mainnews.us Open in urlscan Pro
207.246.97.180 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://apps2.xendsys.com/index.php/campaigns/jv248sx5oxb72/track-url/vk0466ftelff8/0f8148354b4a4021b463bbbb8b422f92ab6cf6f1
Effective URL:
https://mainnews.us/contact/
Submission: On November 14 via api (November 14th 2022, 11:20:41 pm UTC) from SG — Scanned from DE

Summary HTTP 153 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 21 IPs in 3 countries across 16 domains to perform 153 HTTP transactions. The main IP is 207.246.97.180, located in Los Angeles, United States and belongs to AS-CHOOPA, US. The main domain is mainnews.us.
TLS certificate: Issued by R3 on October 17th 2022. Valid for: 3 months.

This is the only time mainnews.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	88.198.33.229 88.198.33.229	24940 (HETZNER-AS) (HETZNER-AS)
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
61	207.246.97.180 207.246.97.180	20473 (AS-CHOOPA) (AS-CHOOPA)
2	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
14	54.235.194.113 54.235.194.113	14618 (AMAZON-AES) (AMAZON-AES)
14	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2604:a880:4:1... 2604:a880:4:1d0::4cf:c000	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	50.19.60.226 50.19.60.226	14618 (AMAZON-AES) (AMAZON-AES)
7	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4007:82c::2003	15169 (GOOGLE) (GOOGLE)
153	21

1 88.198.33.229 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-33-229.clients.your-server.de

apps2.xendsys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

61 207.246.97.180 (Los Angeles, United States)

ASN20473 (AS-CHOOPA, US)
PTR: 207.246.97.180.vultrusercontent.com

mainnews.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 54.235.194.113 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: droptrim.com

www.droptrim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2604:a880:4:1d0::4cf:c000 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

moderate1.cleantalk.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.19.60.226 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-19-60-226.compute-1.amazonaws.com

geo.wpforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4007:82c::2003 (Australia)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
61	mainnews.us mainnews.us	706 KB
23	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 136	353 KB
15	google.com 1 redirects fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1952 adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2	48 KB
14	droptrim.com www.droptrim.com — Cisco Umbrella Rank: 688454	32 KB
13	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	98 KB
10	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190	117 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36 region1.google-analytics.com — Cisco Umbrella Rank: 2536	21 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	5 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	95 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	108 KB
1	wpforms.com geo.wpforms.com — Cisco Umbrella Rank: 85700	710 B
1	google.de adservice.google.de — Cisco Umbrella Rank: 8709	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 860	694 B
1	cleantalk.org moderate1.cleantalk.org — Cisco Umbrella Rank: 109747	364 B
1	bit.ly 1 redirects bit.ly — Cisco Umbrella Rank: 5383	230 B
1	xendsys.com 1 redirects apps2.xendsys.com	290 B
153	16

	Domain	Requested by
61	mainnews.us	mainnews.us
14	www.droptrim.com	mainnews.us www.droptrim.com
12	pagead2.googlesyndication.com	mainnews.us pagead2.googlesyndication.com www.gstatic.com googleads.g.doubleclick.net tpc.googlesyndication.com
12	fundingchoicesmessages.google.com	mainnews.us
11	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
7	www.gstatic.com	googleads.g.doubleclick.net
5	fonts.googleapis.com	mainnews.us googleads.g.doubleclick.net
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com mainnews.us
3	csi.gstatic.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
3	fonts.gstatic.com	fonts.googleapis.com
2	securepubads.g.doubleclick.net	googleads.g.doubleclick.net
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	www.googletagmanager.com	mainnews.us www.googletagmanager.com
1	geo.wpforms.com	mainnews.us
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	moderate1.cleantalk.org	mainnews.us
1	bit.ly	1 redirects
1	apps2.xendsys.com	1 redirects
153	23

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
joinbox.today

Subject Issuer	Validity	Valid
mainnews.us R3	`2022-10-17` - `2023-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
droptrim.com R3	`2022-11-10` - `2023-02-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.cleantalk.org Sectigo RSA Domain Validation Secure Server CA	`2022-09-12` - `2023-09-24`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
geo.wpforms.com Go Daddy Secure Certificate Authority - G2	`2022-07-08` - `2023-08-09`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://mainnews.us/contact/
Frame ID: B1FA1D7853487F6C5F55FB207F25C1C8
Requests: 108 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: 8AC5DC1CD739DEAE7851286146BC0076
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4975286303495203&output=html&adk=1812271804&adf=3025194257&lmt=1668442755&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fmainnews.us%2Fcontact%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668468034397&bpp=4&bdt=798&idt=162&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1232439954974&rume=1&frm=20&pv=2&ga_vid=1636432863.1668468034&ga_sid=1668468035&ga_hid=2122621651&ga_fc=1&ga_cid=1965668284.1668468034&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070923%2C44770880%2C31061691%2C31061692&oid=2&pvsid=3623171978390649&tmod=820620704&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=240
Frame ID: C126825B79225397038DDD0984D46788
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4975286303495203&output=html&h=600&slotