handbags

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c488/Clothing-Accessories/Intimates/f2/Womens/
Title: Intimates

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c280/Clothing-Accessories/Shoes/f2/Womens/f1107/Sandals/
Title: Sandals

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c716/Clothing-Accessories/Shirts/f2/Womens/
Title: Shirts

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c280/Clothing-Accessories/Shoes/f2/Womens/
Title: Shoes

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c717/Clothing-Accessories/Shorts/f2/Womens/
Title: Shorts

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c454/Clothing-Accessories/Accessories/Sunglasses/f2/Womens/
Title: Sunglasses

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c436/Clothing-Accessories/Accessories/Watches/f2/Womens/
Title: Watches

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c202/Clothing-Accessories/f2/Womens/
Title: All Women's Clothing

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c287/Clothing-Accessories/Luggage-Travel-Gear/
Title: Luggage

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/s288/Macys/
Title: Macy's

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/s279/J-Crew/
Title: J.Crew

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/s320/JCPenney/
Title: JCPenney

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/s682/Finish-Line/
Title: Finish Line

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/s5796/Crocs/
Title: Crocs

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c202/Clothing-Accessories/t2/Coupons/
Title: All Clothing Coupons

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c39/Computers/
Title: Computers

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c49/Computers/Laptops/
Title: Laptops

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c277/Computers/Computer-Accessories/Laptop-Accessories/Laptop-Bags/
Title: Laptop Bags

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c48/Computers/Desktops/
Title: Desktops

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c41/Computers/Apple-Computers/
Title: Apple Computers

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c49/Computers/Laptops/f31/Gaming/
Title: Gaming Laptops

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c568/Computers/iPad-Tablet/iPads/
Title: iPads

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c577/Computers/iPad-Tablet/iPad-Apps/
Title: iPad Apps

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c572/Computers/iPad-Tablet/iPad-Accessories/
Title: iPad Accessories

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c594/Computers/iPad-Tablet/Tablets/
Title: Tablets

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c623/Computers/iPad-Tablet/Tablet-Accessories/
Title: Tablet Accessories

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c732/Computers/Networking/Wireless-Networking/Routers/
Title: Routers

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c75/Computers/Peripherals/Monitors/
Title: Monitors

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c70/Computers/Peripherals/Input-Devices/
Title: Input Devices

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c93/Computers/Upgrades-Components/
Title: Upgrades / Components

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c56/Computers/Storage/Hard-Drives/
Title: Hard Drives

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c837/Electronics/Portable-Speakers/
Title: Portable Speakers

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c108/Computers/Storage/Flash-Memory-Cards/
Title: Flash Memory Cards

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c297/Computers/Storage/USB-Flash-Drives/
Title: USB Flash Drives

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c124/Computers/Software/
Title: Software

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/s321/Walmart/
Title: Walmart

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/s415/Apple/
Title: Apple

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/s504/Newegg/
Title: Newegg

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/s1662/Lenovo/
Title: Lenovo

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/s274/Staples/
Title: Staples

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c39/Computers/t2/Coupons/
Title: All Computer Coupons

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c142/Electronics/
Title: Electronics

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c159/Electronics/TVs/?r=107%2C110%2C113
Title: 49" or smaller

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c159/Electronics/TVs/?r=116
Title: 50" - 59"

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c159/Electronics/TVs/?r=119%2C122
Title: 60" or larger

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c159/Electronics/TVs/f1667/Smart-TV/
Title: Smart TVs

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c159/Electronics/TVs/f1409/4-K/
Title: 4k

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c159/Electronics/TVs/
Title: All TVs

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c148/Electronics/Audio-Components/Home-Theater-Systems/
Title: Home Theater Systems

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c147/Electronics/Audio-Components/Speakers/
Title: Speakers

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c452/Electronics/Streaming-Media-Players/
Title: Streaming Media Players

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c191/Gaming-Toys/Video-Games/
Title: Video Games

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c189/Gaming-Toys/Computer-Games/PC-Games/
Title: PC Games

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c191/Gaming-Toys/Video-Games/f1158/Play-Station-4/
Title: PlayStation 4

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c191/Gaming-Toys/Video-Games/f1546/Xbox-One/
Title: XBox One

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c191/Gaming-Toys/Video-Games/f1652/Nintendo-Switch/
Title: Nintendo Switch

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c491/Electronics/Phones-Cell-Phones/Apple-iPhones/
Title: Apple iPhones

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c671/Electronics/Phones-Cell-Phones/Apple-iPhones/iPhone-Accessories/iPhone-Cases/
Title: iPhone Cases

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c672/Electronics/Phones-Cell-Phones/Android-Phones/
Title: Android Phones

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c673/Electronics/Phones-Cell-Phones/Android-Phones/Android-Phone-Accessories/
Title: Android Phone Accessories

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c155/Electronics/Audio-Components/Headphones/
Title: Headphones

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c168/Electronics/Cameras/Digital-Cameras/
Title: Digital Cameras

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c429/Electronics/Cameras/Camera-Accessories/
Title: Camera Accessories

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c306/Electronics/Batteries/
Title: Batteries

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/s7966/Build-com/
Title: Build.com

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/s6058/Samsung/
Title: Samsung

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/s3071/Guitar-Center/
Title: Guitar Center

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/s560/Best-Buy/
Title: Best Buy

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/s361/shop-Disney/
Title: shopDisney

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c142/Electronics/t2/Coupons/
Title: All Electronics Coupons

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c196/Home-Garden/
Title: Home & Garden

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c607/Home-Garden/Appliances/Household-Items/Air-Conditioners/
Title: Air Conditioners

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c648/Home-Garden/Tools-Hardware/Flashlights-Lighting/
Title: Flashlights & Lighting

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c810/Home-Garden/Light-Bulbs/
Title: Light Bulbs

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c645/Home-Garden/Tools-Hardware/Hand-Tools/
Title: Hand Tools

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c646/Home-Garden/Tools-Hardware/Power-Tools/
Title: Power Tools

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c647/Home-Garden/Tools-Hardware/Tool-Storage-Organization/
Title: Tool Storage & Organization

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c492/Home-Garden/Home-Security/
Title: Home Security

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c747/Home-Garden/Garden/Garden-Tools/
Title: Garden Tools

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c529/Home-Garden/Garden/BBQs-Grills/
Title: BBQs & Grills

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c199/Home-Garden/Home-Furniture/
Title: Home Furniture

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c200/Home-Garden/Decor/
Title: Decor

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c744/Home-Garden/Garden/Patio-Furniture/
Title: Patio Furniture

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c201/Home-Garden/Kitchen/
Title: Kitchen

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c642/Home-Garden/Kitchen/Small-Appliances/
Title: Small Kitchen Appliances

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c304/Home-Garden/Appliances/
Title: Large Appliances

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c360/Home-Garden/Bed-Bath/
Title: Bed & Bath

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c661/Home-Garden/Babies-Kids-Items/Diapers-Wipes/
Title: Diapers & Wipes

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c1009/Home-Garden/Appliances/Household-Items/Vacuum-Cleaners/Robot-Vacuums/
Title: Robot Vacuums

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c214/Home-Garden/Food-Drink/Groceries/
Title: Groceries

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c213/Home-Garden/Food-Drink/
Title: Food & Drink

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c377/Home-Garden/Food-Drink/Restaurants/
Title: Restaurants

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/s958/Home-Depot/
Title: Home Depot

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/s4005/Lumens/
Title: Lumens

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/s289/Walgreens/
Title: Walgreens

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/s1372/LEGO/
Title: LEGO

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/s532/Vitacost/
Title: Vitacost

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c196/Home-Garden/t2/Coupons/
Title: All Home Coupons

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c207/Travel-Entertainment/Airfare/
Title: Airfare

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c238/Automotive/
Title: Automotive

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c522/Financial-Services/Credit-Cards/
Title: Credit Cards

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c702/Financial-Services/
Title: Financial Services

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/freebies/
Title: Freebies

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c186/Gaming-Toys/
Title: Gaming & Toys

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c859/Gift-Cards/
Title: Gift Cards

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c756/Health-Beauty/
Title: Health & Beauty

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c178/Movies-Music-Books/
Title: Movies, Music, Books

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c182/Office-School-Supplies/
Title: Office & School Supplies

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/f9/Refurbished/
Title: Refurbished

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/f1912/Smart-Home/
Title: Smart Home

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c636/Special-Occasion/
Title: Special Occasion

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c211/Sports-Fitness/
Title: Sports & Fitness

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c40/Store-Events/
Title: Store Events

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c798/Health-Beauty/Health/Supplements/
Title: Supplements

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/c206/Travel-Entertainment/
Title: Travel & Entertainment

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/online-stores/
Title: Stores

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/s313/Amazon/
Title: Amazon

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/s638/Dell-Home/
Title: Dell

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/s50/eBay/
Title: eBay

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/s1009/Kohls/
Title: Kohl's

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/s1642/Chase/
Title: Chase

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/s38875/Wayfair/
Title: Wayfair

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/s4574/The-North-Face/
Title: The North Face

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/s41921/Proozy/
Title: Proozy

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/s41081/Nordstrom-Rack/
Title: Nordstrom Rack

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/s503/Game-Stop/
Title: GameStop

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/s604/Dell-Technologies/
Title: Dell

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/s1491/Levis/
Title: Levi's

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/s474/Petco/
Title: Petco

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/s1692/Woot-An-Amazon-Company/
Title: Woot

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/s46658/Costway/
Title: Costway

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/s857/Sams-Club/
Title: Sam's Club

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/s39990/Uniqlo/
Title: Uniqlo

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/s47552/32-Degrees/
Title: 32 Degrees

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/s39727/Keen-Footwear/
Title: Keen Footwear

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/s3710/Daily-Steals/
Title: Daily Steals

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/s1715/Lands-End/
Title: Lands' End

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/features/
Title: Blog

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/features/archives/c698/
Title: Buying Guides

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/features/archives/c700/
Title: Consumer News

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/features/archives/c697/
Title: Roundups

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/features/discounts/months/July/
Title: What to buy in July

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/features/target/school-supplies-target/
Title: 11 Best Back to School Supplies at Target

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/features/discounts/military-discounts/
Title: Military Discounts

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/features/how-to-save-back-to-school-sales/
Title: What to Expect from Back to School

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/features/Items-Worth-Buying-on-the-Northern-Tool-Website/2213330.html
Title: Northern Tool Buying Guide

Search URL Search Domain Scan URL

URL: http://corp.dealnews.com/
Title: About Us

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/contact/
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/pages/press-room.html
Title: Press Room

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/contact/advertise/
Title: Advertise on DealNews

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/jobs
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/pages/faq.html
Title: FAQ

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/ux_variant.html?payload=eyJ2YXJpYW50X25hbWUiOiJjbGFzc2ljX3NpdGUiLCJyZWRpcmVjdF91cmwiOiJcLyIsImV4cGlyZSI6IjE2OCIsInZhcmlhbnRfbmFtZV9obWFjIjoiYTkxN2Y0YjFlYjBjYTgyMzZkNDQ2NzUwZGRhNThiNDZlMTQ0ODg0Y2M1NDM4ZjBlYzc5MzUzYTA5ZmJkMjJkNCJ9
Title: Back to Classic

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/disclaimer.html

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/mydealnews/account_recovery.html
Title: Reset Password.

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/?pf=1
Title: See my personalized deals

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/privacy.html
Title: Learn More

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/authors/Julie-Ramhold/115.html
Title: JULIE RAMHOLD

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/lw/share.html?s=twitter&t=How%20to%20Buy%20on%20eBay&u=http%3A%2F%2Fdn.ws%2F1bfcv

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/lw/share.html?s=facebook&t=How%20to%20Buy%20on%20eBay&u=https%3A%2F%2Fwww.dealnews.com%2Ffeatures%2FeBay%2Fhow-to-buy%2F

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/lw/share.html?s=pinterest&t=How%20to%20Buy%20on%20eBay&u=https%3A%2F%2Fwww.dealnews.com%2Ffeatures%2FeBay%2Fhow-to-buy%2F
Title:

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/email.html?2212735

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/lw/artclick.html?2,2212735,14238032
Title: eBay

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/lw/artclick.html?2,2212735,14238035
Title: as a guest

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/lw/artclick.html?2,2212735,14238038
Title: creating an account

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/features/What-You-Need-to-Know-When-Buying-Refurbished-Electronics/637464.html
Title: Everything You Need to Know to Buy Refurbished Electronics

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/lw/artclick.html?2,2212735,14238044
Title: automatic bidding

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/lw/artclick.html?2,2212735,14238047
Title: serves as a binding contract

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/lw/artclick.html?2,2212735,14238050
Title: retract a bid

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/lw/artclick.html?2,2212735,14238053
Title: making a Best Offer

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/lw/artclick.html?2,2212735,14238056
Title: pay for items on eBay

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/features/Whens-The-Best-Time-to-Buy-the-Most-Popular-Smartphones/1918133.html
Title: When Is the Best Time to Buy a New Phone?

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/lw/artclick.html?2,2212735,14238062
Title: Amazon

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/lw/artclick.html?2,2212735,14238065
Title: Walmart

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/lw/artclick.html?2,2212735,14238068
Title: Target

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/features/target/
Title: The Ultimate Guide to Shopping at Target

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/lw/artclick.html?2,2212735,14238074
Title: won't ask you for confidential information

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/ebay-buy-sell-save-money/id282614216
Title: iOS

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.ebay.mobile&hl=en
Title: Android apps

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/lw/artclick.html?2,2212735,14238083
Title: eBay app

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/features/The-Best-Customer-Rewards-Programs/2183066.html
Title: The 45 Best Customer Rewards Programs in 2021

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/lw/artclick.html?2,2212735,14238089
Title: notifications

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/lw/artclick.html?2,2212735,14238092
Title: Watchlist

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/lw/artclick.html?2,2212735,14238095
Title: useful tips

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/features/Where-to-Buy-LEGOs/2210887.html
Title: Where to Buy LEGOs

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/mydealnews/register/
Title: Register

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/features/The-Best-Smart-Home-Deals/2213507.html

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/features/best-patio-furniture-deals/

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/features/The-Best-Buy-Now-Pay-Later-Sites-to-Check-Out/2213474.html
Title: best buy now, pay later sites

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/features/best-buy/online-shopping/
Title: Best Buy online shopping

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/features/Affordable-Gaming-Laptops/2213492.html

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/lw/click.html?20,2,19375130
Title: Buy Now at Amazon

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/products/Apple/Apple-Air-Pods-Pro/193336.html

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/lw/click.html?20,2,19382252
Title: Shop Now at REI

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/REI-Outlet-Deals-Up-to-90-off-free-shipping-w-50/19382252.html

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/lw/click.html?20,2,19420841
Title: Buy Now at Macy's

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/Tommy-Hilfiger-Womens-Striped-Zip-Sleeveless-Dress-for-17-free-shipping-w-25/19420841.html

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/lw/click.html?20,2,19420469
Title: Shop Now at Newegg

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/Newegg-Rock-Your-Tech-Style-Sale-shop-now-free-shipping/19420469.html

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/lw/click.html?20,2,19420304
Title: Shop Now at Jos. A. Bank

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/Jos-A-Bank-Summer-Clearance-Blowout-Up-to-85-off-free-shipping/19420304.html

Search URL Search Domain Scan URL

URL: http://www.youtube.com/user/dealnews
Title: DealNews is on YouTube Subscribe to keep up on the latest videos.

Search URL Search Domain Scan URL

URL: https://dealnews.com/pages/sweepstakes
Title:

Search URL Search Domain Scan URL

URL: http://www.facebook.com/dealnews
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/125457
Title:

Search URL Search Domain Scan URL

URL: http://www.twitter.com/DealNews
Title:

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/pages/rss.html
Title:

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/brands/
Title: Popular Brands

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/complaints.html
Title: Store Complaints

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/features/marketplace/
Title: Marketplace Expertise

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/sweepstakes-winners.html
Title: Sweepstakes Winners

Search URL Search Domain Scan URL

URL: https://www.dealnews.com/newsletter/select_landing_category_select.html
Title: Check Them Out

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://hubedib.page.link/XGHQcZjb8HicGHZY9?1671199759fscjyavtgCrowd4226https://hubedib.page.link/XGHQcZjb8HicGHZY9?1671199759fscjyavtgCrowd4226 HTTP 302
https://newerafin.site/LMD1Nns6 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 102

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnewerafin.site%2F&domain=newerafin.site&cw=1&pbt=1 HTTP 302
https://mug.criteo.com/sid?cpp=8jAA53w5MXZEZ2tEZEUvanlaRWpzU3ZCZTFvdGpQNzdMUldqK1NuZFc0ZjRvZ3Z2aWNxbVVSbEROL29YUXovb2p1V3NVb0FqalJQQUJKYldnTUdUZFpBNk1NanFydlZJc3M2NXZrRGg1Z2dmbFFrZFNhQWFlbFBNcXhlN0lETTNlWFN4WWZjaDBqMzNveTNhRGhYWkxJdWpoNGFIc0Z5WGNoc2dEa1B1cGNrZnlLNHErbUw2bTU5L1M1K0xSYjlsY2ZjZHhXT2NZeG1Bc3Z3UmFvTFdYWmhKZkw3YkJUR3RBMSttTW92WnFpRHRWTHAvL2hORXZoWFNtRWE0VDFZYmhGeElpUmlzcXZkUVZOMHhqY0hiVHpVTmhGZz09fA&cppv=2

Request Chain 139

https://ssum-sec.casalemedia.com/usermatch?d=https://newerafin.site/LMD1Nns6&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https://newerafin.site/LMD1Nns6&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 145

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 147

https://gum.criteo.com/sid/json?origin=publishertag&domain=newerafin.site&sn=ChromeSyncframe&so=0&topUrl=newerafin.site&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=3qV4Tnx1SVBXOFlubHdSTmNkQVdUbEJEQTlBMUp2MHpEVTJLbTVkUG40REE0YVFJdmNpTXZzVU1HeHpldEpoN2w0MWVCa1JhNHlDWnp5MWE3cGRpbVVuK245QlRIWFp6M2hEUXcreEtrYVhsVEpsaXZ0MGw4MElnb2dGL1VxSnV4Z3ZLMUt1ZDRRbmNIeStYTmMzWVEzRDBZMHlZNjg0NUp4NUIrdlhCbXRML0RDYmJvdm04QllyZEd0eXZ1SThGQXV6cmZWQm5idnBiSUpjZWxFYWNIK2tPZklJd05mTjgwOEF3WHlLRmRKSmRtZUIyWnBacVg3S2xnVm81aVNYRkhsR1hXUmpMbjRZL2pnSk53LzAwdnBCMnlRZz09fA&cppv=2

Request Chain 238

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YQmYIr7iY892oK9shdmiDAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEA00ijU-DVRSLRQsT9wRQk8&google_cver=1

Request Chain 239

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YQmYIr7iY892oK9shdmiDAAABGYAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YQmYIr7iY892oK9shdmiDAAABGYAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEI678CzS7ot3kGRawPdUtio&google_cver=1

Request Chain 240

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQmYIr7iY892oK9shdmiDAAABGYAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQmYIr7iY892oK9shdmiDAAABGYAAAAB&dcc=t

Request Chain 242

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1628105122&gdpr=1

Request Chain 243

https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1871878972114959344

Request Chain 244

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=A3BBBB9FCFC747A28AA969B774D8E59A&gdpr=1

Request Chain 245

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6813051221618811650&uid=Q6813051221618811650&ref=%2Feucm%2Fp%2Fcc HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 247

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

Request Chain 261

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=674700d8-56f8-4e0c-aecf-b9c3ebe8f945&gdpr=1 HTTP 302
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=674700d8-56f8-4e0c-aecf-b9c3ebe8f945&gdpr=1

Request Chain 266

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ea5f6109-9823-4400-9ad3-d09bbcc6fe56

Request Chain 267

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=wyd2k8wudJnYL3eazCdrmcYjIJ_YInHJxiEWwC0h

Request Chain 268

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1201678070558370457

Request Chain 271

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGnkzFNxMgwWZT1SR27fB9E&google_cver=1

Request Chain 276

https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4287039048429367725

Request Chain 277

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=O8Gyognw1Mb02v5&gdpr=1

Request Chain 278

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=235f6109-9823-4500-8a83-53beecba4311&gdpr=1&gdpr_consent=

Request Chain 279

https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YQmYIr7iY892oK9shdmiDAAA%261126?gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YQmYIr7iY892oK9shdmiDAAA%261126?gdpr_consent=&us_privacy=&gdpr=1

Request Chain 283

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 284

https://newerafin.site/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP 302
https://google.com/

279 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set LMD1Nns6 Show response
newerafin.site/
Redirect Chain

https://hubedib.page.link/XGHQcZjb8HicGHZY9?1671199759fscjyavtgCrowd4226https://hubedib.page.link/XGHQcZjb8HicGHZY9?1671199759fscjyavtgCrowd4226
https://newerafin.site/LMD1Nns6

844 KB
157 KB

508ms
333ms

Document
text/html

179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: ad13fc021010340fc13f5319866836c9e12594f0f023c33a29884b4f607bbf26

Request headers

Host: newerafin.site
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Tue, 03 Aug 2021 19:25:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Content-Encoding: gzip
Expires: 0
Last-Modified: Tue, 03 Aug 2021 19:25:19 GMT
Pragma: no-cache
Set-Cookie: _subid=1dq3f8j1237;Expires=Friday, 03-Sep-2021 19:25:19 GMT;Max-Age=2678400;Path=/ 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg;Expires=Tuesday, 07-Mar-2073 14:50:38 GMT;Max-Age=1628105119;Path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

Redirect headers

content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 03 Aug 2021 19:25:19 GMT
location: https://newerafin.site/LMD1Nns6
cross-origin-opener-policy: unsafe-none
content-security-policy: require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport script-src 'report-sample' 'nonce-TvQcIWFSLkZBtLlmIz5cJA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self' script-src 'nonce-TvQcIWFSLkZBtLlmIz5cJA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport
cross-origin-resource-policy: same-site
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK publishertag.prebid.js Show response
newerafin.site/lander/white5_1627283170/ 83 KB
24 KB 289ms
68ms Script
application/javascript 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/publishertag.prebid.js
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: 13be237d90d8262c74ae3985b06982b1b1c3d3c003b7ff093518e4bf944e9fd1

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: W/"60fe5f45-14aab"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Fri, 13 Aug 2021 19:25:19 GMT

GET
H/1.1 200
OK osd.js Show response
newerafin.site/lander/white5_1627283170/ 73 KB
28 KB 198ms
86ms Script
application/javascript 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/osd.js
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: 5073fab4fddb9f037315ac9c663dce6681b03976250cab681638dfe17475466f

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: W/"60fe5f45-12393"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Fri, 13 Aug 2021 19:25:19 GMT

GET
H/1.1 200
OK sdk.js Show response
newerafin.site/lander/white5_1627283170/ 232 KB
68 KB 67ms
67ms Script
application/javascript 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/sdk.js
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: d6b499335edc1ecb50766973ae4f75a30ed2b4aaa9dcebafc48f91752e4b0f9c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:20 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: W/"60fe5f45-3a14d"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Fri, 13 Aug 2021 19:25:20 GMT

GET
H/1.1 200
OK bat.js Show response
newerafin.site/lander/white5_1627283170/ 30 KB
9 KB 60ms
60ms Script
application/javascript 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/bat.js
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: 6e9e8d16e703a71a0020912bb5435e8af2e5b41bbd4661905471f84dfb52e1d3

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:20 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: W/"60fe5f45-7736"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Fri, 13 Aug 2021 19:25:20 GMT

GET
H/1.1 200
OK f.txt Show response
newerafin.site/lander/white5_1627283170/ 36 KB
14 KB 63ms
62ms Script
text/plain 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/f.txt
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: cbf1281dcf2b64d28c0cc90b38935f2ddc21bffa93fdc00f8423007a8ff2b687

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:20 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: W/"60fe5f45-8ea1"
Transfer-Encoding: chunked
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Fri, 13 Aug 2021 19:25:20 GMT

GET
H/1.1 200
OK cb=gapi.loaded_0 Show response
newerafin.site/lander/white5_1627283170/ 103 KB
103 KB 65ms
62ms Script
application/octet-stream 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://newerafin.site/lander/white5_1627283170/cb=gapi.loaded_0

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

Software

nginx /

Resource Hash

9521f4fdae08590c448b2bc06153040ac41264ca6686c790c00e4e5c41e8e008

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:20 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-19bb0"
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 105392

GET
H/1.1 200
OK slider.js Show response
newerafin.site/lander/white5_1627283170/ 227 KB
59 KB 68ms
67ms Script
application/javascript 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/slider.js
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: 35e0bec81e1ce6b281ef99613532fd7aaed6e52ed6a618e446a021a379d337ba

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:20 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: W/"60fe5f45-38ada"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Fri, 13 Aug 2021 19:25:20 GMT

GET
H/1.1 200
OK 589xd066238.js Show response
newerafin.site/lander/white5_1627283170/ 5 KB
2 KB 57ms
57ms Script
application/javascript 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/589xd066238.js
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: a586732e33eaf1f7580044488d6a2370885c9221b2f532999bef43b4f7c67442

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:20 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: W/"60fe5f45-1386"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Fri, 13 Aug 2021 19:25:20 GMT

GET
H/1.1 200
OK analytics.js Show response
newerafin.site/lander/white5_1627283170/ 48 KB
20 KB 62ms
59ms Script
application/javascript 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/analytics.js
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: 73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:20 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: W/"60fe5f45-c0e1"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Fri, 13 Aug 2021 19:25:20 GMT

GET
H/1.1 200
OK gtm.js Show response
newerafin.site/lander/white5_1627283170/ 170 KB
57 KB 75ms
75ms Script
application/javascript 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/gtm.js
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: 18e92e82b3017a304e06ca8f11fdd4febdcae8a45e478cc1b9129fb6e6a79ced

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:20 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: W/"60fe5f45-2a7b8"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Fri, 13 Aug 2021 19:25:20 GMT

GET ns_vmtag.js
scrapbook:download:error:https://ps.ns-cdn.com/dsatserving2/scripts/ 0
0

GET
H/1.1 200
OK widgets.js Show response
newerafin.site/lander/white5_1627283170/ 95 KB
28 KB 203ms
93ms Script
application/javascript 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/widgets.js
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: W/"60fe5f45-17c4e"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Fri, 13 Aug 2021 19:25:19 GMT

GET
H/1.1 200
OK platform.js Show response
newerafin.site/lander/white5_1627283170/ 54 KB
21 KB 214ms
104ms Script
application/javascript 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/platform.js
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: 0e8d576c5bad45e091da77e1c8d1da278eb7b5ecf5835cffab2631c795713f98

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: W/"60fe5f45-d936"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Fri, 13 Aug 2021 19:25:19 GMT

GET
H/1.1 200
OK sdk-1.js Show response
newerafin.site/lander/white5_1627283170/ 3 KB
3 KB 168ms
56ms Script
application/javascript 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/sdk-1.js
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: 853a28d5d36e72ab545857f5add4f57a5491bf0f63c18aac75d7009e50779424

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:19 GMT
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-c19"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3097
Expires: Fri, 13 Aug 2021 19:25:19 GMT

GET
H/1.1 200
OK client.js Show response
newerafin.site/lander/white5_1627283170/ 181 KB
72 KB 216ms
102ms Script
application/javascript 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/client.js
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: c90e6958ef2a90b5d60d5fcc5c7e013cc91a8780cc51b8f0a32d8094976fb858

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: W/"60fe5f45-2d528"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Fri, 13 Aug 2021 19:25:19 GMT

GET
H/1.1 404
Not Found session.php
newerafin.site/lander/white5_1627283170/ 0
0 57ms
56ms Script
text/html 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/session.php
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:20 GMT
Server: nginx
Connection: keep-alive
Content-Length: 548
Content-Type: text/html

GET
H/1.1 200
OK gpt.js Show response
newerafin.site/lander/white5_1627283170/ 68 KB
24 KB 68ms
68ms Script
application/javascript 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/gpt.js
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: 8ead66c45570261db495ce9eacdaf7fe533a186ca644bd51e920de146f4f865c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:20 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: W/"60fe5f45-111f0"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Fri, 13 Aug 2021 19:25:20 GMT

GET
H/1.1 200
OK apstag.js Show response
newerafin.site/lander/white5_1627283170/ 123 KB
33 KB 74ms
74ms Script
application/javascript 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/apstag.js
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: e7a1375f883984026b922acfbe7cbc0bd02effdbfbfdde9354922a6055502624

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:20 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: W/"60fe5f45-1ed38"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Fri, 13 Aug 2021 19:25:20 GMT

GET
H/1.1 200
OK dealnews.js Show response
newerafin.site/lander/white5_1627283170/ 3 KB
4 KB 55ms
54ms Script
application/javascript 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/dealnews.js
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: b4bbb009b98b639ba85e68f306d3bdb0ec213e68476d25be0fb9a94d4701ab42

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:20 GMT
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-cad"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3245
Expires: Fri, 13 Aug 2021 19:25:20 GMT

GET
H/1.1 200
OK dealnewscomDesktop_blog_feature_article.min.js Show response
newerafin.site/lander/white5_1627283170/ 304 KB
93 KB 201ms
91ms Script
application/javascript 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/dealnewscomDesktop_blog_feature_article.min.js
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: 7d22d9a3214e6aa558c9ee28eb620ded5ef6a7780b82f94ecb8298f84b0d88d7

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: W/"60fe5f45-4c147"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Fri, 13 Aug 2021 19:25:19 GMT

GET
H/1.1 200
OK grumi-ip.js Show response
newerafin.site/lander/white5_1627283170/ 11 KB
5 KB 60ms
59ms Script
application/javascript 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/grumi-ip.js
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: 4dc4abcd99f7976c1a0938575631974c55fa42bf76681e84ca56aeea3180966e

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:20 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: W/"60fe5f45-2df3"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Fri, 13 Aug 2021 19:25:20 GMT

GET
H/1.1 200
OK 5f0dcacb5440c8001264fa6f.js Show response
newerafin.site/lander/white5_1627283170/ 90 KB
19 KB 61ms
61ms Script
application/javascript 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/5f0dcacb5440c8001264fa6f.js
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: 152077b426e3db30e0077655edecd70593f2534292fb8a11a80014257ba0f505

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:20 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: W/"60fe5f45-16895"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Fri, 13 Aug 2021 19:25:20 GMT

GET
H/1.1 200
OK style.css
newerafin.site/lander/white5_1627283170/ 805 B
1 KB 107ms
53ms Stylesheet
text/css 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/style.css
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: 7dbdf39296ea9ea5fca372a71838e9d9fdfebd21758347de2d16bd03295f6294

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:19 GMT
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-325"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 805
Expires: Fri, 13 Aug 2021 19:25:19 GMT

GET
H/1.1 200
OK f-1.txt Show response
newerafin.site/lander/white5_1627283170/ 2 KB
3 KB 170ms
57ms Script
text/plain 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/f-1.txt
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: c2e13a51bdb21ed01f75bbfb452cce3e77def97d4f95ac1e2161f2b060fa6453

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:19 GMT
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-8e0"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2272
Expires: Fri, 13 Aug 2021 19:25:19 GMT

GET
H/1.1 200
OK 36002962.js Show response
newerafin.site/lander/white5_1627283170/ 0
343 B 61ms
61ms Script
application/javascript 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/36002962.js
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:20 GMT
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-0"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0
Expires: Fri, 13 Aug 2021 19:25:20 GMT

GET
H/1.1 200
OK pubads_impl_2021071401.js Show response
newerafin.site/lander/white5_1627283170/ 329 KB
114 KB 80ms
79ms Script
application/javascript 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/pubads_impl_2021071401.js
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: 65506c87a4e71875a107df7ca37f45ccfd40688cf8e01f65c7e71792dbd6818c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:20 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: W/"60fe5f45-52345"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Fri, 13 Aug 2021 19:25:20 GMT

GET
H/1.1 200
OK f.txt-1.js Show response
newerafin.site/lander/white5_1627283170/ 107 B
453 B 200ms
52ms Script
application/javascript 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/f.txt-1.js
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:19 GMT
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-6b"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 107
Expires: Fri, 13 Aug 2021 19:25:19 GMT

GET
H/1.1 200
OK f.txt.js Show response
newerafin.site/lander/white5_1627283170/ 107 B
453 B 208ms
52ms Script
application/javascript 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/f.txt.js
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:19 GMT
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-6b"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 107
Expires: Fri, 13 Aug 2021 19:25:19 GMT

GET
H/1.1 200
OK dn-logo-white-web-2.png
newerafin.site/lander/white5_1627283170/ 981 B
1 KB 55ms
54ms Image
image/png 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newerafin.site/lander/white5_1627283170/dn-logo-white-web-2.png
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: 06a8ac62f1f1eb0935471679b9fd58e360ff81ace219f1c3c651fb535dd83cc3

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:20 GMT
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-3d5"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 981
Expires: Fri, 13 Aug 2021 19:25:20 GMT

GET
H/1.1 200
OK google_icon.svg
newerafin.site/lander/white5_1627283170/ 833 B
1 KB 59ms
58ms Image
image/svg+xml 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newerafin.site/lander/white5_1627283170/google_icon.svg
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: b163ccffc514a5d86b836108c2dfa2ae84c71b1af820257d78e048bb384f4ac1

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:20 GMT
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-341"
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 833
Expires: Fri, 13 Aug 2021 19:25:20 GMT

GET
H/1.1 200
OK facebook_icon_white.svg
newerafin.site/lander/white5_1627283170/ 463 B
801 B 54ms
53ms Image
image/svg+xml 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newerafin.site/lander/white5_1627283170/facebook_icon_white.svg
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: 03558a79f6d34c406c21c9c3c7807e3485e07d94a416bc8a630ad1f79e6b766f

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:20 GMT
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-1cf"
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 463
Expires: Fri, 13 Aug 2021 19:25:20 GMT

GET
H/1.1 200
OK Julie-Circle.png
newerafin.site/lander/white5_1627283170/ 10 KB
10 KB 66ms
65ms Image
image/png 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newerafin.site/lander/white5_1627283170/Julie-Circle.png
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: 9218acbcc40b9977b87e70230da08a1b766af4896013a1cc23ebb412619f195f

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:20 GMT
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-2821"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10273
Expires: Fri, 13 Aug 2021 19:25:20 GMT

GET
H/1.1 200
OK eBay%20Inc.%20Headquarters.jpg
newerafin.site/lander/white5_1627283170/ 149 KB
149 KB 62ms
61ms Image
image/jpeg 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newerafin.site/lander/white5_1627283170/eBay%20Inc.%20Headquarters.jpg
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: b095c6cc218a87dcfdf6b99a5bf4e7f7524ea3baa99ee1118a58b1765657e73a

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:20 GMT
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-2521d"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 152093
Expires: Fri, 13 Aug 2021 19:25:20 GMT

GET
H/1.1 200
OK eBay_on_iPad.jpg
newerafin.site/lander/white5_1627283170/ 39 KB
40 KB 67ms
65ms Image
image/jpeg 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newerafin.site/lander/white5_1627283170/eBay_on_iPad.jpg
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: 6f2f17b5d56eaa4353b90b4607714ee18c1a23eaa1fee61715ad21ed64f8c685

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:20 GMT
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-9cdb"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 40155
Expires: Fri, 13 Aug 2021 19:25:20 GMT

GET
H/1.1 200
OK Young%20man%20cheering%20at%20smartphone.jpg
newerafin.site/lander/white5_1627283170/ 35 KB
35 KB 59ms
57ms Image
image/jpeg 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newerafin.site/lander/white5_1627283170/Young%20man%20cheering%20at%20smartphone.jpg
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: bc4a808da0636c4f331711cbbe00a655cad5d357171d2329564eacb18a84e4e1

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:20 GMT
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-8c31"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35889
Expires: Fri, 13 Aug 2021 19:25:20 GMT

GET
H/1.1 200
OK Julie-Circle-1.png
newerafin.site/lander/white5_1627283170/ 34 KB
34 KB 61ms
59ms Image
image/png 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newerafin.site/lander/white5_1627283170/Julie-Circle-1.png
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: 5ceebdc539529efd2fca06540c4ed613a67796c4d96ecbd81c2f542f832e4f4a

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:20 GMT
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-888b"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34955
Expires: Fri, 13 Aug 2021 19:25:20 GMT

GET
H/1.1 200
OK user_avatar_100.png
newerafin.site/lander/white5_1627283170/ 2 KB
2 KB 77ms
58ms Image
image/png 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newerafin.site/lander/white5_1627283170/user_avatar_100.png
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: 3e194684c8e9b713e55b563aa486bd261b7ae694c9a5704a527e9278e290edb1

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:20 GMT
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-624"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1572
Expires: Fri, 13 Aug 2021 19:25:20 GMT

GET
H/1.1 200
OK js.js Show response
newerafin.site/lander/white5_1627283170/ 95 KB
37 KB 70ms
69ms Script
application/javascript 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/js.js
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: 32b5733f4996a52e83a26b10397c44b39afd7ff7f121542d93485b0adf7c1722

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:20 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: W/"60fe5f45-17b50"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Fri, 13 Aug 2021 19:25:20 GMT

GET
H/1.1 200
OK 0
newerafin.site/lander/white5_1627283170/ 0
275 B 66ms
55ms Image
application/octet-stream 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newerafin.site/lander/white5_1627283170/0

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:20 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-0"
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 232 KB
68 KB 69ms
21ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=86dc9c616a60e44b4ad2d7a5586ea721

Requested by

Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/sdk-1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

78f269d8a3277a3f2371610ca27c85d02594a6064705a4d6ac34dd81da15b568

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://newerafin.site
Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: cjqx7tYAEanf42fbgNQRpA==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 69060
x-fb-rlafr: 0
x-fb-debug: ixbAEEviHIP6tQl5LMINxoBWUR9JJ9Aecvnf9l1ksqqi77rTqg692BU18Da13hdpbanWs7hEv1pFHvlp8wSIRw==
x-fb-trip-id: 720026100
x-fb-content-md5: 1d8b489515689477ea10b8c5dc37d217
x-frame-options: DENY
date: Tue, 03 Aug 2021 19:25:20 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "dff89928eabb0890b9d9825088413c1d"
timing-allow-origin: *
expires: Tue, 26 Jul 2022 05:32:13 GMT

GET
H/1.1 200
OK dealnews.js Show response
dealnews.a.ssl.fastly.net/files/dealnews-js/1.12.4/ 3 KB
2 KB 388ms
278ms Script
application/javascript 199.232.192.249
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://dealnews.a.ssl.fastly.net/files/dealnews-js/1.12.4/dealnews.js
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.192.249 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b4bbb009b98b639ba85e68f306d3bdb0ec213e68476d25be0fb9a94d4701ab42

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:20 GMT
Content-Encoding: gzip
Age: 0
X-Cache: MISS
Connection: keep-alive
Content-Length: 1259
x-amz-id-2: EwHeYPV4cHYcwRo/ZeAtRQEud00MGbg1PPytbQrtm9tIimwemRt3IlzMT9+6tdnYRDaambyEeEs=
X-Served-By: cache-hhn4058-HHN
Last-Modified: Mon, 14 Jun 2021 16:22:47 GMT
Server: AmazonS3
ETag: "7526a10de12107aae5272f8b0c33433c"
Vary: Accept-Encoding
x-amz-request-id: QDAW3KSVBHEPC7GY
Via: 1.1 varnish
Cache-Control: max-age=
Accept-Ranges: bytes
Content-Type: application/javascript
X-Cache-Hits: 0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 83 KB
27 KB 95ms
40ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 13be237d90d8262c74ae3985b06982b1b1c3d3c003b7ff093518e4bf944e9fd1

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 19:25:20 GMT
content-encoding: gzip
last-modified: Mon, 12 Jul 2021 10:59:58 GMT
server: nginx
etag: W/"60ec20ae-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 04 Aug 2021 19:25:20 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 123 KB
33 KB 171ms
63ms Script
application/javascript 13.224.90.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/dealnewscomDesktop_blog_feature_article.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-90-44.zrh50.r.cloudfront.net
Software: Server /
Resource Hash: e7a1375f883984026b922acfbe7cbc0bd02effdbfbfdde9354922a6055502624

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cdBhoWYDE8U.miXtMaq72_QdUztpgDZw
content-encoding: gzip
server: Server
age: 135
etag: f8520ea4ebd91256d6b4f461d472242a
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e6b325a976b10aa826ec63757afbdedb.cloudfront.net (CloudFront)
cache-control: public, max-age=900
date: Tue, 03 Aug 2021 19:23:05 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: yjpvG5tZ88QyzdauAOdxScBXjGo3SqQWUsGXvWuA_ZJOHVT7OgP5Pw==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 70 KB
24 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41184af56782217691e15b72f5672b6c7a6f45af7da021005759d8ff37a47719

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 19:25:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "948 / 798 of 1000 / last-modified: 1627988914"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24729
x-xss-protection: 0
expires: Tue, 03 Aug 2021 19:25:20 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/613657585/ 42 B
108 B 17ms
16ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/613657585/?random=1627282725280&cv=9&fst=1627279200000&num=1&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=11&u_tz=180&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7l1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.dealnews.com%2Ffeatures%2FeBay%2Fhow-to-buy%2F&tiba=How%20to%20Buy%20on%20eBay&async=1&fmt=3&is_vtc=1&random=2438441721&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 19:25:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ru/pagead/1p-user-list/613657585/ 42 B
569 B 43ms
18ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ru/pagead/1p-user-list/613657585/?random=1627282725280&cv=9&fst=1627279200000&num=1&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=11&u_tz=180&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7l1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.dealnews.com%2Ffeatures%2FeBay%2Fhow-to-buy%2F&tiba=How%20to%20Buy%20on%20eBay&async=1&fmt=3&is_vtc=1&random=2438441721&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 19:25:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 400 session.php
www.dealnews.com/lw/ 0
0 259ms
156ms Script
text/html 151.101.14.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dealnews.com/lw/session.php?ts=2889255903840484&p=2&u=https%3A%2F%2Fnewerafin.site%2FLMD1Nns6&l=atl&d=DESKTOP&n=Feature%3A%20%5B2212735%5D%3A%20How%20to%20Buy%20on%20eBay&g=Feature%20Page&r=&t=FEATURE_ARTICLE&i=2212735&a=2212735&w=1600&h=1200
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 5f0dcacb5440c8001264fa6f Show response
api.pushnami.com/scripts/v1/pushnami-adv/ 90 KB
19 KB 262ms
126ms Script
application/javascript 13.32.123.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5f0dcacb5440c8001264fa6f
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.123.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-123-85.hel50.r.cloudfront.net
Software: /
Resource Hash: 152077b426e3db30e0077655edecd70593f2534292fb8a11a80014257ba0f505

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 19:15:57 GMT
via: 1.1 209eb3c6f1b9e1174696d24afc301619.cloudfront.net (CloudFront)
age: 563
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: no-cache
x-amz-cf-pop: HEL50-C2
content-encoding: gzip
x-amz-cf-id: YnfpmUGTACtQgE1eWmZAjQrQrZn2gU1OygEdpLJotS7yNfGPY2t8Ag==

GET
H/1.1 200
OK google_icon.svg
c.dlnws.com/image/upload/v1568828759/creative/icons/ 833 B
2 KB 206ms
50ms Image
image/svg+xml 151.101.13.95
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.dlnws.com/image/upload/v1568828759/creative/icons/google_icon.svg
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.95 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: b163ccffc514a5d86b836108c2dfa2ae84c71b1af820257d78e048bb384f4ac1

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:20 GMT
Via: 1.1 varnish
Age: 488281
Edge-Cache-Tag: 170326365378043225325708294669163328194,61a8d6e101361542271c7d2de6c10548
Content-Disposition: attachment; filename="google_icon.svg"
Connection: keep-alive
Content-Length: 833
X-Served-By: cache-fra19169-FRA
X-Cache: HIT
Last-Modified: Wed, 18 Sep 2019 17:46:01 GMT
Server: cloudinary
X-Timer: S1628018720.304378,VS0,VE1
Etag: "780db3ae8cb057382ca45805f832c0ab"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 1

GET
H/1.1 200
OK facebook_icon_white.svg
c.dlnws.com/image/upload/v1569600470/creative/icons/ 463 B
1 KB 199ms
50ms Image
image/svg+xml 151.101.13.95
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.dlnws.com/image/upload/v1569600470/creative/icons/facebook_icon_white.svg
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.95 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 03558a79f6d34c406c21c9c3c7807e3485e07d94a416bc8a630ad1f79e6b766f

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:20 GMT
Via: 1.1 varnish
Age: 1100177
Edge-Cache-Tag: 109077654884003298465842748263680756279,61a8d6e101361542271c7d2de6c10548
Content-Disposition: attachment; filename="facebook_icon_white.svg"
Connection: keep-alive
Content-Length: 463
X-Served-By: cache-fra19145-FRA
X-Cache: HIT
Last-Modified: Fri, 27 Sep 2019 16:07:52 GMT
Server: cloudinary
X-Timer: S1628018720.304295,VS0,VE1
Etag: "17ec5c0c5eac4015d4a5433768a37074"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 1

GET
H/1.1 200
OK map_20180222.svg
newerafin.site/lander/white5_1627283170/ 16 KB
16 KB 55ms
55ms Image
image/svg+xml 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newerafin.site/lander/white5_1627283170/map_20180222.svg
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: 30458c50c79be7e1c20b30412c295f8bc0682d4b1f16667d570ca93aee2fb550

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:20 GMT
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-3f23"
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16163
Expires: Fri, 13 Aug 2021 19:25:20 GMT

GET
H/1.1 200
OK 06db651cdf354c64a7383ea9c77024ef4fb4cef8.woff
newerafin.site/lander/white5_1627283170/ 15 KB
15 KB 61ms
58ms Font
font/woff 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/06db651cdf354c64a7383ea9c77024ef4fb4cef8.woff
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://newerafin.site
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Origin: https://newerafin.site
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:20 GMT
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-3bf0"
Content-Type: font/woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15344
Expires: Fri, 13 Aug 2021 19:25:20 GMT

GET
H/1.1 200
OK newuserlb_close.png
newerafin.site/lander/white5_1627283170/ 644 B
978 B 79ms
58ms Image
image/png 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newerafin.site/lander/white5_1627283170/newuserlb_close.png
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: a0a0137eab139b6a47e43ce907a0552975fc9b69aff3335779ef178f653bd70f

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:20 GMT
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-284"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 644
Expires: Fri, 13 Aug 2021 19:25:20 GMT

GET
H/1.1 200
OK roboto-v18-latin-500.woff2
newerafin.site/lander/white5_1627283170/ 15 KB
16 KB 65ms
55ms Font
font/woff2 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/roboto-v18-latin-500.woff2
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://newerafin.site
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Origin: https://newerafin.site
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:20 GMT
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-3cc0"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15552
Expires: Fri, 13 Aug 2021 19:25:20 GMT

GET
H/1.1 200
OK 619389190b3cafafb5db94113990350acc8a0278.woff
newerafin.site/lander/white5_1627283170/ 15 KB
15 KB 69ms
55ms Font
font/woff 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/619389190b3cafafb5db94113990350acc8a0278.woff
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: 1d5b7c64458f4af91dcfee0354be47adde1f739b5aded03a7ab6068a1bb6ca97

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://newerafin.site
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Origin: https://newerafin.site
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:20 GMT
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-3c4c"
Content-Type: font/woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15436
Expires: Fri, 13 Aug 2021 19:25:20 GMT

GET
H/1.1 200
OK roboto-v18-latin-300.woff2
newerafin.site/lander/white5_1627283170/ 15 KB
15 KB 80ms
63ms Font
font/woff2 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/roboto-v18-latin-300.woff2
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: eca8ffa764a66cd084800e2e71c4176ef089ebd805515664a6cb8d4fb3b598bf

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://newerafin.site
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Origin: https://newerafin.site
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:20 GMT
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-3c50"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15440
Expires: Fri, 13 Aug 2021 19:25:20 GMT

GET
H/1.1 200
OK index_9.html Show response
newerafin.site/lander/white5_1627283170/ Frame F32A 63 KB
30 KB 97ms
65ms Document
text/html 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://newerafin.site/lander/white5_1627283170/index_9.html

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

Software

nginx /

Resource Hash

0b12397b5b55a7412531b1086b5bcbb520927f6797bc941e0ff126d0a6f5949f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Host: newerafin.site
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://newerafin.site/LMD1Nns6
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newerafin.site/LMD1Nns6

Response headers

Server: nginx
Date: Tue, 03 Aug 2021 19:25:20 GMT
Content-Type: text/html
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"60fe5f45-fd60"
X-Content-Type-Options: nosniff
Content-Encoding: gzip

GET
H2 200 pubads_impl_2021072901.js Show response
securepubads.g.doubleclick.net/gpt/ 325 KB
114 KB 183ms
59ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

93a5aff7973bd2b1639e0499d27018a88782692ddb340169b27fac0d37dc6a66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 19:25:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Jul 2021 08:44:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116135
x-xss-protection: 0
expires: Tue, 03 Aug 2021 19:25:20 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 33 B
706 B 168ms
51ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=newerafin.site

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

6524bc72514bb645f1ec5b38c1e6289dd781e2c48a7f79b23ff3f331b982682a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 19:25:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49
x-xss-protection: 0
expires: Tue, 03 Aug 2021 19:25:20 GMT

GET
H/1.1 200
OK roboto-v18-latin-700italic.woff2
newerafin.site/lander/white5_1627283170/ 16 KB
17 KB 55ms
55ms Font
font/woff2 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/roboto-v18-latin-700italic.woff2
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: 756f65bc72ad18ac281e8ef320de3347f26d402701aeb8f659f33ffb8f036ccb

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://newerafin.site
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Origin: https://newerafin.site
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:20 GMT
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-40bc"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16572
Expires: Fri, 13 Aug 2021 19:25:20 GMT

GET
H/1.1 200
OK roboto-v18-latin-500italic.woff2
newerafin.site/lander/white5_1627283170/ 17 KB
17 KB 58ms
57ms Font
font/woff2 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/roboto-v18-latin-500italic.woff2
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: a44484ecc8b7aa5da1603d6a7256d3eea3c5c8e5c6f50bcdb220b303e4b2010a

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://newerafin.site
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Origin: https://newerafin.site
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:20 GMT
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-422c"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16940
Expires: Fri, 13 Aug 2021 19:25:20 GMT

GET
H/1.1 200
OK roboto-v18-latin-300italic.woff2
newerafin.site/lander/white5_1627283170/ 17 KB
17 KB 60ms
59ms Font
font/woff2 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/roboto-v18-latin-300italic.woff2
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: f35f6616aa2148b09cbdefd3aec6d3d3e94b83327346ef0d5cdac2e3b6537526

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://newerafin.site
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Origin: https://newerafin.site
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:20 GMT
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-42e4"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17124
Expires: Fri, 13 Aug 2021 19:25:20 GMT

GET
H/1.1 200
OK gzjmmqqp8l2lvezsfm9s.png.jpeg
newerafin.site/lander/white5_1627283170/ 5 KB
6 KB 60ms
57ms Image
image/jpeg 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newerafin.site/lander/white5_1627283170/gzjmmqqp8l2lvezsfm9s.png.jpeg
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: 8fe20551d6fbafaa6953cef0694c27ab9e381d137b530467c99b4cea674f08b6

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:20 GMT
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-1567"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5479
Expires: Fri, 13 Aug 2021 19:25:20 GMT

GET
H/1.1 200
OK gn4x06rv5admhvnjmqcj.png.jpeg
newerafin.site/lander/white5_1627283170/ 13 KB
14 KB 58ms
55ms Image
image/jpeg 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newerafin.site/lander/white5_1627283170/gn4x06rv5admhvnjmqcj.png.jpeg
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: 01559f57641df820b03be9dcb3d02dd95bdc0317715bbd280fd8a7b57ac4b2ff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:20 GMT
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-353e"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13630
Expires: Fri, 13 Aug 2021 19:25:20 GMT

GET
H/1.1 200
OK s5xk2olfpzgbmrhd1a0p.jpg
newerafin.site/lander/white5_1627283170/ 15 KB
15 KB 58ms
56ms Image
image/jpeg 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newerafin.site/lander/white5_1627283170/s5xk2olfpzgbmrhd1a0p.jpg
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: 6ebd701bf3040d7db200cdb8bc5e9687fb3ebddd73212261f33166579281a7ba

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:20 GMT
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-3a84"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14980
Expires: Fri, 13 Aug 2021 19:25:20 GMT

GET
H/1.1 200
OK uxh8j8qgdhxhjzeaw01t.jpg
newerafin.site/lander/white5_1627283170/ 22 KB
23 KB 65ms
62ms Image
image/jpeg 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newerafin.site/lander/white5_1627283170/uxh8j8qgdhxhjzeaw01t.jpg
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: 208585964835b9fb026ab6b094968be6cb37e9e8a8815e20ff1d45926f2db7d9

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:20 GMT
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-590d"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22797
Expires: Fri, 13 Aug 2021 19:25:20 GMT

GET
H/1.1 200
OK lvmjzzkungoquawxrpdr.jpg
newerafin.site/lander/white5_1627283170/ 9 KB
9 KB 58ms
56ms Image
image/jpeg 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newerafin.site/lander/white5_1627283170/lvmjzzkungoquawxrpdr.jpg
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: f5e848c7e4540313da4a87963317f576f042ab3b4c632d3a7443dc09fe27fd68

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:20 GMT
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-22c3"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8899
Expires: Fri, 13 Aug 2021 19:25:20 GMT

GET
H/1.1 200
OK cyqbbmmpg2no16swdlyr.jpg
newerafin.site/lander/white5_1627283170/ 5 KB
5 KB 61ms
59ms Image
image/jpeg 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newerafin.site/lander/white5_1627283170/cyqbbmmpg2no16swdlyr.jpg
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: 7697b75794dbcd4cc0a5a80fd74c57de9c03227d994f2ae9f0c75ee0f64e2d4a

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:20 GMT
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-1299"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4761
Expires: Fri, 13 Aug 2021 19:25:20 GMT

GET
H/1.1 200
OK cnnnmlvvmjyrm9tknga5.png
newerafin.site/lander/white5_1627283170/ 13 KB
13 KB 73ms
70ms Image
image/png 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newerafin.site/lander/white5_1627283170/cnnnmlvvmjyrm9tknga5.png
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: 724c4777740854820101c5820d2f5abd5d21d6497462b628d06c3ae6e7f40074

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:20 GMT
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-3361"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13153
Expires: Fri, 13 Aug 2021 19:25:20 GMT

GET
H/1.1 200
OK d3gotan3j5ngmo9gjppl.jpg
newerafin.site/lander/white5_1627283170/ 5 KB
6 KB 61ms
58ms Image
image/jpeg 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newerafin.site/lander/white5_1627283170/d3gotan3j5ngmo9gjppl.jpg
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: ca776816920a0faa88aa54be0deb5c0e39896233866f4104836eede8f257cb09

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:20 GMT
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-15ae"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5550
Expires: Fri, 13 Aug 2021 19:25:20 GMT

GET
H/1.1 200
OK jvvf3jvteukciynpmh2g.png
newerafin.site/lander/white5_1627283170/ 6 KB
6 KB 76ms
73ms Image
image/png 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newerafin.site/lander/white5_1627283170/jvvf3jvteukciynpmh2g.png
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: b4939310e41a8e4d893cb1553d9e5cf8e6ce56bab6ce3c27d38716938bd088b9

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:20 GMT
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-16c0"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5824
Expires: Fri, 13 Aug 2021 19:25:20 GMT

GET
H/1.1 200
OK ss5hilyq0doty3suetj2.png
newerafin.site/lander/white5_1627283170/ 4 KB
5 KB 115ms
53ms Image
image/png 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newerafin.site/lander/white5_1627283170/ss5hilyq0doty3suetj2.png
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: 6769ec7a7f18db76ca106c0d5e8fa1e62009f77c854d0c20781f37e8236a4ac1

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:20 GMT
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-11d0"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4560
Expires: Fri, 13 Aug 2021 19:25:20 GMT

GET
H/1.1 200
OK index_1.html Show response
newerafin.site/lander/white5_1627283170/ Frame F07F 7 KB
4 KB 104ms
54ms Document
text/html 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://newerafin.site/lander/white5_1627283170/index_1.html

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

Software

nginx /

Resource Hash

0f71c18e596afe5b3d7ce830c059db258c02747c199c05f8b4dda15def85d553

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Host: newerafin.site
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://newerafin.site/LMD1Nns6
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newerafin.site/LMD1Nns6

Response headers

Server: nginx
Date: Tue, 03 Aug 2021 19:25:20 GMT
Content-Type: text/html
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"60fe5f45-1ba9"
X-Content-Type-Options: nosniff
Content-Encoding: gzip

GET
H/1.1 200
OK index_16.html Show response
newerafin.site/lander/white5_1627283170/ Frame 4117 215 KB
46 KB 120ms
71ms Document
text/html 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://newerafin.site/lander/white5_1627283170/index_16.html

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

Software

nginx /

Resource Hash

561d1d847a8222278229ac5ea23c4268d0a7570bf39f48eecfcb0dc53412c380

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Host: newerafin.site
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://newerafin.site/LMD1Nns6
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newerafin.site/LMD1Nns6

Response headers

Server: nginx
Date: Tue, 03 Aug 2021 19:25:20 GMT
Content-Type: text/html
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"60fe5f45-35c0c"
X-Content-Type-Options: nosniff
Content-Encoding: gzip

GET
H/1.1 200
OK index_2.html Show response
newerafin.site/lander/white5_1627283170/ Frame 696D 7 KB
4 KB 108ms
59ms Document
text/html 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://newerafin.site/lander/white5_1627283170/index_2.html

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

Software

nginx /

Resource Hash

b004662ad33746c24b0cc204d2011917a32c55760c2ec6186573ed54a76f99bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Host: newerafin.site
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://newerafin.site/LMD1Nns6
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newerafin.site/LMD1Nns6

Response headers

Server: nginx
Date: Tue, 03 Aug 2021 19:25:20 GMT
Content-Type: text/html
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"60fe5f45-1ba9"
X-Content-Type-Options: nosniff
Content-Encoding: gzip

GET
H/1.1 200
OK July-2021-Sweeps-General-Placement-png.png
newerafin.site/lander/white5_1627283170/ 17 KB
18 KB 105ms
60ms Image
image/png 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newerafin.site/lander/white5_1627283170/July-2021-Sweeps-General-Placement-png.png
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: b2ce8f0111469e10cddbc1316fc307acfd3245088b363f7e9d46496e0fabb054

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://newerafin.site/LMD1Nns6
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:20 GMT
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-45f7"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17911
Expires: Fri, 13 Aug 2021 19:25:20 GMT

GET ns_vmtag.js
ps.ns-cdn.com/dsatserving2/scripts/ 0
0

GET
H/1.1 200
OK index_3.html Show response
newerafin.site/lander/white5_1627283170/ Frame 8AAE 7 KB
4 KB 86ms
57ms Document
text/html 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://newerafin.site/lander/white5_1627283170/index_3.html

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

Software

nginx /

Resource Hash

ce17e3b628441f5b4d804cbf5c12b57456166492bbaa9395a7ad6b75d03a34ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Host: newerafin.site
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://newerafin.site/LMD1Nns6
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newerafin.site/LMD1Nns6

Response headers

Server: nginx
Date: Tue, 03 Aug 2021 19:25:20 GMT
Content-Type: text/html
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"60fe5f45-1ba9"
X-Content-Type-Options: nosniff
Content-Encoding: gzip

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
303 B 154ms
154ms XHR
text/plain 13.224.90.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fnewerafin.site%2FLMD1Nns6&pubid=6d0c7ea7-f036-437d-be93-21fc59c890c2
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-90-44.zrh50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 19:25:20 GMT
via: 1.1 e6b325a976b10aa826ec63757afbdedb.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: ZRH50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: https://newerafin.site
cache-control: max-age=86087, s-maxage=86400
access-control-allow-credentials: true
x-amz-cf-id: Ws8DqfnlPlON7XGVLJ3rIT8u0p3kmjRq43WY7-UFvDZonKyUqp7uow==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
371 B 158ms
158ms XHR
text/javascript 13.224.90.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnewerafin.site%2FLMD1Nns6&pid=BSbuk9bas26Wf&cb=0&ws=1600x1200&v=7.67.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22300x400%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F8095840%2F.2_A.37539.7_dealnews.com_tier1%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F8095840%2F.2_A.37540.4_dealnews.com_tier1%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F8095840%2F.2_A.37541.4_dealnews.com_tier1%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22%2F8095840%2F.2_A.37543.7_dealnews.com_tier1%22%7D%5D&cfgv=0&schain=1.0%2C1!pubgalaxy.com%2C3800%2C1%2C%2C%2C&pubid=6d0c7ea7-f036-437d-be93-21fc59c890c2&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-90-44.zrh50.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 19:25:20 GMT
via: 1.1 e6b325a976b10aa826ec63757afbdedb.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: ZRH50-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://newerafin.site
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 7JM2KzGTepsECwob-u0_f-RyvqBazwGO9NM-j9OQqwE64yUAOLjw-g==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 159ms
53ms XHR
application/javascript 13.224.90.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-90-44.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: UwMoja_wiYmXZ_L.v58hX8_8XzeYFzV9
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 19181
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 01 Jul 2021 22:05:10 GMT
server: AmazonS3
date: Tue, 03 Aug 2021 14:05:40 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: bNv1UrUwktmvlAa5GRZMYetcAd6fHVZtZjPvrC70gnwvZzwjrx3KvA==

POST
H/1.1 404
Not Found logger.php
newerafin.site/lw/ 548 B
696 B 57ms
57ms Ping
text/html 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lw/logger.php
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Sec-Fetch-Mode: no-cors
Origin: https://newerafin.site
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Sec-Fetch-Dest: empty
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg
Connection: keep-alive
Content-Length: 298
Pragma: no-cache
Host: newerafin.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Accept: */*
Cache-Control: no-cache
Referer: https://newerafin.site/LMD1Nns6
Sec-Fetch-Site: same-origin
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

Date: Tue, 03 Aug 2021 19:25:20 GMT
Server: nginx
Connection: keep-alive
Content-Length: 548
Content-Type: text/html

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 171 KB
58 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NLP4HVK

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

49704ac7390764e7919c42cebcdfe7834653da38e5c68ab9170ed4b3bdacc942

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 19:25:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59003
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 03 Aug 2021 19:25:20 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 699
date: Tue, 03 Aug 2021 19:13:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Tue, 03 Aug 2021 21:13:41 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 14ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=308077231&t=pageview&_s=1&dl=https%3A%2F%2Fnewerafin.site%2FLMD1Nns6&ul=en-us&de=UTF-8&dt=How%20to%20Buy%20on%20eBay&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAAABUAAAAC~&jid=963939300&gjid=1113135314&cid=306934076.1628018721&tid=UA-70020-1&_gid=1474232014.1628018721&_r=1&_slc=1&cd1=Feature%20Page&cd2=Feature%3A%20%5B2212735%5D%3A%20How%20to%20Buy%20on%20eBay&cd3=DESKTOP&cg1=Feature%20Page&cg2=Feature%3A%20%5B2212735%5D%3A%20How%20to%20Buy%20on%20eBay&z=598308896

Requested by

Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 19:25:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://newerafin.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 589xd066238.js Show response
tracker.marinsm.com/tracker/async/ 5 KB
2 KB 182ms
52ms Script
text/javascript 143.204.98.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.marinsm.com/tracker/async/589xd066238.js
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-9.fra50.r.cloudfront.net
Software: /
Resource Hash: a586732e33eaf1f7580044488d6a2370885c9221b2f532999bef43b4f7c67442

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 13:44:32 GMT
content-encoding: gzip
age: 20449
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA50-C1
x-marintrackerversion: 3
x-amz-cf-id: VOeHHtTHyLMJmjM3RB90ybeAdWzdDo7yzgAFoAQP_VNe15ZvXM-IkA==
expires: Tue, 03 Aug 2021 13:47:25 GMT

GET
H2 200 tp
tracker.marinsm.com/ 36 B
464 B 198ms
68ms Image
image/gif 143.204.98.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracker.marinsm.com/tp?act=1&cid=589xd066238&tz=-2&ref=&page=https%3A%2F%2Fnewerafin.site%2FLMD1Nns6&uuid=A96B704C-C778-4352-B559-97735251F17F&rnd=820587757
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-9.fra50.r.cloudfront.net
Software: /
Resource Hash: be4f754acf2dd33169add8976c1264f647470efdc993927040e23c4d310a835f

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 19:25:21 GMT
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-cache
x-marintrackerversion: 3
content-length: 36
x-amz-cf-id: 81SGxcspJfnQof4EyGo4TechOq7XsjVjWtl5TiVX-msS9zhDcotweA==

POST
H/1.1 404
Not Found ul.php
newerafin.site/lw/ 548 B
696 B 58ms
57ms Ping
text/html 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lw/ul.php
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Sec-Fetch-Mode: no-cors
Origin: https://newerafin.site
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Sec-Fetch-Dest: empty
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg; _ga=GA1.2.306934076.1628018721; _gid=GA1.2.1474232014.1628018721; _gat=1; _msuuid_589xd066238=A96B704C-C778-4352-B559-97735251F17F
Connection: keep-alive
Content-Length: 45
Pragma: no-cache
Host: newerafin.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Accept: */*
Cache-Control: no-cache
Referer: https://newerafin.site/LMD1Nns6
Sec-Fetch-Site: same-origin
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

Date: Tue, 03 Aug 2021 19:25:20 GMT
Server: nginx
Connection: keep-alive
Content-Length: 548
Content-Type: text/html

GET
H/1.1 200
OK index_6.html Show response
newerafin.site/lander/white5_1627283170/ Frame AAA1 526 B
790 B 63ms
62ms Document
text/html 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://newerafin.site/lander/white5_1627283170/index_6.html

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

Software

nginx /

Resource Hash

71e08572a5d417cb07e4efa2e38466a65da8b2b8e102c9db00c6adf70067bf98

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Host: newerafin.site
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://newerafin.site/LMD1Nns6
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg; _ga=GA1.2.306934076.1628018721; _gid=GA1.2.1474232014.1628018721; _gat=1; _msuuid_589xd066238=A96B704C-C778-4352-B559-97735251F17F
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newerafin.site/LMD1Nns6

Response headers

Server: nginx
Date: Tue, 03 Aug 2021 19:25:20 GMT
Content-Type: text/html
Content-Length: 526
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Connection: keep-alive
ETag: "60fe5f45-20e"
X-Content-Type-Options: nosniff
Accept-Ranges: bytes

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 56ms
55ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/js.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

8069956acb4c566506ff71f7a23c8e23f75ce9443384fe3393ed5c846924026e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 19:25:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13910
x-xss-protection: 0
server: cafe
etag: 8154934153164151798
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 19:25:20 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 30 KB
9 KB 32ms
30ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 19:25:20 GMT
content-encoding: gzip
last-modified: Wed, 28 Jul 2021 18:27:37 GMT
x-msedge-ref: Ref A: A6BE52AA1DD34F89812E703485628891 Ref B: FRAEDGE1518 Ref C: 2021-08-03T19:25:20Z
etag: "80f2963dde83d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 9024

GET
H/1.1 200
OK index_10.html Show response
newerafin.site/lander/white5_1627283170/ Frame 5761 6 KB
3 KB 58ms
56ms Document
text/html 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://newerafin.site/lander/white5_1627283170/index_10.html

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

Software

nginx /

Resource Hash

c827a86d0d89a5818e2997f0731ac13aa3fbf0147f9ea9dd1c7b0420854b9aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Host: newerafin.site
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://newerafin.site/LMD1Nns6
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg; _ga=GA1.2.306934076.1628018721; _gid=GA1.2.1474232014.1628018721; _gat=1; _msuuid_589xd066238=A96B704C-C778-4352-B559-97735251F17F; _gcl_au=1.1.1194433851.1628018721
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newerafin.site/LMD1Nns6

Response headers

Server: nginx
Date: Tue, 03 Aug 2021 19:25:20 GMT
Content-Type: text/html
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"60fe5f45-187a"
X-Content-Type-Options: nosniff
Content-Encoding: gzip

GET
H/1.1 200
OK index_5.html Show response
newerafin.site/lander/white5_1627283170/ Frame 5A20 319 B
583 B 59ms
57ms Document
text/html 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://newerafin.site/lander/white5_1627283170/index_5.html

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

Software

nginx /

Resource Hash

637059c3dcbc6617fb06a83eb5befb0b1f26a3126be2b660d3642de310be1527

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Host: newerafin.site
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://newerafin.site/LMD1Nns6
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg; _ga=GA1.2.306934076.1628018721; _gid=GA1.2.1474232014.1628018721; _gat=1; _msuuid_589xd066238=A96B704C-C778-4352-B559-97735251F17F; _gcl_au=1.1.1194433851.1628018721
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newerafin.site/LMD1Nns6

Response headers

Server: nginx
Date: Tue, 03 Aug 2021 19:25:20 GMT
Content-Type: text/html
Content-Length: 319
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Connection: keep-alive
ETag: "60fe5f45-13f"
X-Content-Type-Options: nosniff
Accept-Ranges: bytes

GET
H/1.1 200
OK index_4.html Show response
newerafin.site/lander/white5_1627283170/ Frame 7BEF 139 B
402 B 58ms
56ms Document
text/html 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://newerafin.site/lander/white5_1627283170/index_4.html

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

Software

nginx /

Resource Hash

d322f1f4d60227692b85d713e00403235d0287ee4c2963010eaba969b9f81f4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Host: newerafin.site
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://newerafin.site/LMD1Nns6
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg; _ga=GA1.2.306934076.1628018721; _gid=GA1.2.1474232014.1628018721; _gat=1; _msuuid_589xd066238=A96B704C-C778-4352-B559-97735251F17F; _gcl_au=1.1.1194433851.1628018721
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newerafin.site/LMD1Nns6

Response headers

Server: nginx
Date: Tue, 03 Aug 2021 19:25:20 GMT
Content-Type: text/html
Content-Length: 139
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Connection: keep-alive
ETag: "60fe5f45-8b"
X-Content-Type-Options: nosniff
Accept-Ranges: bytes

GET
H/1.1 200
OK index_18.html Show response
newerafin.site/lander/white5_1627283170/ Frame F774 319 KB
103 KB 69ms
68ms Document
text/html 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://newerafin.site/lander/white5_1627283170/index_18.html

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

Software

nginx /

Resource Hash

321382ad2e6690966361a24b557d925f4f766461d1a108412b2a4d85112a4f14

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Host: newerafin.site
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://newerafin.site/LMD1Nns6
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg; _ga=GA1.2.306934076.1628018721; _gid=GA1.2.1474232014.1628018721; _gat=1; _msuuid_589xd066238=A96B704C-C778-4352-B559-97735251F17F; _gcl_au=1.1.1194433851.1628018721
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newerafin.site/LMD1Nns6

Response headers

Server: nginx
Date: Tue, 03 Aug 2021 19:25:20 GMT
Content-Type: text/html
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"60fe5f45-4fdcb"
X-Content-Type-Options: nosniff
Content-Encoding: gzip

GET
H/1.1 200
OK index_12.html Show response
newerafin.site/lander/white5_1627283170/ Frame 24CC 3 KB
3 KB 69ms
59ms Document
text/html 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://newerafin.site/lander/white5_1627283170/index_12.html

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

Software

nginx /

Resource Hash

b1ec3a25550e54acc2f171f2dbbe153d1d6f3b9b9263392246fce96627b70a69

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Host: newerafin.site
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://newerafin.site/LMD1Nns6
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg; _ga=GA1.2.306934076.1628018721; _gid=GA1.2.1474232014.1628018721; _gat=1; _msuuid_589xd066238=A96B704C-C778-4352-B559-97735251F17F; _gcl_au=1.1.1194433851.1628018721
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newerafin.site/LMD1Nns6

Response headers

Server: nginx
Date: Tue, 03 Aug 2021 19:25:20 GMT
Content-Type: text/html
Content-Length: 2603
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Connection: keep-alive
ETag: "60fe5f45-a2b"
X-Content-Type-Options: nosniff
Accept-Ranges: bytes

GET
H/1.1 200
OK index_13.html Show response
newerafin.site/lander/white5_1627283170/ Frame 4EC0 52 KB
17 KB 92ms
63ms Document
text/html 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://newerafin.site/lander/white5_1627283170/index_13.html

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

Software

nginx /

Resource Hash

4091df774cd7a906cb15d6e87fae3c705c2f06cc32a6e642e63e2bf9363533cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Host: newerafin.site
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://newerafin.site/LMD1Nns6
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg; _ga=GA1.2.306934076.1628018721; _gid=GA1.2.1474232014.1628018721; _gat=1; _msuuid_589xd066238=A96B704C-C778-4352-B559-97735251F17F; _gcl_au=1.1.1194433851.1628018721
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newerafin.site/LMD1Nns6

Response headers

Server: nginx
Date: Tue, 03 Aug 2021 19:25:20 GMT
Content-Type: text/html
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"60fe5f45-d011"
X-Content-Type-Options: nosniff
Content-Encoding: gzip

GET
H/1.1 200
OK index_11.html Show response
newerafin.site/lander/white5_1627283170/ Frame 5DBF 257 B
521 B 96ms
54ms Document
text/html 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://newerafin.site/lander/white5_1627283170/index_11.html

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

Software

nginx /

Resource Hash

316ab64ae6290ec0684081170a75a37bf02aadb13ce413964a776cc0775e008f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Host: newerafin.site
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://newerafin.site/LMD1Nns6
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg; _ga=GA1.2.306934076.1628018721; _gid=GA1.2.1474232014.1628018721; _gat=1; _msuuid_589xd066238=A96B704C-C778-4352-B559-97735251F17F; _gcl_au=1.1.1194433851.1628018721
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newerafin.site/LMD1Nns6

Response headers

Server: nginx
Date: Tue, 03 Aug 2021 19:25:21 GMT
Content-Type: text/html
Content-Length: 257
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Connection: keep-alive
ETag: "60fe5f45-101"
X-Content-Type-Options: nosniff
Accept-Ranges: bytes

GET
H/1.1 200
OK index_8.html Show response
newerafin.site/lander/white5_1627283170/ Frame DA65 413 B
677 B 95ms
54ms Document
text/html 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://newerafin.site/lander/white5_1627283170/index_8.html

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

Software

nginx /

Resource Hash

5b92d7d1b641847590d71e744e090e85937f56e470d0fcaf3743ae6929dd5bf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Host: newerafin.site
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://newerafin.site/LMD1Nns6
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg; _ga=GA1.2.306934076.1628018721; _gid=GA1.2.1474232014.1628018721; _gat=1; _msuuid_589xd066238=A96B704C-C778-4352-B559-97735251F17F; _gcl_au=1.1.1194433851.1628018721
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newerafin.site/LMD1Nns6

Response headers

Server: nginx
Date: Tue, 03 Aug 2021 19:25:21 GMT
Content-Type: text/html
Content-Length: 413
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Connection: keep-alive
ETag: "60fe5f45-19d"
X-Content-Type-Options: nosniff
Accept-Ranges: bytes

GET
H/1.1 200
OK widget_iframe.06c6ee58c3810956b7509218508c7b56.html Show response
platform.twitter.com/widgets/ Frame 56E1 319 KB
103 KB 41ms
7ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fnewerafin.site
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6723) /
Resource Hash: 5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://newerafin.site/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newerafin.site/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 82047
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 03 Aug 2021 19:25:20 GMT
Etag: "dab7ee9ff99366614e06e117bab5e542+gzip"
Last-Modified: Wed, 28 Apr 2021 17:56:54 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6723)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105298

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 8ED6 11 KB
5 KB 50ms
12ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=newerafin.site

Requested by

Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

371f0ceab6655c8448f64525b1d11186cb67ca91398655ddf145c93d77964f91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?origin=publishertag&topUrl=newerafin.site
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newerafin.site/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newerafin.site/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 1453
set-cookie: uid=414250f6-738e-414c-bb6c-bc410d6c0e4d; expires=Sun, 28 Aug 2022 19:25:20 GMT; domain=.criteo.com; path=/; secure; samesite=none
date: Tue, 03 Aug 2021 19:25:20 GMT
content-length: 4664

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 36ms
12ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnewerafin.site%2F&domain=newerafin.site&cw=1&pbt=1

Protocol

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://newerafin.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://newerafin.site
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1448
date: Tue, 03 Aug 2021 19:25:20 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnewerafin.site%2F&domain=newerafin.site&cw=1&pbt=1
https://mug.criteo.com/sid?cpp=8jAA53w5MXZEZ2tEZEUvanlaRWpzU3ZCZTFvdGpQNzdMUldqK1NuZFc0ZjRvZ3Z2aWNxbVVSbEROL29YUXovb2p1V3NVb0FqalJQQUJKYldnTUdUZFpBNk1NanFydlZJc3M2NXZrRGg1Z2dmbFFrZFNhQWFlbFBNcXhlN0...

454 B
679 B

162ms
63ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=8jAA53w5MXZEZ2tEZEUvanlaRWpzU3ZCZTFvdGpQNzdMUldqK1NuZFc0ZjRvZ3Z2aWNxbVVSbEROL29YUXovb2p1V3NVb0FqalJQQUJKYldnTUdUZFpBNk1NanFydlZJc3M2NXZrRGg1Z2dmbFFrZFNhQWFlbFBNcXhlN0lETTNlWFN4WWZjaDBqMzNveTNhRGhYWkxJdWpoNGFIc0Z5WGNoc2dEa1B1cGNrZnlLNHErbUw2bTU5L1M1K0xSYjlsY2ZjZHhXT2NZeG1Bc3Z3UmFvTFdYWmhKZkw3YkJUR3RBMSttTW92WnFpRHRWTHAvL2hORXZoWFNtRWE0VDFZYmhGeElpUmlzcXZkUVZOMHhqY0hiVHpVTmhGZz09fA&cppv=2

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

aaf604d45507622e885dda1bbde86c0d7364a93f39582a7ad9105595324fb3e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Tue, 03 Aug 2021 19:25:20 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2167
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 03 Aug 2021 19:25:20 GMT
location: https://mug.criteo.com/sid?cpp=8jAA53w5MXZEZ2tEZEUvanlaRWpzU3ZCZTFvdGpQNzdMUldqK1NuZFc0ZjRvZ3Z2aWNxbVVSbEROL29YUXovb2p1V3NVb0FqalJQQUJKYldnTUdUZFpBNk1NanFydlZJc3M2NXZrRGg1Z2dmbFFrZFNhQWFlbFBNcXhlN0lETTNlWFN4WWZjaDBqMzNveTNhRGhYWkxJdWpoNGFIc0Z5WGNoc2dEa1B1cGNrZnlLNHErbUw2bTU5L1M1K0xSYjlsY2ZjZHhXT2NZeG1Bc3Z3UmFvTFdYWmhKZkw3YkJUR3RBMSttTW92WnFpRHRWTHAvL2hORXZoWFNtRWE0VDFZYmhGeElpUmlzcXZkUVZOMHhqY0hiVHpVTmhGZz09fA&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://newerafin.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1654
content-length: 541
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 489 B
1 KB 222ms
120ms XHR
application/json 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/dealnewscomDesktop_blog_feature_article.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4bf1fb5d8f9a3d712c982a8589f7c1b3ab8260aae9ea4f9f94baab0471953c09

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 03 Aug 2021 19:25:21 GMT
X-Proxy-Origin: 37.120.156.140; 37.120.156.140; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: ba7df752-cfe3-43cf-81b2-2af6b18a55ce
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://newerafin.site
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 489
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 24 B
370 B 169ms
68ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=532507&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2268117cc14b4ad9%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fnewerafin.site%2FLMD1Nns6%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%224.37.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22msd%22%3A3%2C%22msi%22%3A3%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pubgalaxy.com%22%2C%22sid%22%3A%223800%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2272d106816bc5e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22532507%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2289a87446d016cc%22%2C%22ext%22%3A%7B%22siteID%22%3A%22532508%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2295deb23d4f8a88%22%2C%22ext%22%3A%7B%22siteID%22%3A%22532509%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2210f4b68467b500f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22532510%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2272d106816bc5e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22532507%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2272d106816bc5e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22532507%22%2C%22sid%22%3A%22300x400%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A400%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2272d106816bc5e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22532507%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/dealnewscomDesktop_blog_feature_article.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 036ec0d3f4b621650aa3c647ae9d29d9ad1a5344f25d503a3e82669a8fdfaef3

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 19:25:21 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[PL], RC:[], CN:[EU], CIP:[37.120.156.140], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://newerafin.site
x-cs-client-geo: 09
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 44
x-ak-client-geo: 09
expires: Tue, 03 Aug 2021 19:25:21 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
187 B 190ms
61ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=110&profileId=185&av=33&wv=4.37.0&cb=78359648232
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/dealnewscomDesktop_blog_feature_article.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://newerafin.site
date: Tue, 03 Aug 2021 19:25:20 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 30 B
616 B 227ms
56ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22170f2162c175fa8%22%3A%224382cc1c28d8cd473da5%7C300x250%2C300x600%2C300x400%2C160x600%22%2C%22181249f8cd19852%22%3A%2299838bc2ac9212676f98%7C300x250%22%2C%2219b1e27b5915dfc%22%3A%22c1081f5f9b22b76c8b41%7C300x250%22%2C%22202b99ab1064f2f%22%3A%22eebb3e10afa71b1e1d24%7C300x600%22%7D&ref=https%3A%2F%2Fnewerafin.site%2FLMD1Nns6&s=f80aab97-c093-4ad3-b002-2e09753e1118&pv=a61cf915-fd5c-49ff-a34a-a3c8caba8774&vp=desktop&lib_name=prebid&lib_v=4.37.0&us=3&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pubgalaxy.com%22%2C%22sid%22%3A%223800%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%22cb67eaa5-2fb9-4a87-bd95-5b9bbd488431%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22cb67eaa5-2fb9-4a87-bd95-5b9bbd488431%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0

Requested by

Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/dealnewscomDesktop_blog_feature_article.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

a117924f559cb8da7692dc5a758f590fff1a959d1908f7055f2ec7a3efd35332

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 03 Aug 2021 19:25:21 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-10
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://newerafin.site
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 30
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 arj Show response
pubgalaxy-d.openx.net/w/1.0/ 172 B
558 B 172ms
57ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pubgalaxy-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fnewerafin.site%2FLMD1Nns6&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=c4093177-39b3-427a-aa55-2bd2aa5e8a01%2C2be36fd4-b76f-498b-b326-72d83d7cbca9%2C28ea1ded-2316-4692-b54c-2805120957fa%2C110ff5ec-8c20-4a1d-974f-5106d0c3df11&nocache=1628018721106&pubcid=cb67eaa5-2fb9-4a87-bd95-5b9bbd488431&schain=1.0%2C1!pubgalaxy.com%2C3800%2C1%2C%2C%2C&aus=300x250%2C300x600%2C300x400%2C160x600%7C300x250%7C300x250%7C300x600&divIds=div-gpt-ad-dealnewscom37539%2Cdiv-gpt-ad-dealnewscom37540%2Cdiv-gpt-ad-dealnewscom37541%2Cdiv-gpt-ad-dealnewscom37543&auid=541131221%2C541131591%2C541132896%2C541132903&aumfs=10%2C10%2C10%2C10
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/dealnewscomDesktop_blog_feature_article.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: b7e96ebdcc20e65883a822b3a00dfef6e1f70837061033d8726aeea8e67e2c90

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 19:25:21 GMT
content-encoding: gzip
server: OXGW/16.211.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://newerafin.site
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 306 B
1 KB 203ms
56ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18630&site_id=330726&zone_id=1749670&size_id=15&alt_size_ids=9%2C10&rp_schain=1.0,1!pubgalaxy.com,3800,1,,,&eid_pubcid.org=cb67eaa5-2fb9-4a87-bd95-5b9bbd488431%5E1&rf=https%3A%2F%2Fnewerafin.site%2FLMD1Nns6&tk_flint=pbjs_lite_v4.37.0&x_source.tid=c4093177-39b3-427a-aa55-2bd2aa5e8a01&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9438175364077261
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/dealnewscomDesktop_blog_feature_article.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: c07fc7f4d158db9bbe9a8f9d85b78ba9328a41351212da08e40f16bdd94a5e9a

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 03 Aug 2021 19:25:21 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://newerafin.site
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 306
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 284 B
1 KB 202ms
55ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18630&site_id=330726&zone_id=1750002&size_id=15&rp_schain=1.0,1!pubgalaxy.com,3800,1,,,&eid_pubcid.org=cb67eaa5-2fb9-4a87-bd95-5b9bbd488431%5E1&rf=https%3A%2F%2Fnewerafin.site%2FLMD1Nns6&tk_flint=pbjs_lite_v4.37.0&x_source.tid=2be36fd4-b76f-498b-b326-72d83d7cbca9&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6315141435137854
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/dealnewscomDesktop_blog_feature_article.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: bbf8fc8c0de16cb5b289044f91edea000663b1f970bda252c4dc16f0abf32d73

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 03 Aug 2021 19:25:21 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://newerafin.site
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 284
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 284 B
1 KB 212ms
64ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18630&site_id=330726&zone_id=1750472&size_id=15&rp_schain=1.0,1!pubgalaxy.com,3800,1,,,&eid_pubcid.org=cb67eaa5-2fb9-4a87-bd95-5b9bbd488431%5E1&rf=https%3A%2F%2Fnewerafin.site%2FLMD1Nns6&tk_flint=pbjs_lite_v4.37.0&x_source.tid=28ea1ded-2316-4692-b54c-2805120957fa&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rp_maxbids=1&slots=1&rand=0.508672573626612
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/dealnewscomDesktop_blog_feature_article.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 015a0499776620c0c404da5f0005b46d66b2ab0ae456992c10067b6eb31fa632

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 03 Aug 2021 19:25:21 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://newerafin.site
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 284
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 284 B
1 KB 212ms
65ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18630&site_id=330726&zone_id=1750514&size_id=10&rp_schain=1.0,1!pubgalaxy.com,3800,1,,,&eid_pubcid.org=cb67eaa5-2fb9-4a87-bd95-5b9bbd488431%5E1&rf=https%3A%2F%2Fnewerafin.site%2FLMD1Nns6&tk_flint=pbjs_lite_v4.37.0&x_source.tid=110ff5ec-8c20-4a1d-974f-5106d0c3df11&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rp_maxbids=1&slots=1&rand=0.972154600221492
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/dealnewscomDesktop_blog_feature_article.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 8f3ec4c25a5cd627784299ebe45ffb9df4012439050702519bafa06aa6535cba

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 03 Aug 2021 19:25:21 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://newerafin.site
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 284
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
84 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-70020-1&cid=306934076.1628018721&jid=963939300&gjid=1113135314&_gid=1474232014.1628018721&_u=aEBAAAAAUAAAAC~&z=2060790531

Requested by

Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 03 Aug 2021 19:25:21 GMT
content-type: text/plain
access-control-allow-origin: https://newerafin.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 404
Not Found ul.php
newerafin.site/lw/ 548 B
696 B 54ms
54ms Ping
text/html 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lw/ul.php
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Sec-Fetch-Mode: no-cors
Origin: https://newerafin.site
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Sec-Fetch-Dest: empty
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg; _ga=GA1.2.306934076.1628018721; _gid=GA1.2.1474232014.1628018721; _gat=1; _msuuid_589xd066238=A96B704C-C778-4352-B559-97735251F17F; _gcl_au=1.1.1194433851.1628018721; _pbjs_userid_consent_data=3524755945110770; _pubcid=cb67eaa5-2fb9-4a87-bd95-5b9bbd488431
Connection: keep-alive
Content-Length: 41
Pragma: no-cache
Host: newerafin.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Accept: */*
Cache-Control: no-cache
Referer: https://newerafin.site/LMD1Nns6
Sec-Fetch-Site: same-origin
Referer: https://newerafin.site/LMD1Nns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

Date: Tue, 03 Aug 2021 19:25:21 GMT
Server: nginx
Connection: keep-alive
Content-Length: 548
Content-Type: text/html

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 95 KB
38 KB 30ms
28ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-613657585

Requested by

Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/gtm.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9f95084d20675c6d9f00baa1afbee7336a2fc2b2d57ede7d651dd86655daa80a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 19:25:21 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38821
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 03 Aug 2021 19:25:21 GMT

GET
H/1.1 200
OK UFYwWwmt.js Show response
newerafin.site/lander/white5_1627283170/ Frame F32A 41 KB
15 KB 70ms
65ms Script
application/javascript 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/UFYwWwmt.js
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/index_9.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://newerafin.site/lander/white5_1627283170/index_9.html
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg; _ga=GA1.2.306934076.1628018721; _gid=GA1.2.1474232014.1628018721; _gat=1; _msuuid_589xd066238=A96B704C-C778-4352-B559-97735251F17F; _gcl_au=1.1.1194433851.1628018721; _pbjs_userid_consent_data=3524755945110770; _pubcid=cb67eaa5-2fb9-4a87-bd95-5b9bbd488431
Connection: keep-alive
Referer: https://newerafin.site/lander/white5_1627283170/index_9.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:21 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: W/"60fe5f45-a28a"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Fri, 13 Aug 2021 19:25:21 GMT

GET
H/1.1 200
OK f-2.txt Show response
newerafin.site/lander/white5_1627283170/ Frame F32A 6 KB
3 KB 58ms
55ms Script
text/plain 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/f-2.txt
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/index_9.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: 9dff9c5d8bb8ff3117fe17757c275af96ca695dc60d7fb811331cb38815a91a6

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://newerafin.site/lander/white5_1627283170/index_9.html
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg; _ga=GA1.2.306934076.1628018721; _gid=GA1.2.1474232014.1628018721; _gat=1; _msuuid_589xd066238=A96B704C-C778-4352-B559-97735251F17F; _gcl_au=1.1.1194433851.1628018721; _pbjs_userid_consent_data=3524755945110770; _pubcid=cb67eaa5-2fb9-4a87-bd95-5b9bbd488431
Connection: keep-alive
Referer: https://newerafin.site/lander/white5_1627283170/index_9.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:21 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: W/"60fe5f45-18d3"
Transfer-Encoding: chunked
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Fri, 13 Aug 2021 19:25:21 GMT

GET
H/1.1 200
OK gen_204.gif
newerafin.site/lander/white5_1627283170/ Frame F32A 42 B
374 B 232ms
57ms Image
image/gif 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newerafin.site/lander/white5_1627283170/gen_204.gif
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/index_9.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://newerafin.site/lander/white5_1627283170/index_9.html
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg; _ga=GA1.2.306934076.1628018721; _gid=GA1.2.1474232014.1628018721; _gat=1; _msuuid_589xd066238=A96B704C-C778-4352-B559-97735251F17F; _gcl_au=1.1.1194433851.1628018721; _pbjs_userid_consent_data=3524755945110770; _pubcid=cb67eaa5-2fb9-4a87-bd95-5b9bbd488431; _uetsid=8b262030f49011eb96e7ebce68debd63; _uetvid=8b264fa0f49011eba0aa1551958ef9ab
Connection: keep-alive
Referer: https://newerafin.site/lander/white5_1627283170/index_9.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:21 GMT
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-2a"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42
Expires: Fri, 13 Aug 2021 19:25:21 GMT

GET
H/1.1 200
OK 3903259572706743127.jpeg
newerafin.site/lander/white5_1627283170/ Frame F32A 131 KB
131 KB 234ms
56ms Image
image/jpeg 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newerafin.site/lander/white5_1627283170/3903259572706743127.jpeg
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/index_9.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: db57910557cd7701310fbc58b1dc943b4d1df44610b6e3c5a22d51d44bb169e3

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://newerafin.site/lander/white5_1627283170/index_9.html
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg; _ga=GA1.2.306934076.1628018721; _gid=GA1.2.1474232014.1628018721; _gat=1; _msuuid_589xd066238=A96B704C-C778-4352-B559-97735251F17F; _gcl_au=1.1.1194433851.1628018721; _pbjs_userid_consent_data=3524755945110770; _pubcid=cb67eaa5-2fb9-4a87-bd95-5b9bbd488431; _uetsid=8b262030f49011eb96e7ebce68debd63; _uetvid=8b264fa0f49011eba0aa1551958ef9ab
Connection: keep-alive
Referer: https://newerafin.site/lander/white5_1627283170/index_9.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:21 GMT
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-20b48"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 133960
Expires: Fri, 13 Aug 2021 19:25:21 GMT

GET
H/1.1 200
OK f-3.txt Show response
newerafin.site/lander/white5_1627283170/ Frame F32A 18 KB
8 KB 149ms
59ms Script
text/plain 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/f-3.txt
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/index_9.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: 7438cd6d98fc8e372c9a87e319ab965229ce2ba37798db808c8408f791db86ca

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://newerafin.site/lander/white5_1627283170/index_9.html
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg; _ga=GA1.2.306934076.1628018721; _gid=GA1.2.1474232014.1628018721; _gat=1; _msuuid_589xd066238=A96B704C-C778-4352-B559-97735251F17F; _gcl_au=1.1.1194433851.1628018721; _pbjs_userid_consent_data=3524755945110770; _pubcid=cb67eaa5-2fb9-4a87-bd95-5b9bbd488431; _uetsid=8b262030f49011eb96e7ebce68debd63; _uetvid=8b264fa0f49011eba0aa1551958ef9ab
Connection: keep-alive
Referer: https://newerafin.site/lander/white5_1627283170/index_9.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:21 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: W/"60fe5f45-4902"
Transfer-Encoding: chunked
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Fri, 13 Aug 2021 19:25:21 GMT

GET
H/1.1 200
OK f-4.txt Show response
newerafin.site/lander/white5_1627283170/ Frame F32A 2 KB
3 KB 237ms
59ms Script
text/plain 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/f-4.txt
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/index_9.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://newerafin.site/lander/white5_1627283170/index_9.html
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg; _ga=GA1.2.306934076.1628018721; _gid=GA1.2.1474232014.1628018721; _gat=1; _msuuid_589xd066238=A96B704C-C778-4352-B559-97735251F17F; _gcl_au=1.1.1194433851.1628018721; _pbjs_userid_consent_data=3524755945110770; _pubcid=cb67eaa5-2fb9-4a87-bd95-5b9bbd488431; _uetsid=8b262030f49011eb96e7ebce68debd63; _uetvid=8b264fa0f49011eba0aa1551958ef9ab
Connection: keep-alive
Referer: https://newerafin.site/lander/white5_1627283170/index_9.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:21 GMT
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-9e1"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2529
Expires: Fri, 13 Aug 2021 19:25:21 GMT

GET
H/1.1 200
OK rx_lidar.js Show response
newerafin.site/lander/white5_1627283170/ Frame F32A 124 KB
38 KB 181ms
106ms Script
application/javascript 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/rx_lidar.js
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/index_9.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: 4409f886851d18b5071cc08d25845e0d959d51fd1e9eec92118d0f12a44e5eeb

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://newerafin.site/lander/white5_1627283170/index_9.html
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg; _ga=GA1.2.306934076.1628018721; _gid=GA1.2.1474232014.1628018721; _gat=1; _msuuid_589xd066238=A96B704C-C778-4352-B559-97735251F17F; _gcl_au=1.1.1194433851.1628018721; _pbjs_userid_consent_data=3524755945110770; _pubcid=cb67eaa5-2fb9-4a87-bd95-5b9bbd488431; _uetsid=8b262030f49011eb96e7ebce68debd63; _uetvid=8b264fa0f49011eba0aa1551958ef9ab
Connection: keep-alive
Referer: https://newerafin.site/lander/white5_1627283170/index_9.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:21 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: W/"60fe5f45-1ef57"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Fri, 13 Aug 2021 19:25:21 GMT

GET
H/1.1 200
OK f-5.txt Show response
newerafin.site/lander/white5_1627283170/ Frame F32A 14 KB
6 KB 174ms
58ms Script
text/plain 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/f-5.txt
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/index_9.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: 1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://newerafin.site/lander/white5_1627283170/index_9.html
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg; _ga=GA1.2.306934076.1628018721; _gid=GA1.2.1474232014.1628018721; _gat=1; _msuuid_589xd066238=A96B704C-C778-4352-B559-97735251F17F; _gcl_au=1.1.1194433851.1628018721; _pbjs_userid_consent_data=3524755945110770; _pubcid=cb67eaa5-2fb9-4a87-bd95-5b9bbd488431; _uetsid=8b262030f49011eb96e7ebce68debd63; _uetvid=8b264fa0f49011eba0aa1551958ef9ab
Connection: keep-alive
Referer: https://newerafin.site/lander/white5_1627283170/index_9.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:21 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: W/"60fe5f45-37fc"
Transfer-Encoding: chunked
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Fri, 13 Aug 2021 19:25:21 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 178ms
57ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1046
date: Tue, 03 Aug 2021 19:25:21 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 204 36002962.js Show response
bat.bing.com/p/action/ 0
93 B 184ms
184ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/36002962.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ARR/3.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 03 Aug 2021 19:25:20 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: C88C61AE529F4CF49DD2F6B930745E0A Ref B: FRAEDGE1518 Ref C: 2021-08-03T19:25:21Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
93 B 32ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=36002962&Ver=2&mid=cbc85792-5308-496b-b68e-8f6b95766b25&sid=8b262030f49011eb96e7ebce68debd63&vid=8b264fa0f49011eba0aa1551958ef9ab&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=How%20to%20Buy%20on%20eBay&kw=How,to,Buy,on,eBay&p=https%3A%2F%2Fnewerafin.site%2FLMD1Nns6&r=&lt=2153&evt=pageLoad&msclkid=N&sv=1&rn=841359
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 03 Aug 2021 19:25:20 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: C4085950131240C981C0C7923E2602A6 Ref B: FRAEDGE1518 Ref C: 2021-08-03T19:25:21Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/613657585/ 2 KB
1 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/613657585/?random=1628018721201&cv=9&fst=1628018721201&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7l1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fnewerafin.site%2FLMD1Nns6&tiba=How%20to%20Buy%20on%20eBay&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d17de0c3f4006643b304d30c54ebe97b85320570e0e2be4bec47a3f479b8adc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 19:25:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1033
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK rx_lidar.js Show response
newerafin.site/lander/white5_1627283170/ Frame F07F 124 KB
38 KB 67ms
65ms Script
application/javascript 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/rx_lidar.js
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/index_1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: 4409f886851d18b5071cc08d25845e0d959d51fd1e9eec92118d0f12a44e5eeb

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://newerafin.site/lander/white5_1627283170/index_1.html
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg; _ga=GA1.2.306934076.1628018721; _gid=GA1.2.1474232014.1628018721; _gat=1; _msuuid_589xd066238=A96B704C-C778-4352-B559-97735251F17F; _gcl_au=1.1.1194433851.1628018721; _pbjs_userid_consent_data=3524755945110770; _pubcid=cb67eaa5-2fb9-4a87-bd95-5b9bbd488431; _uetsid=8b262030f49011eb96e7ebce68debd63; _uetvid=8b264fa0f49011eba0aa1551958ef9ab
Connection: keep-alive
Referer: https://newerafin.site/lander/white5_1627283170/index_1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:21 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: W/"60fe5f45-1ef57"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Fri, 13 Aug 2021 19:25:21 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame F07F 0
25 B 86ms
84ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuLjANgcr0bGtlo9_Fj1XLMucHVpepeTQZ7vM9B-YOkUkCWYYbi1mRQ4IiOzfpyjVj0SQDtFtMdbZMUQuL8n5VxEgZ3IZxL2op8g2IJ10MCT4hIihRSBE4u4xWNS4JsDZ0Cvt9Cle9Ls-oqhj9jmWADy34tzfpzhuX_flKmDd6QZ_KHNis6tV_7ya-J23fI3cfSf_QeQv7V5Zu-u3zpwQnjJg6XDAYaTqOS6kedbwOkgUc0RpttsnektY7VbzhUtczVSqU0AWnKXha0N0bIUys1uO8h3a3JbJLR70YPDIc-kxatDTQ0dCZtUwPbYmlSBbhQWrags6X_HSY&sai=AMfl-YRAn6Bq3meeiNlvqTHgqWS0bHH0dI0AXO998nwBaf2RleBSXRAPcm8wPt3Ikqqq0eAwh4WEPgtcyxechkUG45-KtAx8wvtaGcfyB6AP4ou69eFWPCkT6BJTcmfw9Ek-&sig=Cg0ArKJSzPEFNGGAjhZJEAE&urlfix=1&adurl=

Requested by

Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/index_1.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 19:25:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 03 Aug 2021 19:25:21 GMT

GET
H/1.1 200
OK rx_lidar.js Show response
newerafin.site/lander/white5_1627283170/ Frame 696D 124 KB
38 KB 72ms
71ms Script
application/javascript 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/rx_lidar.js
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/index_2.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: 4409f886851d18b5071cc08d25845e0d959d51fd1e9eec92118d0f12a44e5eeb

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://newerafin.site/lander/white5_1627283170/index_2.html
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg; _ga=GA1.2.306934076.1628018721; _gid=GA1.2.1474232014.1628018721; _gat=1; _msuuid_589xd066238=A96B704C-C778-4352-B559-97735251F17F; _gcl_au=1.1.1194433851.1628018721; _pbjs_userid_consent_data=3524755945110770; _pubcid=cb67eaa5-2fb9-4a87-bd95-5b9bbd488431; _uetsid=8b262030f49011eb96e7ebce68debd63; _uetvid=8b264fa0f49011eba0aa1551958ef9ab
Connection: keep-alive
Referer: https://newerafin.site/lander/white5_1627283170/index_2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:21 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: W/"60fe5f45-1ef57"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Fri, 13 Aug 2021 19:25:21 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 696D 0
25 B 85ms
84ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvo32PxNh9vtlXJ3C5r7sMFlpqKVGsd7Zv-wqRtlf6wB7TMT-xKbe9HJLpfFwsiftsUvPlSW2ta7fH7MAAx0j43K8J8-YgoSLiGhxShKAVMlZEe6MNS_FlaYKaoTbac7_WHnafPgW1TFiJm4b_5hI7HN3S12z_ksbg4RXQfkEkfgc4RZrBhf_Hyfa8y6ruK7xa2Jw6opn7ttD-UABThwPrqAQsrQsedbSTUt49MtGDoFv9NriBi5mjgijfg12peJOesN-JHY3QM-yZY6NvwiwqBGhmTF1PGM_axZeR-6YTSs-mDskYc2TOlZY0XTFj0eOFqAVkVbtT7Ogg&sai=AMfl-YQ35hs3HAxj9kgBUoRxDYhYSu8ncj7wgtIT26EWThiMX7kK7biuFD931dwavz-TUMh8R6X3v_Wl7BsBSnUaHdb7D_P4OGZpqyVcLIT6mTpe024uSYVKFcq7UjOjo8MO&sig=Cg0ArKJSzAQOLYHn-WYrEAE&urlfix=1&adurl=

Requested by

Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/index_2.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 19:25:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 03 Aug 2021 19:25:21 GMT

GET
H/1.1 200
OK embed.js Show response
newerafin.site/lander/white5_1627283170/ Frame 4117 26 KB
8 KB 70ms
69ms Script
application/javascript 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/embed.js
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/index_16.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: 02aa7030f179a7105f64876b3774a767d9d2977928f7a5cfc5b937aea15ea34e

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://newerafin.site/lander/white5_1627283170/index_16.html
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg; _ga=GA1.2.306934076.1628018721; _gid=GA1.2.1474232014.1628018721; _gat=1; _msuuid_589xd066238=A96B704C-C778-4352-B559-97735251F17F; _gcl_au=1.1.1194433851.1628018721; _pbjs_userid_consent_data=3524755945110770; _pubcid=cb67eaa5-2fb9-4a87-bd95-5b9bbd488431; _uetsid=8b262030f49011eb96e7ebce68debd63; _uetvid=8b264fa0f49011eba0aa1551958ef9ab
Connection: keep-alive
Referer: https://newerafin.site/lander/white5_1627283170/index_16.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:21 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: W/"60fe5f45-6928"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Fri, 13 Aug 2021 19:25:21 GMT

GET
H/1.1 200
OK q1ky2waotAkvjuvP5B7TcFq3cS4nsNrI8l5t57HmyWE.js Show response
newerafin.site/lander/white5_1627283170/ Frame 4117 35 KB
15 KB 79ms
62ms Script
application/javascript 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/q1ky2waotAkvjuvP5B7TcFq3cS4nsNrI8l5t57HmyWE.js
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/index_16.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: ab5932db06a8b4092f8eebcfe41ed3705ab7712e27b0dac8f25e6de7b1e6c961

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://newerafin.site/lander/white5_1627283170/index_16.html
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg; _ga=GA1.2.306934076.1628018721; _gid=GA1.2.1474232014.1628018721; _gat=1; _msuuid_589xd066238=A96B704C-C778-4352-B559-97735251F17F; _gcl_au=1.1.1194433851.1628018721; _pbjs_userid_consent_data=3524755945110770; _pubcid=cb67eaa5-2fb9-4a87-bd95-5b9bbd488431; _uetsid=8b262030f49011eb96e7ebce68debd63; _uetvid=8b264fa0f49011eba0aa1551958ef9ab
Connection: keep-alive
Referer: https://newerafin.site/lander/white5_1627283170/index_16.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:21 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: W/"60fe5f45-8b0e"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Fri, 13 Aug 2021 19:25:21 GMT

GET
H/1.1 200
OK remote.js Show response
newerafin.site/lander/white5_1627283170/ Frame 4117 97 KB
32 KB 97ms
70ms Script
application/javascript 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/remote.js
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/index_16.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: 35a45c8fa5d5c65a247f05909ee183bee255b5c473e1bb7a6fe3e6bead0f1932

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://newerafin.site/lander/white5_1627283170/index_16.html
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg; _ga=GA1.2.306934076.1628018721; _gid=GA1.2.1474232014.1628018721; _gat=1; _msuuid_589xd066238=A96B704C-C778-4352-B559-97735251F17F; _gcl_au=1.1.1194433851.1628018721; _pbjs_userid_consent_data=3524755945110770; _pubcid=cb67eaa5-2fb9-4a87-bd95-5b9bbd488431; _uetsid=8b262030f49011eb96e7ebce68debd63; _uetvid=8b264fa0f49011eba0aa1551958ef9ab
Connection: keep-alive
Referer: https://newerafin.site/lander/white5_1627283170/index_16.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:21 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: W/"60fe5f45-1841c"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Fri, 13 Aug 2021 19:25:21 GMT

GET
H/1.1 200
OK ad_status.js Show response
newerafin.site/lander/white5_1627283170/ Frame 4117 29 B
374 B 130ms
57ms Script
application/javascript 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/ad_status.js
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/index_16.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://newerafin.site/lander/white5_1627283170/index_16.html
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg; _ga=GA1.2.306934076.1628018721; _gid=GA1.2.1474232014.1628018721; _gat=1; _msuuid_589xd066238=A96B704C-C778-4352-B559-97735251F17F; _gcl_au=1.1.1194433851.1628018721; _pbjs_userid_consent_data=3524755945110770; _pubcid=cb67eaa5-2fb9-4a87-bd95-5b9bbd488431; _uetsid=8b262030f49011eb96e7ebce68debd63; _uetvid=8b264fa0f49011eba0aa1551958ef9ab
Connection: keep-alive
Referer: https://newerafin.site/lander/white5_1627283170/index_16.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:21 GMT
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-1d"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29
Expires: Fri, 13 Aug 2021 19:25:21 GMT

GET
H/1.1 200
OK www-player-webp.css
newerafin.site/lander/white5_1627283170/ Frame 4117 302 KB
42 KB 77ms
75ms Stylesheet
text/css 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/www-player-webp.css
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/index_16.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: a9a968b4b1c4238f84c189eb749ce350e4a3ad7e81c3770f134b893b3be1918f

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://newerafin.site/lander/white5_1627283170/index_16.html
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg; _ga=GA1.2.306934076.1628018721; _gid=GA1.2.1474232014.1628018721; _gat=1; _msuuid_589xd066238=A96B704C-C778-4352-B559-97735251F17F; _gcl_au=1.1.1194433851.1628018721; _pbjs_userid_consent_data=3524755945110770; _pubcid=cb67eaa5-2fb9-4a87-bd95-5b9bbd488431; _uetsid=8b262030f49011eb96e7ebce68debd63; _uetvid=8b264fa0f49011eba0aa1551958ef9ab
Connection: keep-alive
Referer: https://newerafin.site/lander/white5_1627283170/index_16.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:21 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: W/"60fe5f45-4b60d"
Transfer-Encoding: chunked
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Fri, 13 Aug 2021 19:25:21 GMT

GET
H/1.1 200
OK rx_lidar.js Show response
newerafin.site/lander/white5_1627283170/ Frame 8AAE 124 KB
38 KB 144ms
64ms Script
application/javascript 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/rx_lidar.js
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/index_3.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: 4409f886851d18b5071cc08d25845e0d959d51fd1e9eec92118d0f12a44e5eeb

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://newerafin.site/lander/white5_1627283170/index_3.html
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg; _ga=GA1.2.306934076.1628018721; _gid=GA1.2.1474232014.1628018721; _gat=1; _msuuid_589xd066238=A96B704C-C778-4352-B559-97735251F17F; _gcl_au=1.1.1194433851.1628018721; _pbjs_userid_consent_data=3524755945110770; _pubcid=cb67eaa5-2fb9-4a87-bd95-5b9bbd488431; _uetsid=8b262030f49011eb96e7ebce68debd63; _uetvid=8b264fa0f49011eba0aa1551958ef9ab
Connection: keep-alive
Referer: https://newerafin.site/lander/white5_1627283170/index_3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:21 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: W/"60fe5f45-1ef57"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Fri, 13 Aug 2021 19:25:21 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8AAE 0
25 B 79ms
78ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssvE74IuUKq7195C-jJBwZgfcF3050k2FyeFg2JtpmS584GW8krX1fF2zjOTH71MYkVPNcsL9JROVt50HexgD5XhOcEkJf7dqhHaHFSGeHj0WltnBQVfZHuoX5OrEKLXYepBK3Z5aTAZ2rlnv6MI6bWV_BJgHZ-UxqUuxClZ-EM2SBGGkKsCnQsZP4YTGhcj4KuERTN8dsUgt4iQOpzE2ZHqP2ehZ1gJk7ySmzTjKjPHzqL9jO50avRnu7UAk1xtQILLUcMbvQ_fPD5siXAJ3k0b80cfKEAr62BsAuzTIL2e8JKS4yUjEM95gdi-Pb2UROKdeyAqEDA9iI&sai=AMfl-YQsY0OEaTfo_Sp5ojMT_5dPWjf_0OzMUWRxcghetC2Ym_D9hWj8Ngb2I9pFQxLzHuu83XWk-t_sKyxRxMAv2kneAEXC2eyrwxByFFy5VYrlW2uIG8kMziQb_cY0R3c8&sig=Cg0ArKJSzDU0z8UEomMDEAE&urlfix=1&adurl=

Requested by

Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/index_3.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 19:25:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 03 Aug 2021 19:25:21 GMT

GET
H/1.1 200
OK 2027744502-idpiframe.js Show response
newerafin.site/lander/white5_1627283170/ Frame AAA1 116 KB
40 KB 141ms
73ms Script
application/javascript 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/2027744502-idpiframe.js
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/index_6.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: 21e5aa81dac683231abc1691f7e7bea2267641f66cd1bf01c16a6021ec43da36

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://newerafin.site/lander/white5_1627283170/index_6.html
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg; _ga=GA1.2.306934076.1628018721; _gid=GA1.2.1474232014.1628018721; _gat=1; _msuuid_589xd066238=A96B704C-C778-4352-B559-97735251F17F; _gcl_au=1.1.1194433851.1628018721; _pbjs_userid_consent_data=3524755945110770; _pubcid=cb67eaa5-2fb9-4a87-bd95-5b9bbd488431; _uetsid=8b262030f49011eb96e7ebce68debd63; _uetvid=8b264fa0f49011eba0aa1551958ef9ab
Connection: keep-alive
Referer: https://newerafin.site/lander/white5_1627283170/index_6.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:21 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: W/"60fe5f45-1cef3"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Fri, 13 Aug 2021 19:25:21 GMT

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame F194
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https://newerafin.site/LMD1Nns6&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https://newerafin.site/LMD1Nns6&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
3 KB

100ms
98ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://newerafin.site/LMD1Nns6&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/index_12.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a9a4c022c5f2a0fc240663b2efdd781fc353671f35ab5a7f351b5b27a2129003

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://newerafin.site/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YQmYIr7iY892oK9shdmiDAAA; CMPS=1181
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newerafin.site/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 45|230|241|39|65|57|90|31
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1786
Expires: Tue, 03 Aug 2021 19:25:22 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 03 Aug 2021 19:25:22 GMT
Connection: keep-alive
Set-Cookie: CMID=YQmYIr7iY892oK9shdmiDAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 03 Aug 2022 19:25:22 GMT CMPS=1181;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 01 Nov 2021 19:25:22 GMT CMPRO=1126;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 01 Nov 2021 19:25:22 GMT CMRUM3=2d6109982205a0&396109982205a0&5a6109982205a0&416109982205a0&e6610998222760&1f6109982205a00&f16109982205a0&27610998220b40;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 03 Aug 2022 19:25:22 GMT CMST=YQmYImEJmCIA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 04 Aug 2021 19:25:22 GMT

Redirect headers

Server: Apache
Content-Length: 345
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?d=https://newerafin.site/LMD1Nns6&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Tue, 03 Aug 2021 19:25:22 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 03 Aug 2021 19:25:22 GMT
Connection: keep-alive
Set-Cookie: CMID=YQmYIr7iY892oK9shdmiDAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 03 Aug 2022 19:25:22 GMT CMPS=1181;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 01 Nov 2021 19:25:22 GMT

GET
H/1.1 200
OK index_17.html Show response
newerafin.site/lander/white5_1627283170/ Frame 0431 383 B
647 B 90ms
54ms Document
text/html 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://newerafin.site/lander/white5_1627283170/index_17.html

Requested by

Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/index_12.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

Software

nginx /

Resource Hash

d425d7b0f4a017086696d307572cd8e0a3b8e89797a52d4b638d53fcefebbfea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Host: newerafin.site
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://newerafin.site/lander/white5_1627283170/index_12.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg; _ga=GA1.2.306934076.1628018721; _gid=GA1.2.1474232014.1628018721; _gat=1; _msuuid_589xd066238=A96B704C-C778-4352-B559-97735251F17F; _gcl_au=1.1.1194433851.1628018721; _pbjs_userid_consent_data=3524755945110770; _pubcid=cb67eaa5-2fb9-4a87-bd95-5b9bbd488431; _uetsid=8b262030f49011eb96e7ebce68debd63; _uetvid=8b264fa0f49011eba0aa1551958ef9ab
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newerafin.site/lander/white5_1627283170/index_12.html

Response headers

Server: nginx
Date: Tue, 03 Aug 2021 19:25:21 GMT
Content-Type: text/html
Content-Length: 383
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Connection: keep-alive
ETag: "60fe5f45-17f"
X-Content-Type-Options: nosniff
Accept-Ranges: bytes

GET
H/1.1 200
OK www-embed-player.js Show response
newerafin.site/lander/white5_1627283170/ Frame 4117 193 KB
67 KB 161ms
75ms Script
application/javascript 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/www-embed-player.js
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/index_16.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: a44483abbb911ba55cdcabe911145050e43890d19143c37d5cb8e89cb639b89d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://newerafin.site/lander/white5_1627283170/index_16.html
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg; _ga=GA1.2.306934076.1628018721; _gid=GA1.2.1474232014.1628018721; _gat=1; _msuuid_589xd066238=A96B704C-C778-4352-B559-97735251F17F; _gcl_au=1.1.1194433851.1628018721; _pbjs_userid_consent_data=3524755945110770; _pubcid=cb67eaa5-2fb9-4a87-bd95-5b9bbd488431; _uetsid=8b262030f49011eb96e7ebce68debd63; _uetvid=8b264fa0f49011eba0aa1551958ef9ab
Connection: keep-alive
Referer: https://newerafin.site/lander/white5_1627283170/index_16.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:21 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: W/"60fe5f45-30274"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Fri, 13 Aug 2021 19:25:21 GMT

GET
H/1.1 200
OK base.js Show response
newerafin.site/lander/white5_1627283170/ Frame 4117 2 MB
553 KB 168ms
74ms Script
application/javascript 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/base.js
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/index_16.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: 8bc3474528c5517ecc37fd9cb4815378241ceb406d771685694902a71e06a2ae

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://newerafin.site/lander/white5_1627283170/index_16.html
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg; _ga=GA1.2.306934076.1628018721; _gid=GA1.2.1474232014.1628018721; _gat=1; _msuuid_589xd066238=A96B704C-C778-4352-B559-97735251F17F; _gcl_au=1.1.1194433851.1628018721; _pbjs_userid_consent_data=3524755945110770; _pubcid=cb67eaa5-2fb9-4a87-bd95-5b9bbd488431; _uetsid=8b262030f49011eb96e7ebce68debd63; _uetvid=8b264fa0f49011eba0aa1551958ef9ab
Connection: keep-alive
Referer: https://newerafin.site/lander/white5_1627283170/index_16.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:21 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: W/"60fe5f45-1b3644"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Fri, 13 Aug 2021 19:25:21 GMT

GET
H/1.1 200
OK fetch-polyfill.js Show response
newerafin.site/lander/white5_1627283170/ Frame 4117 8 KB
3 KB 230ms
129ms Script
application/javascript 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/fetch-polyfill.js
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/index_16.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://newerafin.site/lander/white5_1627283170/index_16.html
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg; _ga=GA1.2.306934076.1628018721; _gid=GA1.2.1474232014.1628018721; _gat=1; _msuuid_589xd066238=A96B704C-C778-4352-B559-97735251F17F; _gcl_au=1.1.1194433851.1628018721; _pbjs_userid_consent_data=3524755945110770; _pubcid=cb67eaa5-2fb9-4a87-bd95-5b9bbd488431; _uetsid=8b262030f49011eb96e7ebce68debd63; _uetvid=8b264fa0f49011eba0aa1551958ef9ab
Connection: keep-alive
Referer: https://newerafin.site/lander/white5_1627283170/index_16.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:21 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: W/"60fe5f45-215f"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Fri, 13 Aug 2021 19:25:21 GMT

GET
H/1.1 200
OK bounce.html Show response
newerafin.site/lander/white5_1627283170/ Frame 4EC0 0
260 B 249ms
57ms Script
text/html 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://newerafin.site/lander/white5_1627283170/bounce.html

Requested by

Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/index_13.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://newerafin.site/lander/white5_1627283170/index_13.html
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg; _ga=GA1.2.306934076.1628018721; _gid=GA1.2.1474232014.1628018721; _gat=1; _msuuid_589xd066238=A96B704C-C778-4352-B559-97735251F17F; _gcl_au=1.1.1194433851.1628018721; _pbjs_userid_consent_data=3524755945110770; _pubcid=cb67eaa5-2fb9-4a87-bd95-5b9bbd488431; _uetsid=8b262030f49011eb96e7ebce68debd63; _uetvid=8b264fa0f49011eba0aa1551958ef9ab
Connection: keep-alive
Referer: https://newerafin.site/lander/white5_1627283170/index_13.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:21 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-0"
Content-Type: text/html
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 4EC0
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
805 B

51ms
51ms

Script
text/html

37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/index_13.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Aug 2021 19:25:21 GMT
X-Proxy-Origin: 37.120.156.140; 37.120.156.140; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: f4e84dcb-284a-4dbd-9b59-d4201d79f84a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 03 Aug 2021 19:25:21 GMT
X-Proxy-Origin: 37.120.156.140; 37.120.156.140; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 18b43e97-9c27-40a9-812f-1b1434dfd753
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js.html Show response
newerafin.site/lander/white5_1627283170/ Frame DA65 31 KB
9 KB 211ms
110ms Script
text/html 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://newerafin.site/lander/white5_1627283170/usync.js.html

Requested by

Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/index_8.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

Software

nginx /

Resource Hash

36c901e4e2fc476aa2b22cef591ef21df59ef07b3503702dc50a8e42a06a3ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://newerafin.site/lander/white5_1627283170/index_8.html
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg; _ga=GA1.2.306934076.1628018721; _gid=GA1.2.1474232014.1628018721; _gat=1; _msuuid_589xd066238=A96B704C-C778-4352-B559-97735251F17F; _gcl_au=1.1.1194433851.1628018721; _pbjs_userid_consent_data=3524755945110770; _pubcid=cb67eaa5-2fb9-4a87-bd95-5b9bbd488431; _uetsid=8b262030f49011eb96e7ebce68debd63; _uetvid=8b264fa0f49011eba0aa1551958ef9ab
Connection: keep-alive
Referer: https://newerafin.site/lander/white5_1627283170/index_8.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: W/"60fe5f45-7cb3"
Transfer-Encoding: chunked
Content-Type: text/html
Connection: keep-alive

GET
H2

200

sid Show response
mug.criteo.com/ Frame 8ED6
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=newerafin.site&sn=ChromeSyncframe&so=0&topUrl=newerafin.site&cw=1
https://mug.criteo.com/sid?cpp=3qV4Tnx1SVBXOFlubHdSTmNkQVdUbEJEQTlBMUp2MHpEVTJLbTVkUG40REE0YVFJdmNpTXZzVU1HeHpldEpoN2w0MWVCa1JhNHlDWnp5MWE3cGRpbVVuK245QlRIWFp6M2hEUXcreEtrYVhsVEpsaXZ0MGw4MElnb2dGL1...

436 B
623 B

194ms
62ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=3qV4Tnx1SVBXOFlubHdSTmNkQVdUbEJEQTlBMUp2MHpEVTJLbTVkUG40REE0YVFJdmNpTXZzVU1HeHpldEpoN2w0MWVCa1JhNHlDWnp5MWE3cGRpbVVuK245QlRIWFp6M2hEUXcreEtrYVhsVEpsaXZ0MGw4MElnb2dGL1VxSnV4Z3ZLMUt1ZDRRbmNIeStYTmMzWVEzRDBZMHlZNjg0NUp4NUIrdlhCbXRML0RDYmJvdm04QllyZEd0eXZ1SThGQXV6cmZWQm5idnBiSUpjZWxFYWNIK2tPZklJd05mTjgwOEF3WHlLRmRKSmRtZUIyWnBacVg3S2xnVm81aVNYRkhsR1hXUmpMbjRZL2pnSk53LzAwdnBCMnlRZz09fA&cppv=2

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=newerafin.site

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

76cbe2f9efced92669c43034af6308087179906bec76fb12a72e49304feb2107

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Tue, 03 Aug 2021 19:25:21 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2089
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 03 Aug 2021 19:25:20 GMT
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=3qV4Tnx1SVBXOFlubHdSTmNkQVdUbEJEQTlBMUp2MHpEVTJLbTVkUG40REE0YVFJdmNpTXZzVU1HeHpldEpoN2w0MWVCa1JhNHlDWnp5MWE3cGRpbVVuK245QlRIWFp6M2hEUXcreEtrYVhsVEpsaXZ0MGw4MElnb2dGL1VxSnV4Z3ZLMUt1ZDRRbmNIeStYTmMzWVEzRDBZMHlZNjg0NUp4NUIrdlhCbXRML0RDYmJvdm04QllyZEd0eXZ1SThGQXV6cmZWQm5idnBiSUpjZWxFYWNIK2tPZklJd05mTjgwOEF3WHlLRmRKSmRtZUIyWnBacVg3S2xnVm81aVNYRkhsR1hXUmpMbjRZL2pnSk53LzAwdnBCMnlRZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1503
content-length: 541
expires: 0

GET
H/1.1 200
OK index_15.html Show response
newerafin.site/lander/white5_1627283170/ Frame 08E3 306 B
570 B 83ms
56ms Document
text/html 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://newerafin.site/lander/white5_1627283170/index_15.html

Requested by

Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/index_9.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

Software

nginx /

Resource Hash

be2e173c7120f452f20897f1c31b44ffa99f009e945bdc1a51acdb632d5566d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Host: newerafin.site
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://newerafin.site/lander/white5_1627283170/index_9.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg; _ga=GA1.2.306934076.1628018721; _gid=GA1.2.1474232014.1628018721; _gat=1; _msuuid_589xd066238=A96B704C-C778-4352-B559-97735251F17F; _gcl_au=1.1.1194433851.1628018721; _pbjs_userid_consent_data=3524755945110770; _pubcid=cb67eaa5-2fb9-4a87-bd95-5b9bbd488431; _uetsid=8b262030f49011eb96e7ebce68debd63; _uetvid=8b264fa0f49011eba0aa1551958ef9ab
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newerafin.site/lander/white5_1627283170/index_9.html

Response headers

Server: nginx
Date: Tue, 03 Aug 2021 19:25:21 GMT
Content-Type: text/html
Content-Length: 306
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Connection: keep-alive
ETag: "60fe5f45-132"
X-Content-Type-Options: nosniff
Accept-Ranges: bytes

GET
H2 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210720/r20110914/ Frame F32A 18 KB
8 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210720/r20110914/abg_lite_fy2019.js

Requested by

Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/index_9.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7438cd6d98fc8e372c9a87e319ab965229ce2ba37798db808c8408f791db86ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 08:43:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38506
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7622
x-xss-protection: 0
server: cafe
etag: 16178317465966918049
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 08:43:35 GMT

GET
H2 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210720/r20110914/elements/html/ Frame F32A 6 KB
3 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210720/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/index_9.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dff9c5d8bb8ff3117fe17757c275af96ca695dc60d7fb811331cb38815a91a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 05:31:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50053
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2627
x-xss-protection: 0
server: cafe
etag: 17449454297928180344
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Aug 2021 05:31:08 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F32A 0
592 B 187ms
85ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssJVbCXIlMVQV9h7LcivcqIwU8fjVP7TkxVrcridR9EnUysrgrC-WHPIld-GZu9NRbW4UZ3udSuo5oe6D7t6SGFA0269p6sRyAh-uRyA5X7NhcCCCOXkeC4N7Xg9SA0T4Kzmq7ziN3bMrAGZk7-VfM8q9i8bdzZcMHEiaD2lH0mL-qucfIXUmHn5_lWOjC7I9qkKXWlc4Sj6BmAS95ut_cyfoWecdEvFMtPqH6zefH7AF-hy6vbDVNpp01ajLt2EOmZfSutuq9JdIagCIhcfBFDdMfDPEk0WEAZcsoWW51t6b5dgXoNKxn2fe4eKP8UDLeoGXThBYpy6ReeMQZT72rkytoC7hejg-JAlY0lUjXz2LroXgBVbX377qA_hHGC-2luAZLe4-0FT6mHHViEZjaCHwq9PajrEVTu5-xK85Bw-Gq_bX-BAtkH6ffcXst-FDGWsW04IEy2qvegSnbXTZUZGmDLJ39Wz3ZSVWxjL6J7AtivSa_AblaUxo3BGeZpqV9KToaIT-8_0alpP6bkfAvbWdDKEXbEvH-xeiDt-2PxHbRRKzrskpS3GDJQkj1WxgbXTw2sMPvyJkJ1bVhmTGNs30q7XIqEHmY3Ac4lGJdcW2SJSIi1Ag851b3mo7Y0EjftzkEGIUohGnwjvSM0CAxwCX4ANsMicmsFjh1MHbQ5QRyHI6WV-KR4L95cPU8N1qRO68Qel_HOjXRsg6vNLMtmNMvKkK1bVjLiWC9v8AqlMbw97AUanH-hxcXVg8J4o_e7BzQkeFjoHVm77xg7MyzTm83Mmhschf8QRCHu7VQpLPuSIg_tyt9s8E7oXN8dBZ9TcstpQrYoMNK2NcxNLDb7odspTY4RSPcdAFUEyvlT_DcDJ7Tmzc-lV0vr7L0ttTNAoDQn-nJ-1ouVH6dG6mxSKIJOTJI54c5rAVK3JjKcM2QclMDErGv60mGvgs9QgQU9rPTb247JXhvDwz3LNrS1Da_IvHPrmuzG-lYm0FNie-xOP7R-sEjPSxpjeYKhCS180vS9BonVvgvhE8cyD41Jn5FWsUYYQZJMslgX9zYBRaKPsHdCNBflkYJ547smvMVcimlDVGISfQNN38l1w0bFN806XkCY8J5_vmyn2M3zfTuVZ8i3w6a0&sai=AMfl-YSfPpjL8GnbP4aT6vPwqYCAmVYm3Q6yOrc9kRFmYsX3vN8iT1TOjz-mkQukC5ZfjZx-EmX2lnFsi5CvoJEgh6K5Zn_nBNYKpqaz2U3cmETmJksn3aABEIyndVND1xIghDjvS07ygUWiP7cK4oF2QnB9UqCsFCbrpxZSEleJjQX7uJ21BdP5h3fqyDyb0t-DggJ-tRoS2hNbwMREYPU_32_7Wom_fGN-eYpeBehsel2-Xzf4-5TqRv5GWiYuGO-jt0KLnLMVA2-uBCRbtJxpObsYIY1wdfZyNwCcKxOaXEH57ExdxgvUJI8YAn5hCkmjMdskRBtjkyzJ8CDBg6ujAIAW54z0luBRUyFWCv0OcWN5MXMPnX0BXQ7P6DHrbrIjvxDo9HlT&sig=Cg0ArKJSzNKLdmfarX6cEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210720.82554&adurl=

Requested by

Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/index_9.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Tue, 03 Aug 2021 19:25:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F32A 41 KB
15 KB 32ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/index_9.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 06:32:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132799
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 06:32:02 GMT

GET
H2 200 3903259572706743127
s0.2mdn.net/simgad/ Frame F32A 131 KB
131 KB 158ms
120ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/3903259572706743127

Requested by

Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/index_9.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db57910557cd7701310fbc58b1dc943b4d1df44610b6e3c5a22d51d44bb169e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 19:25:21 GMT
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133960
x-xss-protection: 0
last-modified: Tue, 20 Jul 2021 16:37:36 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 19:25:21 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/613657585/ 42 B
64 B 40ms
25ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/613657585/?random=1628018721201&cv=9&fst=1628017200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7l1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fnewerafin.site%2FLMD1Nns6&tiba=How%20to%20Buy%20on%20eBay&async=1&fmt=3&is_vtc=1&random=3078371344&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 19:25:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/613657585/ 42 B
108 B 21ms
16ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/613657585/?random=1628018721201&cv=9&fst=1628017200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7l1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fnewerafin.site%2FLMD1Nns6&tiba=How%20to%20Buy%20on%20eBay&async=1&fmt=3&is_vtc=1&random=3078371344&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 19:25:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/613657585/ 2 KB
1 KB 30ms
28ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/613657585/?random=1628018721334&cv=9&fst=1628018721334&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7l1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fnewerafin.site%2FLMD1Nns6&tiba=How%20to%20Buy%20on%20eBay&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccca522b7af15fd5e1b010810a262c7ae84c6151735bf8b371af5b6501357004

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 19:25:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1033
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
187 B 61ms
60ms Ping
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://newerafin.site
date: Tue, 03 Aug 2021 19:25:20 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 28EC 22 KB
8 KB 17ms
14ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newerafin.site/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newerafin.site/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Mon, 02 Aug 2021 06:32:03 GMT
expires: Tue, 02 Aug 2022 06:32:03 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 132798
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK fa68486420556363c76a9f284102697ac64ef39e.png
newerafin.site/lander/white5_1627283170/ Frame F07F 212 B
545 B 123ms
53ms Image
image/png 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newerafin.site/lander/white5_1627283170/fa68486420556363c76a9f284102697ac64ef39e.png
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/index_1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: 1e104986e2ec04cc2d6a15cbb4fb509c88279d9ea7256bed6ad4569705ef86bd

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://newerafin.site/lander/white5_1627283170/index_1.html
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg; _ga=GA1.2.306934076.1628018721; _gid=GA1.2.1474232014.1628018721; _gat=1; _msuuid_589xd066238=A96B704C-C778-4352-B559-97735251F17F; _gcl_au=1.1.1194433851.1628018721; _pbjs_userid_consent_data=3524755945110770; _pubcid=cb67eaa5-2fb9-4a87-bd95-5b9bbd488431; _uetsid=8b262030f49011eb96e7ebce68debd63; _uetvid=8b264fa0f49011eba0aa1551958ef9ab
Connection: keep-alive
Referer: https://newerafin.site/lander/white5_1627283170/index_1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:21 GMT
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-d4"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 212
Expires: Fri, 13 Aug 2021 19:25:21 GMT

GET
H/1.1 200
OK 55a410d045019aa3fad8459ac3f00f20105ecce0.png
newerafin.site/lander/white5_1627283170/ Frame 696D 212 B
545 B 114ms
57ms Image
image/png 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newerafin.site/lander/white5_1627283170/55a410d045019aa3fad8459ac3f00f20105ecce0.png
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/index_2.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: 79f138d690a4ce6221dde6254a1db0691e1029f9dddefff8ce30f9dae2862cf3

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://newerafin.site/lander/white5_1627283170/index_2.html
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg; _ga=GA1.2.306934076.1628018721; _gid=GA1.2.1474232014.1628018721; _gat=1; _msuuid_589xd066238=A96B704C-C778-4352-B559-97735251F17F; _gcl_au=1.1.1194433851.1628018721; _pbjs_userid_consent_data=3524755945110770; _pubcid=cb67eaa5-2fb9-4a87-bd95-5b9bbd488431; _uetsid=8b262030f49011eb96e7ebce68debd63; _uetvid=8b264fa0f49011eba0aa1551958ef9ab
Connection: keep-alive
Referer: https://newerafin.site/lander/white5_1627283170/index_2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:21 GMT
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-d4"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 212
Expires: Fri, 13 Aug 2021 19:25:21 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=newerafin.site

Requested by

Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/pubads_impl_2021071401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 19:25:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=newerafin.site

Requested by

Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/pubads_impl_2021071401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 19:25:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 30 KB
7 KB 214ms
214ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3532671883855933&correlator=2680945003562301&output=ldjh&impl=fifs&eid=31061422%2C31062031%2C31061424%2C44741898%2C20211866&vrg=2021071401&ptt=17&sc=1&sfv=1-0-38&ecs=20210803&iu_parts=8095840%2C.2_A.37543.7_dealnews.com_tier1%2C.2_A.37541.4_dealnews.com_tier1%2C.2_A.37539.7_dealnews.com_tier1%2C.2_A.37540.4_dealnews.com_tier1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=300x250%7C300x340%7C120x600%7C160x600%7C300x600%2C300x600%7C300x250%7C300x400%7C160x600%2C300x600%7C300x250%7C300x400%7C160x600%2C300x250%7C300x340%7C120x600%7C160x600%7C300x600&prev_scp=position%3Dtop%26amznbid%3D2%26amznp%3D2%7Cposition%3Dmiddle%26amznbid%3D2%26amznp%3D2%7Cposition%3Dpersistent%26amznbid%3D2%26amznp%3D2%7Cposition%3Dbottom%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=New_User%3DTrue%26pubcid%3Dcb67eaa5-2fb9-4a87-bd95-5b9bbd488431&cookie_enabled=1&bc=31&abxe=1&lmt=1628018719&dt=1628018721469&dlt=1628018719671&idt=1362&frm=20&biw=1600&bih=1200&oid=3&adxs=1116%2C1116%2C1116%2C1229&adys=137%2C2477%2C3322%2C7758&adks=635638088%2C1137246027%2C3681443303%2C2830761948&ucis=1%7C2%7C3%7C4&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnewerafin.site%2FLMD1Nns6&vis=1&dmc=8&scr_x=0&scr_y=0&psz=314x646%7C314x296%7C314x646%7C300x266&msz=314x646%7C314x296%7C314x646%7C300x266&ga_vid=306934076.1628018721&ga_sid=1628018721&ga_hid=308077231&ga_fc=false&fws=0%2C0%2C512%2C0&ohw=0%2C0%2C0%2C0&btvi=0%7C1%7C2%7C3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/pubads_impl_2021071401.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ca4fff3b81a1dd54550cd75331dfc40df22eed7974879fbedbcefc56f512578b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 19:25:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6766
x-xss-protection: 0
google-lineitem-id: 5399574871,5398545034,5397729292,5397164760
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138314519055,138314356358,138314225625,138314238161
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://newerafin.site
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a319c56c9330b8a3477a6f71d9448438.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0C89 6 KB
3 KB 64ms
13ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a319c56c9330b8a3477a6f71d9448438.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/pubads_impl_2021071401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: a319c56c9330b8a3477a6f71d9448438.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newerafin.site/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newerafin.site/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 03 Aug 2021 19:25:21 GMT
expires: Wed, 03 Aug 2022 19:25:21 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 0
bat.bing.com/action/ 0
94 B 33ms
33ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=36002962&Ver=2&mid=a9393e84-d235-4b3b-b2e1-efb57417febf&sid=8b262030f49011eb96e7ebce68debd63&vid=8b264fa0f49011eba0aa1551958ef9ab&vids=0&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=How%20to%20Buy%20on%20eBay&kw=How,to,Buy,on,eBay&p=https%3A%2F%2Fnewerafin.site%2FLMD1Nns6&r=&lt=2153&evt=pageLoad&msclkid=N&sv=1&rn=227668
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 03 Aug 2021 19:25:20 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 4BFC225C7B2F4CFFAB3440315BED7987 Ref B: FRAEDGE1518 Ref C: 2021-08-03T19:25:21Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame F774 232 B
219 B 396ms
299ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=6fc02d438f24b1b3b8320ac0fed818a0da2d2482

Requested by

Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/index_18.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 19:25:21 GMT
content-encoding: gzip
last-modified: Tue, 03 Aug 2021 19:25:21 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://newerafin.site
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 0fc2fbd96d24389ea40f6726d75db933ce37c0012e6d0a5fd3b0f4a0c5a19250
content-length: 166

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 56E1 232 B
431 B 220ms
152ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=67edcd0182b804e034c9db95414431595dc27f57

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fnewerafin.site

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 19:25:21 GMT
content-encoding: gzip
last-modified: Tue, 03 Aug 2021 19:25:21 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 0fc2fbd96d24389ea40f6726d75db933ce37c0012e6d0a5fd3b0f4a0c5a19250
content-length: 166

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame F07F 0
0 89ms
86ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuzUdaHuOYbnk4v8_0DaWEjbGVUwDFGYaRY2PH9HFjR34_GSeB6EFNkSTx6OPxxXIdr5jeH6dv4nfQ8RfaoT7YDDB7NJ1NV4WFod-kziu-b_g5Gh1B97jRJHHJFkNDPxu6Xc8aoReCw6QIzrkdP6mIPbIq61zJwndmAfKSSmNuKyXvpXJe4pfydZUIwEBui71z80TsGzPt-10CTavk79vH1Z0oEOFy5X1-Vv2fa2NDwT4UAH6oNKGfAgeq39IhjaUDIJElAagS564IP2TMh9LGy9N97CIbl_XaTxj5Zj9csJ5n6OqM5njPX9ufovu7Vi7FJMthesf_QTD-PPg&sai=AMfl-YRREHHKqOGgUyasTyL2GroNI35-TRRRWZdb7k2mvfJBG6ZkwnZy-DUELMgxETgNr3twAguEmaOT9meoPWyAdXEBOyixMV4YO-tFpwX5w0OOGuG_mctjnEckAZKZnvbP&sig=Cg0ArKJSzKDhxmOVI1nuEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/rx_lidar.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 19:25:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 03 Aug 2021 19:25:21 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 696D 0
0 79ms
78ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstCjsSG6OdULPGN0JYwHc9gqNy90zIqEsBJc91d9XYdvw2jb_yFYdJJC0dQ3h4FU-EFz5VUHjmtxRx-p8CQ9In5XmfyJVcBtyxt_42JqI77NTW4ZWLWMt04RvdumzSmhX_W84iOpCf6KjtN8s0iKuvAuE-JHEW-0lh1VnhZjIzIA9pJ9xXmVOQNJsciE7E7VkCTveLrr-taZaebb13BDpmDOth_oUakZThWmdA8oPWY10czumaPze04e9yBArIRxtSo6QSGPt62CDYK6xW_Dd57pDR5nRpcJyNsrj7g4kwCT6VW7Kyw6-gfsHbJhm21Kd3IKVH1I85qdmkRUg&sai=AMfl-YTjvpti5w5x6ooVwiLS9R-v0Rxnz_Tkty-b_Xdxl7lzqk0sxXh8FYi-lyGHYYBMTG7Rs2uPjizDp0UdZZIbp6pELjkUoxGD1fIcK9cLzdBlxbRNe-CpnGW1SwbrCQ3O&sig=Cg0ArKJSzPqXMZ064_noEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/rx_lidar.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 19:25:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 03 Aug 2021 19:25:21 GMT

GET
H/1.1 200
OK KFOmCnqEu92Fr1Mu5mxKOzY.woff2
newerafin.site/lander/white5_1627283170/ Frame 4117 10 KB
10 KB 63ms
62ms Font
font/woff2 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/index_16.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: 53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://newerafin.site
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://newerafin.site/lander/white5_1627283170/index_16.html
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg; _ga=GA1.2.306934076.1628018721; _gid=GA1.2.1474232014.1628018721; _gat=1; _msuuid_589xd066238=A96B704C-C778-4352-B559-97735251F17F; _gcl_au=1.1.1194433851.1628018721; _pbjs_userid_consent_data=3524755945110770; _pubcid=cb67eaa5-2fb9-4a87-bd95-5b9bbd488431; _uetsid=8b262030f49011eb96e7ebce68debd63; _uetvid=8b264fa0f49011eba0aa1551958ef9ab; cto_bidid=N12til83SmRXZ2cxNVY5ajYlMkJjZjhFOUFQdFlmZDhKY2QlMkJOZWNIJTJGQ21MbnBtdDdVMjN4Y3kxdUxaRmVGVGZ5aGRCa2dmZjhENTZ1JTJCaCUyRjIyMGcyeHN0czdNN1NzJTJCNkJ4Q1lDeFNlaEtkdk81OUVXeVhsaUhBWDBwcyUyQmclMkZoaGxsR1pqWEE; cto_bundle=z5Xa7l95Z3hvc1JmSlQlMkJaazZDMjM5U2l2Vm4yNmNoOUVIcjZXQXpuJTJGOUdKd1BmVCUyRkt0UVRSNVFEMGhERVBPVGsyZXBPTW9GdmdYenVNRjd5RElFRiUyRlBMeXNMWTBNOUI1UERaUDd3UmJQbXFjUzV6WjA4RW56SU1ocWJCREYxOUlwenNMbzclMkYwbHVEdDRMVDJtbGs2dCUyQkV0WWclM0QlM0Q
Connection: keep-alive
Origin: https://newerafin.site
Referer: https://newerafin.site/lander/white5_1627283170/index_16.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:21 GMT
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-2668"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9832
Expires: Fri, 13 Aug 2021 19:25:21 GMT

GET
H/1.1 200
OK 372af269dbcaf008978fd1b59102d513a98a5464.png
newerafin.site/lander/white5_1627283170/ Frame 8AAE 213 B
546 B 61ms
58ms Image
image/png 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newerafin.site/lander/white5_1627283170/372af269dbcaf008978fd1b59102d513a98a5464.png
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/index_3.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: 3935860b5204c7f9f4b3e73190758246f27318e3b15ca1ca90d3be42fba49347

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://newerafin.site/lander/white5_1627283170/index_3.html
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg; _ga=GA1.2.306934076.1628018721; _gid=GA1.2.1474232014.1628018721; _gat=1; _msuuid_589xd066238=A96B704C-C778-4352-B559-97735251F17F; _gcl_au=1.1.1194433851.1628018721; _pbjs_userid_consent_data=3524755945110770; _pubcid=cb67eaa5-2fb9-4a87-bd95-5b9bbd488431; _uetsid=8b262030f49011eb96e7ebce68debd63; _uetvid=8b264fa0f49011eba0aa1551958ef9ab; cto_bidid=N12til83SmRXZ2cxNVY5ajYlMkJjZjhFOUFQdFlmZDhKY2QlMkJOZWNIJTJGQ21MbnBtdDdVMjN4Y3kxdUxaRmVGVGZ5aGRCa2dmZjhENTZ1JTJCaCUyRjIyMGcyeHN0czdNN1NzJTJCNkJ4Q1lDeFNlaEtkdk81OUVXeVhsaUhBWDBwcyUyQmclMkZoaGxsR1pqWEE; cto_bundle=z5Xa7l95Z3hvc1JmSlQlMkJaazZDMjM5U2l2Vm4yNmNoOUVIcjZXQXpuJTJGOUdKd1BmVCUyRkt0UVRSNVFEMGhERVBPVGsyZXBPTW9GdmdYenVNRjd5RElFRiUyRlBMeXNMWTBNOUI1UERaUDd3UmJQbXFjUzV6WjA4RW56SU1ocWJCREYxOUlwenNMbzclMkYwbHVEdDRMVDJtbGs2dCUyQkV0WWclM0QlM0Q
Connection: keep-alive
Referer: https://newerafin.site/lander/white5_1627283170/index_3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:21 GMT
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-d5"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 213
Expires: Fri, 13 Aug 2021 19:25:21 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F32A 0
20 B 49ms
45ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=1&e=1

Requested by

Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/index_9.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 19:25:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/613657585/ 42 B
64 B 19ms
18ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/613657585/?random=1628018721334&cv=9&fst=1628017200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7l1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fnewerafin.site%2FLMD1Nns6&tiba=How%20to%20Buy%20on%20eBay&async=1&fmt=3&is_vtc=1&random=2565350928&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 19:25:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/613657585/ 42 B
64 B 28ms
25ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/613657585/?random=1628018721334&cv=9&fst=1628017200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7l1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fnewerafin.site%2FLMD1Nns6&tiba=How%20to%20Buy%20on%20eBay&async=1&fmt=3&is_vtc=1&random=2565350928&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 19:25:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK index_14.html Show response
newerafin.site/lander/white5_1627283170/ Frame B039 23 KB
9 KB 61ms
61ms Document
text/html 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://newerafin.site/lander/white5_1627283170/index_14.html

Requested by

Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/index_9.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

Software

nginx /

Resource Hash

5a3932adfe9f249c83c4f61d2ec2fc5a747c0f0d728fa0724f01f8f48739e28d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Host: newerafin.site
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://newerafin.site/lander/white5_1627283170/index_9.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg; _ga=GA1.2.306934076.1628018721; _gid=GA1.2.1474232014.1628018721; _gat=1; _msuuid_589xd066238=A96B704C-C778-4352-B559-97735251F17F; _gcl_au=1.1.1194433851.1628018721; _pbjs_userid_consent_data=3524755945110770; _pubcid=cb67eaa5-2fb9-4a87-bd95-5b9bbd488431; _uetsid=8b262030f49011eb96e7ebce68debd63; _uetvid=8b264fa0f49011eba0aa1551958ef9ab; cto_bidid=N12til83SmRXZ2cxNVY5ajYlMkJjZjhFOUFQdFlmZDhKY2QlMkJOZWNIJTJGQ21MbnBtdDdVMjN4Y3kxdUxaRmVGVGZ5aGRCa2dmZjhENTZ1JTJCaCUyRjIyMGcyeHN0czdNN1NzJTJCNkJ4Q1lDeFNlaEtkdk81OUVXeVhsaUhBWDBwcyUyQmclMkZoaGxsR1pqWEE; cto_bundle=z5Xa7l95Z3hvc1JmSlQlMkJaazZDMjM5U2l2Vm4yNmNoOUVIcjZXQXpuJTJGOUdKd1BmVCUyRkt0UVRSNVFEMGhERVBPVGsyZXBPTW9GdmdYenVNRjd5RElFRiUyRlBMeXNMWTBNOUI1UERaUDd3UmJQbXFjUzV6WjA4RW56SU1ocWJCREYxOUlwenNMbzclMkYwbHVEdDRMVDJtbGs2dCUyQkV0WWclM0QlM0Q
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newerafin.site/lander/white5_1627283170/index_9.html

Response headers

Server: nginx
Date: Tue, 03 Aug 2021 19:25:21 GMT
Content-Type: text/html
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"60fe5f45-5a0a"
X-Content-Type-Options: nosniff
Content-Encoding: gzip

GET
H/1.1 200
OK 3338bf19fab2e1794c706d10862121964877687a.png
newerafin.site/lander/white5_1627283170/ Frame F32A 215 B
548 B 54ms
53ms Image
image/png 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newerafin.site/lander/white5_1627283170/3338bf19fab2e1794c706d10862121964877687a.png
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/index_9.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: eb5656bda64374e6e58e7e6be2578580fe8b0e50c474762566948a520c0df637

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://newerafin.site/lander/white5_1627283170/index_9.html
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg; _ga=GA1.2.306934076.1628018721; _gid=GA1.2.1474232014.1628018721; _gat=1; _msuuid_589xd066238=A96B704C-C778-4352-B559-97735251F17F; _gcl_au=1.1.1194433851.1628018721; _pbjs_userid_consent_data=3524755945110770; _pubcid=cb67eaa5-2fb9-4a87-bd95-5b9bbd488431; _uetsid=8b262030f49011eb96e7ebce68debd63; _uetvid=8b264fa0f49011eba0aa1551958ef9ab; cto_bidid=N12til83SmRXZ2cxNVY5ajYlMkJjZjhFOUFQdFlmZDhKY2QlMkJOZWNIJTJGQ21MbnBtdDdVMjN4Y3kxdUxaRmVGVGZ5aGRCa2dmZjhENTZ1JTJCaCUyRjIyMGcyeHN0czdNN1NzJTJCNkJ4Q1lDeFNlaEtkdk81OUVXeVhsaUhBWDBwcyUyQmclMkZoaGxsR1pqWEE; cto_bundle=z5Xa7l95Z3hvc1JmSlQlMkJaazZDMjM5U2l2Vm4yNmNoOUVIcjZXQXpuJTJGOUdKd1BmVCUyRkt0UVRSNVFEMGhERVBPVGsyZXBPTW9GdmdYenVNRjd5RElFRiUyRlBMeXNMWTBNOUI1UERaUDd3UmJQbXFjUzV6WjA4RW56SU1ocWJCREYxOUlwenNMbzclMkYwbHVEdDRMVDJtbGs2dCUyQkV0WWclM0QlM0Q
Connection: keep-alive
Referer: https://newerafin.site/lander/white5_1627283170/index_9.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:21 GMT
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-d7"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 215
Expires: Fri, 13 Aug 2021 19:25:21 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame F32A 0
23 B 129ms
80ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/index_9.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 19:25:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK htw-pixel.gif
newerafin.site/lander/white5_1627283170/ Frame 0431 43 B
375 B 55ms
53ms Image
image/gif 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newerafin.site/lander/white5_1627283170/htw-pixel.gif
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/index_17.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://newerafin.site/lander/white5_1627283170/index_17.html
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg; _ga=GA1.2.306934076.1628018721; _gid=GA1.2.1474232014.1628018721; _gat=1; _msuuid_589xd066238=A96B704C-C778-4352-B559-97735251F17F; _gcl_au=1.1.1194433851.1628018721; _pbjs_userid_consent_data=3524755945110770; _pubcid=cb67eaa5-2fb9-4a87-bd95-5b9bbd488431; _uetsid=8b262030f49011eb96e7ebce68debd63; _uetvid=8b264fa0f49011eba0aa1551958ef9ab; cto_bidid=N12til83SmRXZ2cxNVY5ajYlMkJjZjhFOUFQdFlmZDhKY2QlMkJOZWNIJTJGQ21MbnBtdDdVMjN4Y3kxdUxaRmVGVGZ5aGRCa2dmZjhENTZ1JTJCaCUyRjIyMGcyeHN0czdNN1NzJTJCNkJ4Q1lDeFNlaEtkdk81OUVXeVhsaUhBWDBwcyUyQmclMkZoaGxsR1pqWEE; cto_bundle=z5Xa7l95Z3hvc1JmSlQlMkJaazZDMjM5U2l2Vm4yNmNoOUVIcjZXQXpuJTJGOUdKd1BmVCUyRkt0UVRSNVFEMGhERVBPVGsyZXBPTW9GdmdYenVNRjd5RElFRiUyRlBMeXNMWTBNOUI1UERaUDd3UmJQbXFjUzV6WjA4RW56SU1ocWJCREYxOUlwenNMbzclMkYwbHVEdDRMVDJtbGs2dCUyQkV0WWclM0QlM0Q
Connection: keep-alive
Referer: https://newerafin.site/lander/white5_1627283170/index_17.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:21 GMT
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-2b"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 13 Aug 2021 19:25:21 GMT

GET
H/1.1 200
OK 09e21e0c407686fada8f091959db2a2afe67b008.png
newerafin.site/lander/white5_1627283170/ Frame 4117 175 B
508 B 59ms
58ms Image
image/png 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newerafin.site/lander/white5_1627283170/09e21e0c407686fada8f091959db2a2afe67b008.png
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/www-player-webp.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://newerafin.site/lander/white5_1627283170/www-player-webp.css
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg; _ga=GA1.2.306934076.1628018721; _gid=GA1.2.1474232014.1628018721; _gat=1; _msuuid_589xd066238=A96B704C-C778-4352-B559-97735251F17F; _gcl_au=1.1.1194433851.1628018721; _pbjs_userid_consent_data=3524755945110770; _pubcid=cb67eaa5-2fb9-4a87-bd95-5b9bbd488431; _uetsid=8b262030f49011eb96e7ebce68debd63; _uetvid=8b264fa0f49011eba0aa1551958ef9ab; cto_bidid=N12til83SmRXZ2cxNVY5ajYlMkJjZjhFOUFQdFlmZDhKY2QlMkJOZWNIJTJGQ21MbnBtdDdVMjN4Y3kxdUxaRmVGVGZ5aGRCa2dmZjhENTZ1JTJCaCUyRjIyMGcyeHN0czdNN1NzJTJCNkJ4Q1lDeFNlaEtkdk81OUVXeVhsaUhBWDBwcyUyQmclMkZoaGxsR1pqWEE; cto_bundle=z5Xa7l95Z3hvc1JmSlQlMkJaazZDMjM5U2l2Vm4yNmNoOUVIcjZXQXpuJTJGOUdKd1BmVCUyRkt0UVRSNVFEMGhERVBPVGsyZXBPTW9GdmdYenVNRjd5RElFRiUyRlBMeXNMWTBNOUI1UERaUDd3UmJQbXFjUzV6WjA4RW56SU1ocWJCREYxOUlwenNMbzclMkYwbHVEdDRMVDJtbGs2dCUyQkV0WWclM0QlM0Q; __gads=ID=c4c1b87c20413d8e:T=1628018721:S=ALNI_MZ8--quKmvcYewbXDk3gnrZhnbN_g
Connection: keep-alive
Referer: https://newerafin.site/lander/white5_1627283170/www-player-webp.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:21 GMT
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-af"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 175
Expires: Fri, 13 Aug 2021 19:25:21 GMT

GET
H/1.1 200
OK unnamed.jpg
newerafin.site/lander/white5_1627283170/ Frame 4117 3 KB
3 KB 55ms
54ms Image
image/jpeg 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newerafin.site/lander/white5_1627283170/unnamed.jpg
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/index_16.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: b1fc581c9031430c68eb5903d206b8162b6ee3f2dae97be6791b63f193382c14

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://newerafin.site/lander/white5_1627283170/index_16.html
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg; _ga=GA1.2.306934076.1628018721; _gid=GA1.2.1474232014.1628018721; _gat=1; _msuuid_589xd066238=A96B704C-C778-4352-B559-97735251F17F; _gcl_au=1.1.1194433851.1628018721; _pbjs_userid_consent_data=3524755945110770; _pubcid=cb67eaa5-2fb9-4a87-bd95-5b9bbd488431; _uetsid=8b262030f49011eb96e7ebce68debd63; _uetvid=8b264fa0f49011eba0aa1551958ef9ab; cto_bidid=N12til83SmRXZ2cxNVY5ajYlMkJjZjhFOUFQdFlmZDhKY2QlMkJOZWNIJTJGQ21MbnBtdDdVMjN4Y3kxdUxaRmVGVGZ5aGRCa2dmZjhENTZ1JTJCaCUyRjIyMGcyeHN0czdNN1NzJTJCNkJ4Q1lDeFNlaEtkdk81OUVXeVhsaUhBWDBwcyUyQmclMkZoaGxsR1pqWEE; cto_bundle=z5Xa7l95Z3hvc1JmSlQlMkJaazZDMjM5U2l2Vm4yNmNoOUVIcjZXQXpuJTJGOUdKd1BmVCUyRkt0UVRSNVFEMGhERVBPVGsyZXBPTW9GdmdYenVNRjd5RElFRiUyRlBMeXNMWTBNOUI1UERaUDd3UmJQbXFjUzV6WjA4RW56SU1ocWJCREYxOUlwenNMbzclMkYwbHVEdDRMVDJtbGs2dCUyQkV0WWclM0QlM0Q; __gads=ID=c4c1b87c20413d8e:T=1628018721:S=ALNI_MZ8--quKmvcYewbXDk3gnrZhnbN_g
Connection: keep-alive
Referer: https://newerafin.site/lander/white5_1627283170/index_16.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:21 GMT
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-be3"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3043
Expires: Fri, 13 Aug 2021 19:25:21 GMT

GET
H/1.1 200
OK default.webp
newerafin.site/lander/white5_1627283170/ Frame 4117 3 KB
3 KB 58ms
58ms Image
image/webp 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newerafin.site/lander/white5_1627283170/default.webp

Requested by

Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/index_16.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),

Reverse DNS

Software

nginx /

Resource Hash

92f286deee64fb14b7b47d7755c2c5bfe4d99e7e3bcea1b813ccb6f850cdca56

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://newerafin.site/lander/white5_1627283170/index_16.html
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg; _ga=GA1.2.306934076.1628018721; _gid=GA1.2.1474232014.1628018721; _gat=1; _msuuid_589xd066238=A96B704C-C778-4352-B559-97735251F17F; _gcl_au=1.1.1194433851.1628018721; _pbjs_userid_consent_data=3524755945110770; _pubcid=cb67eaa5-2fb9-4a87-bd95-5b9bbd488431; _uetsid=8b262030f49011eb96e7ebce68debd63; _uetvid=8b264fa0f49011eba0aa1551958ef9ab; cto_bidid=N12til83SmRXZ2cxNVY5ajYlMkJjZjhFOUFQdFlmZDhKY2QlMkJOZWNIJTJGQ21MbnBtdDdVMjN4Y3kxdUxaRmVGVGZ5aGRCa2dmZjhENTZ1JTJCaCUyRjIyMGcyeHN0czdNN1NzJTJCNkJ4Q1lDeFNlaEtkdk81OUVXeVhsaUhBWDBwcyUyQmclMkZoaGxsR1pqWEE; cto_bundle=z5Xa7l95Z3hvc1JmSlQlMkJaazZDMjM5U2l2Vm4yNmNoOUVIcjZXQXpuJTJGOUdKd1BmVCUyRkt0UVRSNVFEMGhERVBPVGsyZXBPTW9GdmdYenVNRjd5RElFRiUyRlBMeXNMWTBNOUI1UERaUDd3UmJQbXFjUzV6WjA4RW56SU1ocWJCREYxOUlwenNMbzclMkYwbHVEdDRMVDJtbGs2dCUyQkV0WWclM0QlM0Q; __gads=ID=c4c1b87c20413d8e:T=1628018721:S=ALNI_MZ8--quKmvcYewbXDk3gnrZhnbN_g
Connection: keep-alive
Referer: https://newerafin.site/lander/white5_1627283170/index_16.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:21 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-ac4"
Content-Type: image/webp
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2756

GET
H/1.1 200
OK 0c27bb77a8681534b72a47c96e5c0d6b90bc3e90.svg
newerafin.site/lander/white5_1627283170/ Frame 4117 327 B
665 B 57ms
57ms Image
image/svg+xml 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newerafin.site/lander/white5_1627283170/0c27bb77a8681534b72a47c96e5c0d6b90bc3e90.svg
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/www-player-webp.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: c05b74a7e5c603e06b47126f184675dc2cf3283c8e1a1d1dc97d2dd49fd59620

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://newerafin.site/lander/white5_1627283170/www-player-webp.css
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg; _ga=GA1.2.306934076.1628018721; _gid=GA1.2.1474232014.1628018721; _gat=1; _msuuid_589xd066238=A96B704C-C778-4352-B559-97735251F17F; _gcl_au=1.1.1194433851.1628018721; _pbjs_userid_consent_data=3524755945110770; _pubcid=cb67eaa5-2fb9-4a87-bd95-5b9bbd488431; _uetsid=8b262030f49011eb96e7ebce68debd63; _uetvid=8b264fa0f49011eba0aa1551958ef9ab; cto_bidid=N12til83SmRXZ2cxNVY5ajYlMkJjZjhFOUFQdFlmZDhKY2QlMkJOZWNIJTJGQ21MbnBtdDdVMjN4Y3kxdUxaRmVGVGZ5aGRCa2dmZjhENTZ1JTJCaCUyRjIyMGcyeHN0czdNN1NzJTJCNkJ4Q1lDeFNlaEtkdk81OUVXeVhsaUhBWDBwcyUyQmclMkZoaGxsR1pqWEE; cto_bundle=z5Xa7l95Z3hvc1JmSlQlMkJaazZDMjM5U2l2Vm4yNmNoOUVIcjZXQXpuJTJGOUdKd1BmVCUyRkt0UVRSNVFEMGhERVBPVGsyZXBPTW9GdmdYenVNRjd5RElFRiUyRlBMeXNMWTBNOUI1UERaUDd3UmJQbXFjUzV6WjA4RW56SU1ocWJCREYxOUlwenNMbzclMkYwbHVEdDRMVDJtbGs2dCUyQkV0WWclM0QlM0Q; __gads=ID=c4c1b87c20413d8e:T=1628018721:S=ALNI_MZ8--quKmvcYewbXDk3gnrZhnbN_g
Connection: keep-alive
Referer: https://newerafin.site/lander/white5_1627283170/www-player-webp.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:21 GMT
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-147"
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 327
Expires: Fri, 13 Aug 2021 19:25:21 GMT

GET
H/1.1 200
OK KFOmCnqEu92Fr1Mu4mxK.woff2
newerafin.site/lander/white5_1627283170/ Frame 4117 15 KB
15 KB 59ms
58ms Font
font/woff2 179.43.160.52
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://newerafin.site/lander/white5_1627283170/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/index_16.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 179.43.160.52 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://newerafin.site
Accept-Encoding: gzip, deflate, br
Host: newerafin.site
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://newerafin.site/lander/white5_1627283170/index_16.html
Cookie: _subid=1dq3f8j1237; 710aa=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2MzRcIjoxNjI4MDE4NzE5fSxcImNhbXBhaWduc1wiOntcIjYxXCI6MTYyODAxODcxOX0sXCJ0aW1lXCI6MTYyODAxODcxOX0ifQ.AQM7083MgpZIxAZZYzn2foQAlBBjLPMx_FtzZ6jcMFg; _ga=GA1.2.306934076.1628018721; _gid=GA1.2.1474232014.1628018721; _gat=1; _msuuid_589xd066238=A96B704C-C778-4352-B559-97735251F17F; _gcl_au=1.1.1194433851.1628018721; _pbjs_userid_consent_data=3524755945110770; _pubcid=cb67eaa5-2fb9-4a87-bd95-5b9bbd488431; _uetsid=8b262030f49011eb96e7ebce68debd63; _uetvid=8b264fa0f49011eba0aa1551958ef9ab; cto_bidid=N12til83SmRXZ2cxNVY5ajYlMkJjZjhFOUFQdFlmZDhKY2QlMkJOZWNIJTJGQ21MbnBtdDdVMjN4Y3kxdUxaRmVGVGZ5aGRCa2dmZjhENTZ1JTJCaCUyRjIyMGcyeHN0czdNN1NzJTJCNkJ4Q1lDeFNlaEtkdk81OUVXeVhsaUhBWDBwcyUyQmclMkZoaGxsR1pqWEE; cto_bundle=z5Xa7l95Z3hvc1JmSlQlMkJaazZDMjM5U2l2Vm4yNmNoOUVIcjZXQXpuJTJGOUdKd1BmVCUyRkt0UVRSNVFEMGhERVBPVGsyZXBPTW9GdmdYenVNRjd5RElFRiUyRlBMeXNMWTBNOUI1UERaUDd3UmJQbXFjUzV6WjA4RW56SU1ocWJCREYxOUlwenNMbzclMkYwbHVEdDRMVDJtbGs2dCUyQkV0WWclM0QlM0Q; __gads=ID=c4c1b87c20413d8e:T=1628018721:S=ALNI_MZ8--quKmvcYewbXDk3gnrZhnbN_g
Connection: keep-alive
Origin: https://newerafin.site
Referer: https://newerafin.site/lander/white5_1627283170/index_16.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:21 GMT
Last-Modified: Mon, 26 Jul 2021 07:07:49 GMT
Server: nginx
ETag: "60fe5f45-3bf0"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15344
Expires: Fri, 13 Aug 2021 19:25:21 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7F34 0
0 77ms
76ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQrIQbM6V6A2fGXkYSaSrDuyaRNggmLS0ScxPqlc-GWS3t9UvAncp3NmQqWeoPsuYOW3DxSUDq1Q2RyVcj_-h7hptZ-M-za1X4h_1m_YRZ1mPlLion6qRhuYE9breDfLzkVIA35r9YNNj98OW4ASGlEU_s0CYY1z_rxmwheJGr0368Lce4BuVm5tQ546TQgdIBdZYgczKbfuJWDT4x-0PpPQS1IvzQ3QOnoZim0vaaGJ7dzV9bddHaWBvfIOceSBXOlRERribX4M7Xmg8yKWsPVZrTm7v9-RhUL9XpBNzC1SrfDO6Pe5slqQlImE1VWv7qxCm7O3HuVO0&sig=Cg0ArKJSzMCgnSwwG3f6EAE&urlfix=1&adurl=

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 19:25:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7F34 124 KB
37 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/pubads_impl_2021071401.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c430c267231b0171372bc7daa045e7293403f2744255796e9121c320760f191a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 19:25:21 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627903459924584"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38134
x-xss-protection: 0
expires: Tue, 03 Aug 2021 19:25:21 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame CEC8 0
0 78ms
77ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuIDvqSL3F3pk5KnLEFa9mIBFfRNgPai6TvDrtvi-Rxi3UG1hvkapa9y634Doki5e30iD7XzmD9GRRYUoWgS4XFcdz-bCRXHx9diX0PLVAmbHNDNVM3TUI1ypEDArpbJowuLbfvOwNQ-4Fy-WEQ3VC9m8Gm-FvIogCeH2IzHxguJgo9KN_rXo0p6-R5P3C_ms9-a5IuJt3ju7KPL3XuPOxG6RU1mFHAlJ-7trCK_9O_k8r5_q5hEUarkSk5mUesyz63OEsvQ-aHw6Ix44-UerMF04yt4XzsXD8KAIy4aK5KH-aCO7refqPyId-WbH9bPbkMOge9bD62sdU&sig=Cg0ArKJSzHn3LGwYq887EAE&urlfix=1&adurl=

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 19:25:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CEC8 124 KB
37 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/pubads_impl_2021071401.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c430c267231b0171372bc7daa045e7293403f2744255796e9121c320760f191a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 19:25:21 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627903459924584"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38134
x-xss-protection: 0
expires: Tue, 03 Aug 2021 19:25:21 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2288 0
0 78ms
77ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstoTFSFmnVblFBbpX1MXqr5eOQEbJOEvwWnwpR_0diHmgMyaT4e0cZDLwWwwpQx5PRZ2j1Sa5gH0_8J1TFuDL55lkmSux9UU3hK0nLI4ufxchmGnzcqOC1r-vP-hcfzoHclrOh-foUxYz7YNtR722LetVk3mTYXPlJigKWsPMK66nBZlFROwI1d2YC5GDIuRZHtF2Ct8O4--sBwICGO726kb-ZTL_LOLRXqK2KNp7hditlmH778qbyFbwLo3n_zy8oC4zXjTja_z6Yg9jJHIHxsDXa9kw9u79wQEpf-CcAYH0F4L-PtqYSne7kZGf_AKk5cIO4iZQvmTXI&sig=Cg0ArKJSzPVKrH-CwyWLEAE&urlfix=1&adurl=

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 19:25:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2288 124 KB
37 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/pubads_impl_2021071401.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c430c267231b0171372bc7daa045e7293403f2744255796e9121c320760f191a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 19:25:21 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627903459924584"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38134
x-xss-protection: 0
expires: Tue, 03 Aug 2021 19:25:21 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6517 0
0 78ms
77ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuEbbNh0yUzUnuoGbxTOOp4fOULTTBZdiqZm2AipEvrKGZov-bJklc94Bu7PhFBwkXeaJG_qxtOQNwbKma9H1fC1_ExrrHv3FwqJYGGSnkdU9d8eUmucc3CPeEHcXFJ3q7TJqEoXpQbSvxFsiHj7s9vwAgkGL8dGwPVk3Y_ScbjePws8Y7ofnpy5f4Jvy7E8V-xfcRcd2YKtxJSXrxgGMMZAlTE-hwYJKLkufQPQsSggq8FTqG8MVsQLK-JfVdx0ZsO0Owq4rJbt7BbPnMnaKjBkYAE53ErBmu8bsXFn5fcIU5C91094wuaXRZ2qKDTmIucL-ER_gvzaos&sig=Cg0ArKJSzL2rNceQbgTREAE&urlfix=1&adurl=

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 19:25:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6517 124 KB
37 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/pubads_impl_2021071401.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c430c267231b0171372bc7daa045e7293403f2744255796e9121c320760f191a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 19:25:21 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627903459924584"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38134
x-xss-protection: 0
expires: Tue, 03 Aug 2021 19:25:21 GMT

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/pubads_impl_2021071401.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e3da77a5939fbc06cb620cc93ee888978121a1dcd5cdb746deeb936a4cd92f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 19:25:21 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627903448373927"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27995
x-xss-protection: 0
expires: Tue, 03 Aug 2021 19:25:21 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8AAE 0
0 76ms
76ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstdtBIbjmDt8ScNC5gn0SFnoDni6Ml0XufnWFLd-h1ykXlNJhncewMoGZYcUivFbLG7mG5U4i6BMyoDQXJnew1GzVkYUuWDa0tQNhafWHtmbFU9hKS__AkgYwXOjZUF0ymXKPwgWbPXNJtn5oFtcB1w2o8TrKWAhMzMrRrarqufVjUrZAvUbX3HVyVRxUNru0xYT3GeXF7mnIuanOPtJlvsjVnqf6J_bGxHTWT-OkT2WSZC9S6U2JZqFNIF-uDY7EKr2ZdWbzywkx0nKhgi1cp-N8ex1bsM4tHvZt6-ASQM5odI-vWvEUOuntj61sh7kbmKs9b8Qq5rY87d-Q&sai=AMfl-YR_ABNmka_Az0pt5DMxYQ9jwOkKD1ekRdgz0H86KNKRbWtTjg0tmRxxVEU11xzm85juyJubnhVVeQO2Boan4lz1vfh5ZtmTYb6Hn7FX-7w7Z9agNvPGpwer94v-UKjh&sig=Cg0ArKJSzBRA3CeHjCgMEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/rx_lidar.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 19:25:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 03 Aug 2021 19:25:21 GMT

GET id
googleads.g.doubleclick.net/pagead/ Frame 4117 0
0

GET
DATA 200
OK truncated
/ Frame CEC8 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8275ef9d5f9240a61eb32997a9699b303b998866179c14e955c28bca27378fb5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame CEC8 0
0 77ms
76ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYwJzqKeqmwa6jrTasIWoQr5DTS4TaPQFG82XVhOru2ZTfQkuqxk_EctRDMCL_IJBw6x3uWojTFNZOW-d1OyM927sHFjSyd23XkP30iv5VVpQ8UkgpVwQHGuzFf9MggTqA9r8ySUq9nEabXA0Jgizjwd8kHXPlYKjWQDHP-SfZn-rTX4gowA7sqKJKN_sypDz4URr9XlR5azLOwxSwXxJC5wtxMjPxVrOZUCI_gU0GY-xgkCUQk8z8DJl7-l9_Rch0-Vjn8OH-A0UrQXwOwQ0bFhTGtmyqQgcNaK4pb7rJ7Q9yb2Qx2IhKttc9ZASGIhCZydBzjMHaH4vlvg&sig=Cg0ArKJSzF_QA7ObDY_kEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 19:25:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 03 Aug 2021 19:25:22 GMT

GET
DATA 200
OK truncated
/ Frame 7F34 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29beb035c28c642498ab0f9f89c5ebe12c757db148a23687d40dc435800c6022

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7F34 0
0 76ms
76ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuNmWwrf0MYjX0AM-pa48n_qnn4mZiQZwdPtboN2ZilbRi4lc7WnTq-14IOmi8QnyVwrQhOEhHdqP4nduDglOO-cf-OJiDlDBiXOKYMWAAaH25hr4-AcyzMBqejJSJ9ohk2lUOVKkt0Q1DM60ukcHU3ukFnOrWreYYVEMurfd2ZmnN903KVdLe2cmuoNKW6xBZe0t32KTaqT463q__CJpmHrloDJkUYyX_3iaqMmbOBCYJ_Gm1gptfefIuh971WY_7OletK16YfVARk4pmN2k2tVPHJRKxyCWdhj_yMnHn3S-sDB0Vjyuc66R0FykX1-U7uCAPXV9hWWmdH6A&sig=Cg0ArKJSzHnGPE63igjnEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 19:25:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 03 Aug 2021 19:25:22 GMT

GET
DATA 200
OK truncated
/ Frame 2288 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 564bf4299e68b925351668b1ba04bf6c7f10d455a572d33dc961c2389c5bba9d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2288 0
0 77ms
77ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstSe1wfL3PgFxUf_NRIpLZsp19-BjXhzQmRtn3qgRfwd7QWhLa1iSrgtyDenOu3G4dSLS00J2TD8gJn6UDiVlC5OB8spjU0Y8b4cy_iVGz0QeUCIusy1Cq96c4AaJdvdexxk88Ok775z5BAdQ-GJFnODr1_0GpFOXhBnGz9FkVzQRCHPluVWo8FEd2taC4BhwLtW4ca4-WRZxnecQWd6WSSPwlBi-v4rkKqTm1W5AaqvURbprN4eD7L5RiK4A_y8PEhWSNwmdcHjtQdp1eXTriALilNOfHlgI4kYh7RdnLj-vkk6P1JjuwviOyb6IlO17Sq4uP4fgoZ5LLy5g&sig=Cg0ArKJSzHi-Tu4Da4nnEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 19:25:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 03 Aug 2021 19:25:22 GMT

GET
DATA 200
OK truncated
/ Frame 6517 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 49557e88a908686e65ccd31960518a2695cd4639eb2595a2a9f23b567211abda

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6517 0
0 77ms
77ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss_Q3nSpLgh0UHmtYAqKaxmVD7VKm4xhpg-CKdP4Hp9m2sIACTqYmmIv4dAbwMHfSuFcR2QvYpmeQH0jreStx003Hs7_So1s9_LJAc6qiCasg2y9zJz9KI3oBNLtdqOUqm9F7nm9IcgOldIgZUINSC9h96XA2yBsmx8_RN4yDPN-ZTwowHby88ygGqSgxlgBnXKsYw7G-cpXPJSw72NAPb9ZV-xVC2gmqbYhaZH4_C7fgJq_lXgXkUbv0PP-9bBm7LtMWFyUYstQY51ezjDWh8-MWJ0UySoKX9XCHRrVk-seO5Xxp6l5nQCdifxTFig_KhEveXnq_rhYklgVA&sig=Cg0ArKJSzBCBrz4Vd9kEEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 19:25:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 03 Aug 2021 19:25:22 GMT

GET
H3-29 200 c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 28EC 34 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

738ddea232874c82239c237498e051aeade604c081fcc45fe80776113f8c4a14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 19:10:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 87321
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13164
x-xss-protection: 0
last-modified: Wed, 14 Jul 2021 07:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Aug 2022 19:10:01 GMT

GET
H/1.1 200
OK moment~timeline.bcb1cafa923482f4826e32741fe16a98.js Show response
platform.twitter.com/js/ 25 KB
8 KB 7ms
6ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline.bcb1cafa923482f4826e32741fe16a98.js
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BE) /
Resource Hash: 5197134265816a7fc5bf360b151eccef4b22bad4b875f4314970860a2e1f2127

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 17:56:41 GMT
Server: ECS (frb/67BE)
Age: 82035
Etag: "16c9189d13c8dd38e3e003ac2c6bcc8f+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 8011

GET
H/1.1 200
OK timeline.28ecda9667eeb8e1b18898b99fee6c31.js Show response
platform.twitter.com/js/ 20 KB
7 KB 14ms
7ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.28ecda9667eeb8e1b18898b99fee6c31.js
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668B) /
Resource Hash: a5069082fd23bba93317d61fd6da244d6a85f60e68af7dcb9b0a43284f1d835a

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 17:56:41 GMT
Server: ECS (frb/668B)
Age: 81588
Etag: "c0840e4754c01a08685ae9833ec830c8+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 6363

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 153 KB
10 KB 244ms
217ms Script
application/javascript 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_dealnews_old&dnt=false&domain=newerafin.site&lang=en&screen_name=dealnews&suppress_response_codes=true&t=1808909&tz=GMT%2B0200&with_replies=false

Requested by

Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f /

Resource Hash

11388efa83698c6c6daf532fdcbe43eee1613cc9a5e3005f4b4467d2e5754e58

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 19:25:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename=jsonp.jsonp
access-control-allow-methods: GET
content-length: 9868
x-xss-protection: 0
access-contol-allow-origin: platform.twitter.com
last-modified: Tue, 03 Aug 2021 19:25:22 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=300
x-connection-hash: d65009027a4c00fd802d1833bf131f44a589be4c72ebe3bd6ef5a4689e8d8036
timing-allow-origin: *
x-transaction: fd728e29caa83eaf
expires: Tue, 03 Aug 2021 19:30:22 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 28EC 0
121 B 41ms
41ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bc3wzJV3-YKejE9OGYfDnl9gIAAAAADgB4AQC&bg=!SkmlSQ3NAAbnC78O5ws7ACkAdvg8WokRjjiobmNU6A5DIi_WJf0imLY6bw2GVl2KiRHLl4i_D34njAIAAACyUgAAAA9oAQcKALekyR_qyQB0g5Urc1zM75v67NbBfTQ7rXco7uSjRrn091HQOZqClukzzlUrr3KIFCNkCA7UsXYdRrl1S4mNGsWxI6YgDBCPyBhBYJMGxrukmb5aEUS0zwcxS2H7VRqJevX1CZQplbfPitaZeaNLUs2SPFdxD9aRX5b1Ghcl0VDTuSnC3FbCPMYHXTDxE3shXll-wF-AoiCBmUvY47VAGmjAlxLWSq9HMiRvqdA3_TmWTwlR9YGR4OSZAob62fEyIKUhORNiZRSAVGaH-QrzraXyD-4N76ewnKwdIRlHxtvLYICeXKYWm9k_ANb3GodqE6pj9zDy8IALTCVRnUHggm6wYwsCcEWMg5W4OeH_niJOgGtcAFHt23Cz4wQm8LkGxDNAWztiGevfjJDkE__tXFjRJxWvjPLTOCDiatC9slCk8K8-PEm85_QFn11YqLP55Si9G-_GFdU9R0OgWgpqQ9lpTN_GY2WHpEweRLyIZ0UxfNrvqF82TzCqqtPoMGIOdR3A0N0EWpZem1VQLJH-5v4OLC17q03O2HJ-IEzz-Y0QtQUEQcDYU1_dpWYNXuP62SntxcBJMcsj2kq8F85OQllb4h_GY-dBJhAx9V8ZlSsDCqHoNSN86mll6DCFaFp34CdVk_imZ4D0cHWTi1vMTJz4ai8D0bqJoX0ipM69__FywgOne9llaQWx2czKsviMmdFR1ags0n96xrs09Z_cejchTHOP9WL39hIxXz-Q9njTKDfW7zv7DM7nlCxXTCQbPuczN562Yfgwnz88nrFK1o1z8uftAegF_htVmnmfs5Yy4fHz-LdK3aoMbTHTCtxC9NeD8PWiWeYslepFQH3KLnuLrC6YQhenuKoAm7TOHvfhzf9p7bt_5FhjzOvL-X8OzzEh4KM7RmhxEm6L5BBDf6SxKbc_qdEL1PbuOsJOb-U3K4onsPFuTTezp3abXr-dYKvX43tQ_veh7tLKIsgn6Mzis-XII2IXiF4KpFWkVn52ilAeAvHiK4yBvV7sxbGK1Jv-EYz0KYzGSGaqigojOKbHjKVyKiv5sHSSlL0fZZo3yLi1LfSnByt35A40LMpZ0eVcn3X9X0_dgbCcJ5qyVjBE

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 19:25:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1f440.png
abs.twimg.com/emoji/v2/72x72/ Frame 338D 1 KB
1 KB 29ms
6ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f440.png

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FDE) /

Resource Hash

487739c941203283fc25b1bac02b4b8f3d59672e3dec2154f575060206bbb86a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 19:25:22 GMT
x-content-type-options: nosniff
age: 5047820
x-ton-expected-size: 1024
x-cache: HIT
content-length: 1024
x-response-time: 10
surrogate-key: twitter-assets
last-modified: Wed, 11 Apr 2018 17:49:51 GMT
server: ECAcc (frc/8FDE)
etag: "Edk5xK45DjvtJuiq8MRwOQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 3614495fde870b07c1e68d0c9e5725bb
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Wed, 03 Aug 2022 19:25:22 GMT

GET
H2 200 1f973.png
abs.twimg.com/emoji/v2/72x72/ Frame 338D 1 KB
1 KB 32ms
9ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f973.png

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F47) /

Resource Hash

71fd857dc56ed5075127c33ccdae59ad5d01f1fdb60c594d96bb84cab16c305c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 19:25:22 GMT
x-content-type-options: nosniff
age: 1131409
x-ton-expected-size: 1260
x-cache: HIT
content-length: 1260
x-response-time: 11
surrogate-key: twitter-assets
last-modified: Mon, 04 Jun 2018 23:14:15 GMT
server: ECAcc (frc/8F47)
etag: "pAC2+bwhXiDobTtzYOFwtg=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 8a8c40199152c88976b6d36e606da651fc06ee9e5047c9a628f34a900b4b9f73
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Wed, 03 Aug 2022 19:25:22 GMT

GET
H/1.1 200
OK timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
platform.twitter.com/css/ Frame 338D 53 KB
12 KB 6ms
6ms Stylesheet
text/css 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/673A) /
Resource Hash: 8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:22 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Aug 2021 20:33:36 GMT
Server: ECS (frb/673A)
Age: 82050
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Content-Length: 12144

GET
H/1.1 200
OK timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
platform.twitter.com/css/ 53 KB
53 KB 7ms
7ms Image
text/css 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/673A) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:22 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Aug 2021 20:33:36 GMT
Server: ECS (frb/673A)
Age: 82050
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Content-Length: 12144

GET
H2 200 2Hgc86UK_normal.png
pbs.twimg.com/profile_images/1139201047002517504/ Frame 338D 4 KB
4 KB 13ms
7ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1139201047002517504/2Hgc86UK_normal.png

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6772) /

Resource Hash

350af27460ca803dcaafbd6e1d9351b05bb043b63275e8477abedaa9d82bc707

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 19:25:22 GMT
x-content-type-options: nosniff
age: 500248
x-cache: HIT
content-length: 3783
surrogate-key: profile_images profile_images/bucket/0 profile_images/1139201047002517504
last-modified: Thu, 13 Jun 2019 15:59:09 GMT
server: ECS (frb/6772)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 0b30babdf3d7fc074f229c4adac36ed088da879842b29f806e21b99d456a8379
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 E74n26jXsAAStub
pbs.twimg.com/media/ Frame 338D 13 KB
13 KB 13ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E74n26jXsAAStub?format=jpg&name=360x360

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/669F) /

Resource Hash

d0fee12d4c721b10d3123d4b054feff17ce13acb37a95e4de4c70b5a4c892f2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 19:25:22 GMT
x-content-type-options: nosniff
age: 5085
x-cache: HIT
content-length: 12924
surrogate-key: media media/bucket/1 media/1422618356679684096
last-modified: Tue, 03 Aug 2021 17:58:21 GMT
server: ECS (frb/669F)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 9c1cf2f8a8e7b1cb7dbf6c29c67c28d030a30f591941cc0c46eba615b4570f57
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 E73-oPgXsAIRClr
pbs.twimg.com/media/ Frame 338D 12 KB
12 KB 12ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E73-oPgXsAIRClr?format=jpg&name=360x360

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6712) /

Resource Hash

e1ee67b0ed8e91c5abe22d3391f9fb36dd6a130164aa14cf69c496883fac4ef6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 19:25:22 GMT
x-content-type-options: nosniff
age: 15887
x-cache: HIT
content-length: 12217
surrogate-key: media media/bucket/1 media/1422573024629469186
last-modified: Tue, 03 Aug 2021 14:58:13 GMT
server: ECS (frb/6712)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: cfd0ea2a84c0bf8f3228cc36b42c0978dc3f38e06345b957227048595d189179
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 E7zeRn7WUAEFnm-
pbs.twimg.com/media/ Frame 338D 98 KB
98 KB 17ms
13ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E7zeRn7WUAEFnm-?format=png&name=360x360

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6712) /

Resource Hash

a9f34ed5b2391cfabb07208a77c1a0fa72727e61a9d2418073613acee1837aa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 19:25:22 GMT
x-content-type-options: nosniff
age: 91479
x-cache: HIT
content-length: 100376
surrogate-key: media media/bucket/0 media/1422255976699285505
last-modified: Mon, 02 Aug 2021 17:58:23 GMT
server: ECS (frb/6712)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b6d7eb31a02740509c14d10e23e58e25c21327c2f19a94eb53fe9795408b5513
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 E7y7348WQAMEcI4
pbs.twimg.com/media/ Frame 338D 16 KB
17 KB 16ms
12ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E7y7348WQAMEcI4?format=jpg&name=360x360

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67C0) /

Resource Hash

4a35739516861cd983d6b2dd19234c17263eb880a06f5422e535fab13915c090

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 19:25:22 GMT
x-content-type-options: nosniff
age: 100468
x-cache: HIT
content-length: 16796
surrogate-key: media media/bucket/0 media/1422218151194935299
last-modified: Mon, 02 Aug 2021 15:28:05 GMT
server: ECS (frb/67C0)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 4fea4a72daf69cb15b02681019d96acc0307152276e496aea66d8e7c1e5f80a6
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 E7pLC8EWEAE8eaF
pbs.twimg.com/media/ Frame 338D 21 KB
21 KB 12ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E7pLC8EWEAE8eaF?format=jpg&name=360x360

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67D3) /

Resource Hash

f9c46ea386435da413e3f5e673e63135fdc1aab15a76b818f663e0529d6997f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 19:25:22 GMT
x-content-type-options: nosniff
age: 264281
x-cache: HIT
content-length: 21560
surrogate-key: media media/bucket/7 media/1421531146244984833
last-modified: Sat, 31 Jul 2021 17:58:10 GMT
server: ECS (frb/67D3)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5fbcedec8ef25edd250c5be1182c7d3b0224b60d80b5955c66f66bf9c2e2830c
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 E7oUG_6WEAEWoVd
pbs.twimg.com/media/ Frame 338D 18 KB
18 KB 9ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E7oUG_6WEAEWoVd?format=jpg&name=360x360

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6712) /

Resource Hash

7a1063e47f8cc1970d6dcccd64776b5c45bd12d01ec259d24d82ebdbaa451359

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 19:25:22 GMT
x-content-type-options: nosniff
age: 278706
x-cache: HIT
content-length: 18573
surrogate-key: media media/bucket/1 media/1421470742856732673
last-modified: Sat, 31 Jul 2021 13:58:09 GMT
server: ECS (frb/6712)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 702f389fe9a642c5ba131d66a6add8d40b152d48a4baedb02bf2a7502b7b63b2
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 E7kBhWgXMAIeBkR
pbs.twimg.com/media/ Frame 338D 14 KB
14 KB 9ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E7kBhWgXMAIeBkR?format=jpg&name=360x360

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6795) /

Resource Hash

feb1c601802204491bbda3914d907f5160e2505eaba5b10aebcbb18ce96bfcdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 19:25:22 GMT
x-content-type-options: nosniff
age: 350664
x-cache: HIT
content-length: 14362
surrogate-key: media media/bucket/1 media/1421168829900730370
last-modified: Fri, 30 Jul 2021 17:58:27 GMT
server: ECS (frb/6795)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 6f7196150551134cf03cc7d7ce76354aa8efef31805e32055bdf46f36d74af2e
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 E7jKkGkXEAA6jcv
pbs.twimg.com/media/ Frame 338D 13 KB
13 KB 9ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E7jKkGkXEAA6jcv?format=jpg&name=360x360

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/673A) /

Resource Hash

cd15838c66b98228837e3d6ec037d0f04fd4014b9ec7bbefae6e0fea52350dc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 19:25:22 GMT
x-content-type-options: nosniff
age: 365085
x-cache: HIT
content-length: 13276
surrogate-key: media media/bucket/4 media/1421108404022611968
last-modified: Fri, 30 Jul 2021 13:58:21 GMT
server: ECS (frb/673A)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 0e93d64b1d45d12b30659cf64447591d269614044d964efce41b7871006ae779
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 E7e360PXsAAHHLu
pbs.twimg.com/media/ Frame 338D 22 KB
22 KB 7ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E7e360PXsAAHHLu?format=jpg&name=360x360

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6713) /

Resource Hash

4c45afaf79bc4c2651bd64ed025410bb5a5e1251c678f231311eac4016eaaa49

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 19:25:22 GMT
x-content-type-options: nosniff
age: 437093
x-cache: HIT
content-length: 22813
surrogate-key: media media/bucket/6 media/1420806428542087168
last-modified: Thu, 29 Jul 2021 17:58:24 GMT
server: ECS (frb/6713)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ad7bc6515dafb2273ae9468693227e869363a05040191ef5b45d41384e99ebd7
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 E7eA-fCVgAMFVXf
pbs.twimg.com/media/ Frame 338D 16 KB
16 KB 7ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E7eA-fCVgAMFVXf?format=jpg&name=360x360

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668C) /

Resource Hash

3c41ce856d6a0c25f5a8c666114bd9f43a42be3c75e3127fc182e555264e7efe

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 19:25:22 GMT
x-content-type-options: nosniff
age: 447693
x-cache: HIT
content-length: 16057
surrogate-key: media media/bucket/3 media/1420746018430222339
last-modified: Thu, 29 Jul 2021 13:58:21 GMT
server: ECS (frb/668C)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 08600005e12476f02e5c3b3f322da4beedf0a6a04c943ed0e8c28b8b195d2224
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 E7ZuVDsXIAYk54_
pbs.twimg.com/media/ Frame 338D 22 KB
22 KB 9ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E7ZuVDsXIAYk54_?format=jpg&name=360x360

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6794) /

Resource Hash

0d8d487cc7df84fc59e5980444b215b22c56fa23d758fcfab605dcac701858d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 19:25:22 GMT
x-content-type-options: nosniff
age: 523096
x-cache: HIT
content-length: 22519
surrogate-key: media media/bucket/5 media/1420444040529649670
last-modified: Wed, 28 Jul 2021 17:58:24 GMT
server: ECS (frb/6794)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 74918653eda898cad922785144a468e5c348cddb1b9eaa61be5f8af4bd41accd
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 E7Y-MOXWEAEKylE
pbs.twimg.com/media/ Frame 338D 16 KB
17 KB 10ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E7Y-MOXWEAEKylE?format=jpg&name=360x360

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BD) /

Resource Hash

ce61b415c51a5e47958973f551bb96536d21c94e509c54566f4acb07b9049b05

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 19:25:22 GMT
x-content-type-options: nosniff
age: 536100
x-cache: HIT
content-length: 16721
surrogate-key: media media/bucket/1 media/1420391112217333761
last-modified: Wed, 28 Jul 2021 14:28:05 GMT
server: ECS (frb/67BD)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 9e60b56b68b3cf1cdeb0156901170460189bf7c1b3f4b74ff4f5a1edbbf44020
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 E7Uk1EaXsAUVy90
pbs.twimg.com/media/ Frame 338D 30 KB
30 KB 9ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E7Uk1EaXsAUVy90?format=jpg&name=360x360

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/675D) /

Resource Hash

a10c4a83f872d862ed84b38eefd49428f40ca20a67c7b340c8e3be33cf9e1b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 19:25:22 GMT
x-content-type-options: nosniff
age: 4447
x-cache: HIT
content-length: 30565
surrogate-key: media media/bucket/1 media/1420081751641272325
last-modified: Tue, 27 Jul 2021 17:58:48 GMT
server: ECS (frb/675D)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 67f33a04adfede464f8735ade92f20d7696d4c2b62b58b3b416198e75e494a3c
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 E7Tt6eGXMBEkLEq
pbs.twimg.com/media/ Frame 338D 11 KB
11 KB 8ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E7Tt6eGXMBEkLEq?format=jpg&name=360x360

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6727) /

Resource Hash

2f8eefd577224e340e6975d24111afc3e8bb1b284d17416b99c590a5c681ac1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 19:25:22 GMT
x-content-type-options: nosniff
age: 19343
x-cache: HIT
content-length: 10935
surrogate-key: media media/bucket/8 media/1420021371296493585
last-modified: Tue, 27 Jul 2021 13:58:52 GMT
server: ECS (frb/6727)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 2cecfd30c41f3886f9f1bb06b1db2e6ffeade773aca3dc0d454a6dce80de5386
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 E7PbKYRWUAE2Bgt
pbs.twimg.com/media/ Frame 338D 64 KB
64 KB 8ms
8ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E7PbKYRWUAE2Bgt?format=png&name=360x360

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BC) /

Resource Hash

8c3d437a4e1c254dbc99c9048446015c09a008fadbb32b74c21544672577ef75

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 19:25:22 GMT
x-content-type-options: nosniff
age: 90050
x-cache: HIT
content-length: 65759
surrogate-key: media media/bucket/3 media/1419719278912229377
last-modified: Mon, 26 Jul 2021 17:58:27 GMT
server: ECS (frb/67BC)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 2141536df3a4c1fae19ce2723aeb00a7f81953d9be191f277661fbd70bfd72ca
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 E7OkMJLWYA0hhBX
pbs.twimg.com/media/ Frame 338D 18 KB
19 KB 8ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E7OkMJLWYA0hhBX?format=jpg&name=360x360

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6712) /

Resource Hash

ae310197bfb76f8f61f1c48e5c539c24a0e33c23d4b837ea7268156d7a87ff00

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 19:25:22 GMT
x-content-type-options: nosniff
age: 105825
x-cache: HIT
content-length: 18913
surrogate-key: media media/bucket/6 media/1419658836080746509
last-modified: Mon, 26 Jul 2021 13:58:17 GMT
server: ECS (frb/6712)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ba973012d22cc3d2a008994abb0baa56ab8d66063304aa75d9ad5927ebdeef95
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 E6_-YwlWQAAN2VD
pbs.twimg.com/media/ Frame 338D 11 KB
11 KB 8ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E6_-YwlWQAAN2VD?format=jpg&name=360x360

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6772) /

Resource Hash

fe812ec7ae525972cd2b9ba86e97393e2fc3722054f72ed57aedc6689b1a6adc

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 19:25:22 GMT
x-content-type-options: nosniff
age: 349645
x-cache: HIT
content-length: 11150
surrogate-key: media media/bucket/3 media/1418632108956860416
last-modified: Fri, 23 Jul 2021 17:58:26 GMT
server: ECS (frb/6772)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 6120c326290cdf64911fa618b192f89fb6aba73c07d9e025e8552600a999e9e9
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 E6_HcSPWUAImDF8
pbs.twimg.com/media/ Frame 338D 31 KB
31 KB 9ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E6_HcSPWUAImDF8?format=jpg&name=360x360

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67F2) /

Resource Hash

c497b94aad4ff2b4043e0b4317d21874280e0c65e5551feafeeaa312af2f12b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 19:25:22 GMT
x-content-type-options: nosniff
age: 365055
x-cache: HIT
content-length: 31696
surrogate-key: media media/bucket/9 media/1418571696391475202
last-modified: Fri, 23 Jul 2021 13:58:22 GMT
server: ECS (frb/67F2)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: cc8106f7e0978b5ec4e61cea5249c1e8ddb3e958e59eeaa5f1506b2d25fa4f90
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 E6rzbO9XMAs5ChE
pbs.twimg.com/media/ Frame 338D 70 KB
70 KB 8ms
7ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E6rzbO9XMAs5ChE?format=png&name=360x360

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/675D) /

Resource Hash

b1c321c6b746380f8052db7a87e463af4b400025e32d4926504d00babd51a45c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 19:25:22 GMT
x-content-type-options: nosniff
age: 81897
x-cache: HIT
content-length: 71326
surrogate-key: media media/bucket/7 media/1417212681958928395
last-modified: Mon, 19 Jul 2021 19:58:08 GMT
server: ECS (frb/675D)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 71b3ab154bc7b1148e9554a3d6044ce45bacb7477d716b5bb8c95989e20f4017
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 E6WBhfRUcAkkJ6W
pbs.twimg.com/media/ Frame 338D 35 KB
35 KB 10ms
8ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E6WBhfRUcAkkJ6W?format=png&name=360x360

Requested by

Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668B) /

Resource Hash

9b09c1ad3d9eb60e8aba3dd0caa7e7e3c4c42b8c48ebc3e245dff754571a2cc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 19:25:22 GMT
x-content-type-options: nosniff
age: 40777
x-cache: HIT
content-length: 36080
surrogate-key: media media/bucket/6 media/1415680070207696905
last-modified: Thu, 15 Jul 2021 14:28:05 GMT
server: ECS (frb/668B)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 40a002c37b4784f8132e9591ff6434d8bbaaa5aaac640c60226419e0fcd4207a
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
DATA 200
OK truncated
/ Frame 338D 512 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 338D 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 338D 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 338D 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 338D 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame F194
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YQmYIr7iY892oK9shdmiDAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEA00ijU-DVRSLRQsT9wRQk8&google_cver=1

43 B
1 KB

129ms
71ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEA00ijU-DVRSLRQsT9wRQk8&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://newerafin.site/LMD1Nns6&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Aug 2021 19:25:23 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 03 Aug 2021 19:25:23 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Aug 2021 19:25:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEA00ijU-DVRSLRQsT9wRQk8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame F194
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YQmYIr7iY892oK9shdmiDAAABGYAAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YQmYIr7iY892oK9shdmiDAAABGYAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEI678CzS7ot3kGRawPdUtio&google_cver=1

43 B
315 B

76ms
75ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEI678CzS7ot3kGRawPdUtio&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://newerafin.site/LMD1Nns6&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Aug 2021 19:25:22 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Tue, 03 Aug 2021 19:25:22 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Aug 2021 19:25:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEI678CzS7ot3kGRawPdUtio&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame F194
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQmYIr7iY892oK9shdmiDAAABGYAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQmYIr7iY892oK9shdmiDAAABGYAAAAB&dcc=t

43 B
645 B

141ms
141ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQmYIr7iY892oK9shdmiDAAABGYAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://newerafin.site/LMD1Nns6&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Aug 2021 19:25:23 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: M7S7N4N2KFQ3BQRBJX7S
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 03 Aug 2021 19:25:23 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 8DA982PGEB5TX8V15561
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQmYIr7iY892oK9shdmiDAAABGYAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame F194 70 B
265 B 190ms
62ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YQmYIr7iY892oK9shdmiDAAA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://newerafin.site/LMD1Nns6&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 19:25:22 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

rum
dsum.casalemedia.com/ Frame F194
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1628105122&gdpr=1

43 B
315 B

208ms
77ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1628105122&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://newerafin.site/LMD1Nns6&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Aug 2021 19:25:22 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Tue, 03 Aug 2021 19:25:22 GMT

Redirect headers

location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1628105122&gdpr=1
pragma: no-cache
date: Tue, 03 Aug 2021 19:25:22 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
content-length: 0
expires: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame F194
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1871878972114959344

43 B
1 KB

163ms
70ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1871878972114959344
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://newerafin.site/LMD1Nns6&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Aug 2021 19:25:23 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 03 Aug 2021 19:25:23 GMT

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1871878972114959344
Date: Tue, 03 Aug 2021 19:25:22 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame F194
Redirect Chain

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=A3BBBB9FCFC747A28AA969B774D8E59A&gdpr=1

43 B
1005 B

95ms
72ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=A3BBBB9FCFC747A28AA969B774D8E59A&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://newerafin.site/LMD1Nns6&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Aug 2021 19:25:22 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 03 Aug 2021 19:25:22 GMT

Redirect headers

date: Tue, 03 Aug 2021 19:25:22 GMT
x-content-type-options: nosniff
server: nginx
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=A3BBBB9FCFC747A28AA969B774D8E59A&gdpr=1
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Mon, 02 Aug 2021 19:25:22 GMT

GET
H/1.1

200
OK

noop
px.owneriq.net/ Frame F194
Redirect Chain

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6813051221618811650&uid=Q6813051221618811650&ref=%2Feucm%2Fp%2Fcc
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

60ms
60ms

Image
image/gif

104.111.242.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://newerafin.site/LMD1Nns6&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-53.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:23 GMT
Server: Apache/2.2.15 (CentOS)
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By: PHP/5.3.3
Content-Length: 0
Content-Type: image/gif

Redirect headers

Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Tue, 03 Aug 2021 19:25:23 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame F194 43 B
424 B 217ms
69ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YQmYIr7iY892oK9shdmiDAAA%261126
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://newerafin.site/LMD1Nns6&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:22 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "902a3d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=683
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 03 Aug 2021 19:36:45 GMT

GET
H/1.1

200
OK

jot.html Show response
platform.twitter.com/ Frame B2C4
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

80 B
570 B

6ms
6ms

Document
text/html

2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: newerafin.site
URL: https://newerafin.site/LMD1Nns6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C0) /
Resource Hash: 90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://newerafin.site
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 82049
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 03 Aug 2021 19:25:23 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Mon, 02 Aug 2021 20:34:56 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67C0)
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 80

Redirect headers

date: Tue, 03 Aug 2021 19:25:22 GMT
pragma: no-cache
server: tsa_o
status: 302 Found
expires: Tue, 31 Mar 1981 05:00:00 GMT
location: https://platform.twitter.com/jot.html
content-type: text/html;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
last-modified: Tue, 03 Aug 2021 19:25:22 GMT
x-transaction: 0d63fba8437f9fa8
content-length: 0
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
x-connection-hash: 0fc2fbd96d24389ea40f6726d75db933ce37c0012e6d0a5fd3b0f4a0c5a19250

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7F34 42 B
64 B 52ms
45ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstNX207dyFIbl3DjVDxjkqVIEawbxDS_vPJd5h1l6tBu6ry0qvmgN1_JuHwM0BB--k84RIZwCxrcOu3654PPfiR2inab7l5KB3vcWeBNw96oaLhn_tm&sig=Cg0ArKJSzI6t2X7sDyGGEAE&id=lidar2&mcvt=1000&p=737,1116,1337,1416&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210802&bin=7&avms=nio&bs=1600,1200&mc=0.77&app=0&itpl=19&adk=635638088&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1628018721868&rpt=341&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 19:25:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F32A 42 B
64 B 42ms
41ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu6bWIBp1RPsbH_IYbnoB3fryzWDHoYHe4g6sdWc3v2yeDzgjxQa_guOP2vvQaA2d7a-LLn-4ZKxsLE-AXI3KOUuj4WPX-VpEFsm0vojBGPsw&sai=AMfl-YSSe_R6e0HY498K59w_I-GuLot_RxrMKZqlSh6dq7M8ERksBZXPqQ9eonCc20P1-DjNiXIt6050Wd6TJ1ir_eXpLNYJue9igNEhx3Uy1ZzjlS4pvB33PbZPr2rtTJOA&sig=Cg0ArKJSzNPIwrdpFzjREAE&cid=CAASFeRoGQwcCfbIpz2HUAy2iu2YQgQnJg&id=lidar2&mcvt=1001&p=0,0,1204,300&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&v=20210723&bin=7&avms=nio&bs=1600,1200&mc=0.5&app=0&itpl=20&adk=635638088&rs=4&met=mue&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&r=v

Requested by

Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/rx_lidar.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 19:25:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 19ms
19ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021071401&st=env

Requested by

Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/pubads_impl_2021071401.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01b20c8ce373a68429e5c93c284ae7bb145b046915f39009ccb40dc16e283768

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Aug 2021 19:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8641
x-xss-protection: 0

GET
H2 403 vsa-lightbox-02fce4-90806.js
app.viralsweep.com/ 0
0 91ms
54ms Script
text/html 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.viralsweep.com/vsa-lightbox-02fce4-90806.js?sid=90806_885683
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/gtm.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 spm.v1.min.js Show response
ak.sail-horizon.com/spm/ 121 KB
43 KB 180ms
64ms Script
application/javascript 13.224.96.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/gtm.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-124.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d06ae5e97e495832fc4526c3e93d7e9440f1faf5f77669b41678c9d564a25faf

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 19:24:59 GMT
content-encoding: gzip
last-modified: Tue, 08 Jun 2021 04:22:34 GMT
server: AmazonS3
age: 29
etag: W/"b22b4f4738e8722be1636447be239da2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e6b325a976b10aa826ec63757afbdedb.cloudfront.net (CloudFront)
cache-control: max-age=600; must-revalidate
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: -T3piGZYL_8XuugVI0Pk4YCKQSWD14zVx35ncXt5q24ZkGMOKCYyPA==

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/pubads_impl_2021071401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 19:25:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 03 Aug 2021 19:25:23 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame F745 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newerafin.site/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newerafin.site/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Tue, 03 Aug 2021 18:42:50 GMT
expires: Wed, 03 Aug 2022 18:42:50 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2553
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6BA6 783 B
781 B 24ms
24ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f921188799ce28d29bc322d669e1931e5e883b531b534426a5914a99b5299147

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OUbml2/Ras6KxWBub6lQ+A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newerafin.site/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newerafin.site/

Response headers

expires: Tue, 03 Aug 2021 19:25:23 GMT
date: Tue, 03 Aug 2021 19:25:23 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-OUbml2/Ras6KxWBub6lQ+A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js Show response
pagead2.googlesyndication.com/bg/ Frame F745 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b41bf7d01edc13039f98eb6e04853444a336731d3d6cfc4525823e6df5394ba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:44:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13260
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Aug 2022 15:44:47 GMT

POST
H/1.1 200 341.json Show response
id5-sync.com/g/v2/ 213 B
532 B 177ms
45ms XHR
application/json 54.36.109.48
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/341.json

Requested by

Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/dealnewscomDesktop_blog_feature_article.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.109.48 , France, ASN16276 (OVH, FR),

Reverse DNS

p03.id5-sync.com

Software

Resource Hash

4a4ad321610e116c477620512dd1ae188a9bebdca0e1ef12b3c620709c219889

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://newerafin.site
Date: Tue, 03 Aug 2021 19:25:23 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
541 B 62ms
61ms XHR
application/json 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=cw39kyg&fmt=json
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/dealnewscomDesktop_blog_feature_article.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: b9e0fbb17cb88a5e61028a515336c8eb9ca0802388bf58cdb423b8d11de2997b

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 03 Aug 2021 19:25:23 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://newerafin.site
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Thu, 02 Sep 2021 19:25:23 GMT

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame F051 2 KB
1 KB 72ms
71ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/dealnewscomDesktop_blog_feature_article.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://newerafin.site/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newerafin.site/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Tue, 03 Aug 2021 19:25:23 GMT
Connection: keep-alive

GET
H2

200

pd Show response
eu-u.openx.net/w/1.0/ Frame 6CEA
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=674700d8-56f8-4e0c-aecf-b9c3ebe8f945&gdpr=1
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=674700d8-56f8-4e0c-aecf-b9c3ebe8f945&gdpr=1

668 B
730 B

56ms
56ms

Document
text/html

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=674700d8-56f8-4e0c-aecf-b9c3ebe8f945&gdpr=1
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/dealnewscomDesktop_blog_feature_article.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 541a6d341926375891bed4f719f3968c86b66f1acc874c3bc2649331a262a02e

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1&plm=6&ph=674700d8-56f8-4e0c-aecf-b9c3ebe8f945&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://newerafin.site/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=98e53881-177e-044b-387c-af38a4115af9|1628018723
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newerafin.site/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=98e53881-177e-044b-387c-af38a4115af9|1628018723; Version=1; Expires=Wed, 03-Aug-2022 19:25:23 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1628018723|gekin0vNiygu; Version=1; Expires=Wed, 18-Aug-2021 19:25:23 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.211.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Tue, 03 Aug 2021 19:25:23 GMT
content-type: text/html
content-length: 420
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

set-cookie: i=98e53881-177e-044b-387c-af38a4115af9|1628018723; Version=1; Expires=Wed, 03-Aug-2022 19:25:23 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.211.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=674700d8-56f8-4e0c-aecf-b9c3ebe8f945&gdpr=1
date: Tue, 03 Aug 2021 19:25:23 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 66FF 281 B
554 B 143ms
48ms Document
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/dealnewscomDesktop_blog_feature_article.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://newerafin.site/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newerafin.site/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 03 Aug 2021 19:25:23 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 3C7A 52 KB
17 KB 212ms
80ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: newerafin.site
URL: https://newerafin.site/lander/white5_1627283170/dealnewscomDesktop_blog_feature_article.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://newerafin.site/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://newerafin.site/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Wed, 04 Aug 2021 19:25:25 GMT
Date: Tue, 03 Aug 2021 19:25:23 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021071401&jk=3532671883855933&bg=!zc6lzorNAAals0SOpbM7ACkAdvg8Wt_BX2dDgVcsvSGgHnWN9FbIJqykQy04uESq4FZ2oZ_PmKPgZwIAAAB6UgAAADhoAQeZAn-UkYmkOHEGNVPmSoOOLFYiyfdjhIY9d3OJT8zmoVOI8t1pMclJ4bhXJfNRy40XayNsc73vwR_DxjKqea-I6zr5xSdBUGIYggPqBFKLPxxTVEZ0Ab_TF2E6RTJ48aYm9yCziYrAOE-XOahxtOwYQPhYi-vcG6zs77nxtUXpLb1sW-5-CJz74kytBTR_Gzpwq9U5hejcSt5dvtOEH9ZmDBUT0jAfENRghVBd4tvk-i4k0nQ89Dn9T9_QjcQZVUTKinE6GmFM-ea7nyjlBeUTa71d0BkKqQQNQS3rr9M4fLg6uwz7wq-9ABSzo8T0-Ew8Yf66IpvytU1JwHFDbScq42fu-gWOCUzv8uTeenj7-N-v63RXbXbPQBiiMncNI-GbON7OvJUioSqRmZmHySHmANl-r7yDIcyCn20UYyp-kNk62T-TC0eu4fNySswEBS2S7rps7OeOMxhWRSFfabgQAWNFSm97Cw9CJqe0d8IrNOoEkDcWs00Q_aQ67Ss7Hhp5F2jCQRR83zcHIdrQqX0tFfQC887rcuC-BWi0xcUUtY5zSL_UDSWxxKQwTsvWmLBlvK8LZiMIDguj0869HymYjl_8B3FMt3OU1JXP8eDGjXQZnIBGgM70PD3oSaQA5WIvznGPeJ-c0ENbNY3E8UZw-XRGqz6p0eRFb4FnThBwyfedggHQyoF0FYcGt0w1gW3T93Pc96U3IpvIouhzykz4LRCVYiyiMdNHCYraJ0RBxJ5UezDs0O_c58hCuuPdbpTlVlbZfNh5eEPC3uS1QMkHq31zNKJANzE4HAJspTUAbXy6M91REkofelCFemH6BxvIiPUC10pAuIsF0KNCEXW7J5g

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newerafin.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 19:25:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 2A6E 2 KB
3 KB 75ms
75ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://newerafin.site/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 10602c87920d41b97a4c3704b1b6a7261d3379b88849f5b43ca1b86693a82ace

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://js-sec.indexww.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YQmYIr7iY892oK9shdmiDAAA; CMPS=1181; CMPRO=1126; CMST=YQmYImEJmCMA; CMRUM3=f16109982205a0&27610998220b40&1f6109982205a00&416109982205a0&e6610998222760&2d610998232760CAESEA00ijU-DVRSLRQsT9wRQk8&5a6109982205a0&396109982205a0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 46|73|130|4|47|3|221|188
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1538
Expires: Tue, 03 Aug 2021 19:25:23 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 03 Aug 2021 19:25:23 GMT
Connection: keep-alive
Set-Cookie: CMID=YQmYIr7iY892oK9shdmiDAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 03 Aug 2022 19:25:23 GMT CMPS=1181;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 01 Nov 2021 19:25:23 GMT CMPRO=1126;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 01 Nov 2021 19:25:23 GMT CMRUM3=8261099823a8c0&5a6109982205a0&dd610998232760&416109982205a0&e6610998222760&27610998220b40&496109982305a0&046109982305a0&1f6109982205a00&036109982305a0&2d610998232760CAESEA00ijU-DVRSLRQsT9wRQk8&2f6109982305a0&bc6109982305a00&396109982205a0&2e6109982305a0&f16109982205a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 03 Aug 2022 19:25:23 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 6CEA
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ea5f6109-9823-4400-9ad3-d09bbcc6fe56

43 B
106 B

56ms
55ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ea5f6109-9823-4400-9ad3-d09bbcc6fe56
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=674700d8-56f8-4e0c-aecf-b9c3ebe8f945&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 19:25:23 GMT
via: 1.1 google
server: OXGW/16.211.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Tue, 03 Aug 2021 19:25:23 GMT
Server: MT3 3820 7698daf master zrh-pixel-x25
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ea5f6109-9823-4400-9ad3-d09bbcc6fe56
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 03 Aug 2021 19:25:22 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 6CEA
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=wyd2k8wudJnYL3eazCdrmcYjIJ_YInHJxiEWwC0h

43 B
122 B

56ms
55ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=wyd2k8wudJnYL3eazCdrmcYjIJ_YInHJxiEWwC0h
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=674700d8-56f8-4e0c-aecf-b9c3ebe8f945&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 19:25:23 GMT
via: 1.1 google
server: OXGW/16.211.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Aug 2021 19:25:23 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=wyd2k8wudJnYL3eazCdrmcYjIJ_YInHJxiEWwC0h
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 6CEA
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1201678070558370457

43 B
106 B

55ms
54ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1201678070558370457
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=674700d8-56f8-4e0c-aecf-b9c3ebe8f945&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 19:25:23 GMT
via: 1.1 google
server: OXGW/16.211.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Aug 2021 19:25:23 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1201678070558370457
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 6CEA 70 B
264 B 62ms
61ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=4b4907d8-bef9-3bbc-62aa-67d0c0366904&gdpr=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=674700d8-56f8-4e0c-aecf-b9c3ebe8f945&gdpr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 19:25:23 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29 200 pixel
cm.g.doubleclick.net/ Frame 6CEA 170 B
188 B 50ms
49ms Image
image/png 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjcyNmQ0MTItNzc4ZS02NTE4LTc3NGEtM2Q2OTBhZDRhNzY0

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=674700d8-56f8-4e0c-aecf-b9c3ebe8f945&gdpr=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 19:25:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 6CEA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGnkzFNxMgwWZT1SR27fB9E&google_cver=1

43 B
106 B

54ms
54ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGnkzFNxMgwWZT1SR27fB9E&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=674700d8-56f8-4e0c-aecf-b9c3ebe8f945&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 19:25:23 GMT
via: 1.1 google
server: OXGW/16.211.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Aug 2021 19:25:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGnkzFNxMgwWZT1SR27fB9E&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 66FF 31 KB
10 KB 50ms
50ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c33e931153a5d48ac0f9521179fc8086b3bae8e217e47b7b2f55b02fa3dec5bd

Request headers

Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:23 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jul 2021 17:07:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=53253
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9360
Expires: Wed, 04 Aug 2021 10:12:56 GMT

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame 2A6E 0
0 148ms
47ms Image
text/html 185.33.220.242
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://newerafin.site/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 YQmYIr7iY892oK9shdmiDAAABGYAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 2A6E 43 B
835 B 104ms
33ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YQmYIr7iY892oK9shdmiDAAABGYAAAAB?gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://newerafin.site/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 19:25:23 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK ie
match.prod.bidr.io/cookie-sync/ Frame 2A6E 43 B
430 B 279ms
68ms Image
image/gif 52.49.238.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/ie?gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://newerafin.site/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.49.238.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-238-187.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Tue, 03 Aug 2021 19:25:23 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2A6E
Redirect Chain

https://ad.turn.com/r/cs?pid=21&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4287039048429367725

43 B
1 KB

84ms
82ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4287039048429367725
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://newerafin.site/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Aug 2021 19:25:23 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 03 Aug 2021 19:25:23 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4287039048429367725
pragma: no-cache
date: Tue, 03 Aug 2021 19:25:23 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 2A6E
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=O8Gyognw1Mb02v5&gdpr=1

43 B
1 KB

95ms
94ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=O8Gyognw1Mb02v5&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://newerafin.site/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Aug 2021 19:25:23 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 03 Aug 2021 19:25:23 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 03 Aug 2021 19:25:22 GMT
Server: PingMatch/v2.0.30-661-ga8ef792#rel-ec2-master i-01574fb08bde3815a@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=604800; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=O8Gyognw1Mb02v5&gdpr=1
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 2A6E
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=235f6109-9823-4500-8a83-53beecba4311&gdpr=1&gdpr_consent=

43 B
1 KB

80ms
79ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=235f6109-9823-4500-8a83-53beecba4311&gdpr=1&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://newerafin.site/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Aug 2021 19:25:23 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 03 Aug 2021 19:25:23 GMT

Redirect headers

Date: Tue, 03 Aug 2021 19:25:23 GMT
Server: MT3 3820 7698daf master zrh-pixel-x4
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=235f6109-9823-4500-8a83-53beecba4311&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 03 Aug 2021 19:25:22 GMT

GET
H2

200

tpid=YQmYIr7iY892oK9shdmiDAAA%261126
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame 2A6E
Redirect Chain

https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YQmYIr7iY892oK9shdmiDAAA%261126?gdpr_consent=&us_privacy=&gdpr=1
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YQmYIr7iY892oK9shdmiDAAA%261126?gdpr_consent=&us_privacy=&gdpr=1

49 B
735 B

77ms
76ms

Image
image/gif

54.194.226.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YQmYIr7iY892oK9shdmiDAAA%261126?gdpr_consent=&us_privacy=&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://newerafin.site/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.226.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-226-253.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Aug 2021 19:25:23 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.13.0
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 03 Aug 2021 19:25:23 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YQmYIr7iY892oK9shdmiDAAA%261126?gdpr_consent=&us_privacy=&gdpr=1
cache-control: no-cache
x-server: 10.45.13.143
content-length: 0
expires: 0

GET
H/1.1 200
OK CookieIndex
rtb.adentifi.com/ Frame 2A6E 0
88 B 592ms
147ms Image
text/plain 52.45.215.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieIndex
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://newerafin.site/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.215.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-215-106.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/plain

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 2A6E 43 B
424 B 70ms
69ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YQmYIr7iY892oK9shdmiDAAA%261126
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://newerafin.site/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 03 Aug 2021 19:25:23 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "902a3d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=682
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 03 Aug 2021 19:36:45 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 66FF 284 B
536 B 186ms
47ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/jpg

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 3C7A
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
805 B

48ms
48ms

Script
text/html

37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Aug 2021 19:25:23 GMT
X-Proxy-Origin: 37.120.156.140; 37.120.156.140; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 8ee5ced9-4390-4997-bc6d-385e9d5c6c48
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 03 Aug 2021 19:25:23 GMT
X-Proxy-Origin: 37.120.156.140; 37.120.156.140; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 08b6a9ad-6fba-4d07-b272-20ec38b2257e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET

/
google.com/ Frame 4117
Redirect Chain

https://newerafin.site/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
https://google.com/

0
0

OPTIONS
H2 405 /
google.com/ Frame 0
0 35ms
14ms Preflight
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google.com/
Protocol: H2
Server: 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,x-goog-visitor-id,x-youtube-ad-signals,x-youtube-client-name,x-youtube-client-version,x-youtube-time-zone,x-youtube-utc-offset
Origin: https://newerafin.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 3C7A 0
733 B 77ms
76ms Script
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Aug 2021 19:25:24 GMT
X-Proxy-Origin: 37.120.156.140; 37.120.156.140; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: bf9199e9-8cdc-43d0-9f15-00f6b3ef661c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: scrapbook
URL: urn:scrapbook:download:error:https://ps.ns-cdn.com/dsatserving2/scripts/ns_vmtag.js

Domain: ps.ns-cdn.com
URL: https://ps.ns-cdn.com/dsatserving2/scripts/ns_vmtag.js

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/id

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=76

Domain: google.com
URL: https://google.com/

Verdicts & Comments Add Verdict or Comment

197 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.casalemedia.com/	1970-01-20 04:59:14	Name: CMRUM3 Value: f16109982205a0&27610998220b40&1f6109982205a00&416109982205a0&e6610998222760&2d610998232760CAESEA00ijU-DVRSLRQsT9wRQk8&5a6109982205a0&396109982205a0
.casalemedia.com/	1970-01-19 22:23:14	Name: CMPRO Value: 1126
.casalemedia.com/	1970-01-19 22:23:14	Name: CMPS Value: 1181
.casalemedia.com/	1970-01-19 20:15:05	Name: CMST Value: YQmYImEJmCMA
.casalemedia.com/	1970-01-20 04:59:14	Name: CMID Value: YQmYIr7iY892oK9shdmiDAAA

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://newerafin.site/lander/white5_1627283170/sdk-1.js(Line 22) Message: The Facebook JSSDK is more than 7 days old.
console-api	error	URL: https://newerafin.site/lander/white5_1627283170/apstag.js(Line 2) Message: Error: apstag has already loaded - preventing duplicate load
console-api	log	(Line 3) Message: adding custom nav elements
console-api	log	URL: https://newerafin.site/LMD1Nns6(Line 5515) Message: adding custom nav elements
console-api	log	URL: https://newerafin.site/LMD1Nns6(Line 497) Message: onDOMReady fired
console-api	info	URL: https://newerafin.site/lander/white5_1627283170/widgets.js(Line 1) Message: You may have been affected by an update to settings in embedded timelines. See https://twittercommunity.com/t/deprecating-widget-settings/102295. [object HTMLAnchorElement]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a319c56c9330b8a3477a6f71d9448438.safeframe.googlesyndication.com
abs.twimg.com
acdn.adnxs.com
ad.turn.com
adservice.google.com
adservice.google.de
ak.sail-horizon.com
apex.go.sonobi.com
api.pushnami.com
api.rlcdn.com
app.viralsweep.com
bat.bing.com
bcp.crwdcntrl.net
bidder.criteo.com
c.amazon-adsystem.com
c.dlnws.com
c1.adform.net
casale-match.dotomi.com
cdn.syndication.twimg.com
cm.g.doubleclick.net
connect.facebook.net
dealnews.a.ssl.fastly.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
google.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
htlb.casalemedia.com
hubedib.page.link
ib.adnxs.com
id5-sync.com
js-sec.indexww.com
match.adsrvr.org
match.prod.bidr.io
mug.criteo.com
newerafin.site
p.rfihub.com
pagead2.googlesyndication.com
pbs.twimg.com
pixel.quantserve.com
platform.twitter.com
pm.w55c.net
pr-bh.ybp.yahoo.com
ps.ns-cdn.com
pubgalaxy-d.openx.net
px.owneriq.net
rtb.adentifi.com
s.amazon-adsystem.com
s0.2mdn.net
scrapbook
secure.adnxs.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync.mathtag.com
syndication.twitter.com
token.rubiconproject.com
tpc.googlesyndication.com
tracker.marinsm.com
um.simpli.fi
us-u.openx.net
www.dealnews.com
www.google-analytics.com
www.google.com
www.google.de
www.google.ru
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
api.rlcdn.com
google.com
googleads.g.doubleclick.net
ps.ns-cdn.com
scrapbook
104.111.242.53
104.244.42.200
13.224.90.44
13.224.96.124
13.248.242.197
13.32.123.85
142.250.184.194
142.250.184.226
142.250.185.130
143.204.98.9
151.101.13.95
151.101.14.49
159.253.128.183
178.162.133.150
178.250.0.157
178.250.0.165
179.43.160.52
185.29.132.245
185.33.220.242
193.0.160.129
199.232.192.249
2.18.232.130
2.18.234.21
2001:678:cb4:bbbb::11
23.37.38.181
23.37.42.132
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:233:8173:898f:63b3:95c3:79d2
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700::6812:7b9
2620:116:800d:21:51e4:db4b:4436:b305
2620:1ec:c11::200
2a00:1288:110:c305::8000
2a00:1450:4001:800::2001
2a00:1450:4001:800::2002
2a00:1450:4001:802::2002
2a00:1450:4001:808::2002
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:812::200e
2a00:1450:4001:813::2004
2a00:1450:4001:827::2006
2a00:1450:4001:828::2004
2a00:1450:4001:828::200e
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:400c:c06::9b
2a02:2638:1::13
2a02:2638::3
2a02:fa8:8806:20::2010
2a03:2880:f007:8:face:b00c:0:1
3.124.143.99
35.244.159.8
37.157.6.242
37.252.173.27
52.45.215.106
52.46.130.91
52.49.238.187
54.194.226.253
54.36.109.48
69.173.144.139
69.173.144.141
01559f57641df820b03be9dcb3d02dd95bdc0317715bbd280fd8a7b57ac4b2ff
015a0499776620c0c404da5f0005b46d66b2ab0ae456992c10067b6eb31fa632
01b20c8ce373a68429e5c93c284ae7bb145b046915f39009ccb40dc16e283768
02aa7030f179a7105f64876b3774a767d9d2977928f7a5cfc5b937aea15ea34e
03558a79f6d34c406c21c9c3c7807e3485e07d94a416bc8a630ad1f79e6b766f
036ec0d3f4b621650aa3c647ae9d29d9ad1a5344f25d503a3e82669a8fdfaef3
06a8ac62f1f1eb0935471679b9fd58e360ff81ace219f1c3c651fb535dd83cc3
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b12397b5b55a7412531b1086b5bcbb520927f6797bc941e0ff126d0a6f5949f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d8d487cc7df84fc59e5980444b215b22c56fa23d758fcfab605dcac701858d9
0e8d576c5bad45e091da77e1c8d1da278eb7b5ecf5835cffab2631c795713f98
0f71c18e596afe5b3d7ce830c059db258c02747c199c05f8b4dda15def85d553
10602c87920d41b97a4c3704b1b6a7261d3379b88849f5b43ca1b86693a82ace
11388efa83698c6c6daf532fdcbe43eee1613cc9a5e3005f4b4467d2e5754e58
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13be237d90d8262c74ae3985b06982b1b1c3d3c003b7ff093518e4bf944e9fd1
152077b426e3db30e0077655edecd70593f2534292fb8a11a80014257ba0f505
18e92e82b3017a304e06ca8f11fdd4febdcae8a45e478cc1b9129fb6e6a79ced
195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8
1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99
1d5b7c64458f4af91dcfee0354be47adde1f739b5aded03a7ab6068a1bb6ca97
1e104986e2ec04cc2d6a15cbb4fb509c88279d9ea7256bed6ad4569705ef86bd
208585964835b9fb026ab6b094968be6cb37e9e8a8815e20ff1d45926f2db7d9
21e5aa81dac683231abc1691f7e7bea2267641f66cd1bf01c16a6021ec43da36
29beb035c28c642498ab0f9f89c5ebe12c757db148a23687d40dc435800c6022
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f8eefd577224e340e6975d24111afc3e8bb1b284d17416b99c590a5c681ac1e
30458c50c79be7e1c20b30412c295f8bc0682d4b1f16667d570ca93aee2fb550
316ab64ae6290ec0684081170a75a37bf02aadb13ce413964a776cc0775e008f
321382ad2e6690966361a24b557d925f4f766461d1a108412b2a4d85112a4f14
32b5733f4996a52e83a26b10397c44b39afd7ff7f121542d93485b0adf7c1722
350af27460ca803dcaafbd6e1d9351b05bb043b63275e8477abedaa9d82bc707
35a45c8fa5d5c65a247f05909ee183bee255b5c473e1bb7a6fe3e6bead0f1932
35e0bec81e1ce6b281ef99613532fd7aaed6e52ed6a618e446a021a379d337ba
36c901e4e2fc476aa2b22cef591ef21df59ef07b3503702dc50a8e42a06a3ac4
371f0ceab6655c8448f64525b1d11186cb67ca91398655ddf145c93d77964f91
3935860b5204c7f9f4b3e73190758246f27318e3b15ca1ca90d3be42fba49347
3c41ce856d6a0c25f5a8c666114bd9f43a42be3c75e3127fc182e555264e7efe
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e194684c8e9b713e55b563aa486bd261b7ae694c9a5704a527e9278e290edb1
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4091df774cd7a906cb15d6e87fae3c705c2f06cc32a6e642e63e2bf9363533cf
41184af56782217691e15b72f5672b6c7a6f45af7da021005759d8ff37a47719
42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859
4409f886851d18b5071cc08d25845e0d959d51fd1e9eec92118d0f12a44e5eeb
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
487739c941203283fc25b1bac02b4b8f3d59672e3dec2154f575060206bbb86a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49557e88a908686e65ccd31960518a2695cd4639eb2595a2a9f23b567211abda
49704ac7390764e7919c42cebcdfe7834653da38e5c68ab9170ed4b3bdacc942
4a35739516861cd983d6b2dd19234c17263eb880a06f5422e535fab13915c090
4a4ad321610e116c477620512dd1ae188a9bebdca0e1ef12b3c620709c219889
4bf1fb5d8f9a3d712c982a8589f7c1b3ab8260aae9ea4f9f94baab0471953c09
4c45afaf79bc4c2651bd64ed025410bb5a5e1251c678f231311eac4016eaaa49
4dc4abcd99f7976c1a0938575631974c55fa42bf76681e84ca56aeea3180966e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e3da77a5939fbc06cb620cc93ee888978121a1dcd5cdb746deeb936a4cd92f0
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5073fab4fddb9f037315ac9c663dce6681b03976250cab681638dfe17475466f
5197134265816a7fc5bf360b151eccef4b22bad4b875f4314970860a2e1f2127
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
541a6d341926375891bed4f719f3968c86b66f1acc874c3bc2649331a262a02e
561d1d847a8222278229ac5ea23c4268d0a7570bf39f48eecfcb0dc53412c380
564bf4299e68b925351668b1ba04bf6c7f10d455a572d33dc961c2389c5bba9d
5a3932adfe9f249c83c4f61d2ec2fc5a747c0f0d728fa0724f01f8f48739e28d
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b92d7d1b641847590d71e744e090e85937f56e470d0fcaf3743ae6929dd5bf8
5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257
5ceebdc539529efd2fca06540c4ed613a67796c4d96ecbd81c2f542f832e4f4a
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3
637059c3dcbc6617fb06a83eb5befb0b1f26a3126be2b660d3642de310be1527
6524bc72514bb645f1ec5b38c1e6289dd781e2c48a7f79b23ff3f331b982682a
65506c87a4e71875a107df7ca37f45ccfd40688cf8e01f65c7e71792dbd6818c
6769ec7a7f18db76ca106c0d5e8fa1e62009f77c854d0c20781f37e8236a4ac1
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e9e8d16e703a71a0020912bb5435e8af2e5b41bbd4661905471f84dfb52e1d3
6ebd701bf3040d7db200cdb8bc5e9687fb3ebddd73212261f33166579281a7ba
6f2f17b5d56eaa4353b90b4607714ee18c1a23eaa1fee61715ad21ed64f8c685
71e08572a5d417cb07e4efa2e38466a65da8b2b8e102c9db00c6adf70067bf98
71fd857dc56ed5075127c33ccdae59ad5d01f1fdb60c594d96bb84cab16c305c
724c4777740854820101c5820d2f5abd5d21d6497462b628d06c3ae6e7f40074
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
738ddea232874c82239c237498e051aeade604c081fcc45fe80776113f8c4a14
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
7438cd6d98fc8e372c9a87e319ab965229ce2ba37798db808c8408f791db86ca
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
756f65bc72ad18ac281e8ef320de3347f26d402701aeb8f659f33ffb8f036ccb
7697b75794dbcd4cc0a5a80fd74c57de9c03227d994f2ae9f0c75ee0f64e2d4a
76cbe2f9efced92669c43034af6308087179906bec76fb12a72e49304feb2107
78f269d8a3277a3f2371610ca27c85d02594a6064705a4d6ac34dd81da15b568
79f138d690a4ce6221dde6254a1db0691e1029f9dddefff8ce30f9dae2862cf3
7a1063e47f8cc1970d6dcccd64776b5c45bd12d01ec259d24d82ebdbaa451359
7d22d9a3214e6aa558c9ee28eb620ded5ef6a7780b82f94ecb8298f84b0d88d7
7dbdf39296ea9ea5fca372a71838e9d9fdfebd21758347de2d16bd03295f6294
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
8069956acb4c566506ff71f7a23c8e23f75ce9443384fe3393ed5c846924026e
8275ef9d5f9240a61eb32997a9699b303b998866179c14e955c28bca27378fb5
853a28d5d36e72ab545857f5add4f57a5491bf0f63c18aac75d7009e50779424
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2
8bc3474528c5517ecc37fd9cb4815378241ceb406d771685694902a71e06a2ae
8c3d437a4e1c254dbc99c9048446015c09a008fadbb32b74c21544672577ef75
8d17de0c3f4006643b304d30c54ebe97b85320570e0e2be4bec47a3f479b8adc
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ead66c45570261db495ce9eacdaf7fe533a186ca644bd51e920de146f4f865c
8f3ec4c25a5cd627784299ebe45ffb9df4012439050702519bafa06aa6535cba
8fe20551d6fbafaa6953cef0694c27ab9e381d137b530467c99b4cea674f08b6
90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88
9218acbcc40b9977b87e70230da08a1b766af4896013a1cc23ebb412619f195f
92f286deee64fb14b7b47d7755c2c5bfe4d99e7e3bcea1b813ccb6f850cdca56
93a5aff7973bd2b1639e0499d27018a88782692ddb340169b27fac0d37dc6a66
9521f4fdae08590c448b2bc06153040ac41264ca6686c790c00e4e5c41e8e008
9b09c1ad3d9eb60e8aba3dd0caa7e7e3c4c42b8c48ebc3e245dff754571a2cc4
9dff9c5d8bb8ff3117fe17757c275af96ca695dc60d7fb811331cb38815a91a6
9f95084d20675c6d9f00baa1afbee7336a2fc2b2d57ede7d651dd86655daa80a
a0a0137eab139b6a47e43ce907a0552975fc9b69aff3335779ef178f653bd70f
a10c4a83f872d862ed84b38eefd49428f40ca20a67c7b340c8e3be33cf9e1b42
a117924f559cb8da7692dc5a758f590fff1a959d1908f7055f2ec7a3efd35332
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19
a44483abbb911ba55cdcabe911145050e43890d19143c37d5cb8e89cb639b89d
a44484ecc8b7aa5da1603d6a7256d3eea3c5c8e5c6f50bcdb220b303e4b2010a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5069082fd23bba93317d61fd6da244d6a85f60e68af7dcb9b0a43284f1d835a
a586732e33eaf1f7580044488d6a2370885c9221b2f532999bef43b4f7c67442
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9a4c022c5f2a0fc240663b2efdd781fc353671f35ab5a7f351b5b27a2129003
a9a968b4b1c4238f84c189eb749ce350e4a3ad7e81c3770f134b893b3be1918f
a9f34ed5b2391cfabb07208a77c1a0fa72727e61a9d2418073613acee1837aa3
aaf604d45507622e885dda1bbde86c0d7364a93f39582a7ad9105595324fb3e8
ab5932db06a8b4092f8eebcfe41ed3705ab7712e27b0dac8f25e6de7b1e6c961
ad13fc021010340fc13f5319866836c9e12594f0f023c33a29884b4f607bbf26
ae310197bfb76f8f61f1c48e5c539c24a0e33c23d4b837ea7268156d7a87ff00
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b004662ad33746c24b0cc204d2011917a32c55760c2ec6186573ed54a76f99bd
b095c6cc218a87dcfdf6b99a5bf4e7f7524ea3baa99ee1118a58b1765657e73a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b163ccffc514a5d86b836108c2dfa2ae84c71b1af820257d78e048bb384f4ac1
b1c321c6b746380f8052db7a87e463af4b400025e32d4926504d00babd51a45c
b1ec3a25550e54acc2f171f2dbbe153d1d6f3b9b9263392246fce96627b70a69
b1fc581c9031430c68eb5903d206b8162b6ee3f2dae97be6791b63f193382c14
b2ce8f0111469e10cddbc1316fc307acfd3245088b363f7e9d46496e0fabb054
b41bf7d01edc13039f98eb6e04853444a336731d3d6cfc4525823e6df5394ba8
b4939310e41a8e4d893cb1553d9e5cf8e6ce56bab6ce3c27d38716938bd088b9
b4bbb009b98b639ba85e68f306d3bdb0ec213e68476d25be0fb9a94d4701ab42
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b7e96ebdcc20e65883a822b3a00dfef6e1f70837061033d8726aeea8e67e2c90
b9e0fbb17cb88a5e61028a515336c8eb9ca0802388bf58cdb423b8d11de2997b
bbf8fc8c0de16cb5b289044f91edea000663b1f970bda252c4dc16f0abf32d73
bc4a808da0636c4f331711cbbe00a655cad5d357171d2329564eacb18a84e4e1
be2e173c7120f452f20897f1c31b44ffa99f009e945bdc1a51acdb632d5566d6
be4f754acf2dd33169add8976c1264f647470efdc993927040e23c4d310a835f
c05b74a7e5c603e06b47126f184675dc2cf3283c8e1a1d1dc97d2dd49fd59620
c07fc7f4d158db9bbe9a8f9d85b78ba9328a41351212da08e40f16bdd94a5e9a
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2e13a51bdb21ed01f75bbfb452cce3e77def97d4f95ac1e2161f2b060fa6453
c33e931153a5d48ac0f9521179fc8086b3bae8e217e47b7b2f55b02fa3dec5bd
c430c267231b0171372bc7daa045e7293403f2744255796e9121c320760f191a
c497b94aad4ff2b4043e0b4317d21874280e0c65e5551feafeeaa312af2f12b3
c827a86d0d89a5818e2997f0731ac13aa3fbf0147f9ea9dd1c7b0420854b9aa0
c90e6958ef2a90b5d60d5fcc5c7e013cc91a8780cc51b8f0a32d8094976fb858
ca4fff3b81a1dd54550cd75331dfc40df22eed7974879fbedbcefc56f512578b
ca776816920a0faa88aa54be0deb5c0e39896233866f4104836eede8f257cb09
cbf1281dcf2b64d28c0cc90b38935f2ddc21bffa93fdc00f8423007a8ff2b687
ccca522b7af15fd5e1b010810a262c7ae84c6151735bf8b371af5b6501357004
cd15838c66b98228837e3d6ec037d0f04fd4014b9ec7bbefae6e0fea52350dc5
ce17e3b628441f5b4d804cbf5c12b57456166492bbaa9395a7ad6b75d03a34ac
ce61b415c51a5e47958973f551bb96536d21c94e509c54566f4acb07b9049b05
d06ae5e97e495832fc4526c3e93d7e9440f1faf5f77669b41678c9d564a25faf
d0fee12d4c721b10d3123d4b054feff17ce13acb37a95e4de4c70b5a4c892f2f
d322f1f4d60227692b85d713e00403235d0287ee4c2963010eaba969b9f81f4d
d425d7b0f4a017086696d307572cd8e0a3b8e89797a52d4b638d53fcefebbfea
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d6b499335edc1ecb50766973ae4f75a30ed2b4aaa9dcebafc48f91752e4b0f9c
db57910557cd7701310fbc58b1dc943b4d1df44610b6e3c5a22d51d44bb169e3
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5
e1ee67b0ed8e91c5abe22d3391f9fb36dd6a130164aa14cf69c496883fac4ef6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e7a1375f883984026b922acfbe7cbc0bd02effdbfbfdde9354922a6055502624
eb5656bda64374e6e58e7e6be2578580fe8b0e50c474762566948a520c0df637
eca8ffa764a66cd084800e2e71c4176ef089ebd805515664a6cb8d4fb3b598bf
eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f35f6616aa2148b09cbdefd3aec6d3d3e94b83327346ef0d5cdac2e3b6537526
f5e848c7e4540313da4a87963317f576f042ab3b4c632d3a7443dc09fe27fd68
f921188799ce28d29bc322d669e1931e5e883b531b534426a5914a99b5299147
f9c46ea386435da413e3f5e673e63135fdc1aab15a76b818f663e0529d6997f8
fe812ec7ae525972cd2b9ba86e97393e2fc3722054f72ed57aedc6689b1a6adc
feb1c601802204491bbda3914d907f5160e2505eaba5b10aebcbb18ce96bfcdb

newerafin.site Open in urlscan Pro 179.43.160.52 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

279 Requests

98 %HTTPS

48 %IPv6

50 Domains

74 Subdomains

61 IPs

11 Countries

4572 kBTransfer

11384 kBSize

5 Cookies

233 Outgoing links

Page URL History

Redirected requests

279 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

newerafin.site Open in urlscan Pro
179.43.160.52 Public Scan

Screenshot
Live screenshot

Full Image

279
Requests

98 %
HTTPS

48 %
IPv6

50
Domains

74
Subdomains

61
IPs

11
Countries

4572 kB
Transfer

11384 kB
Size

5
Cookies

279 HTTP transactions
9 data transactions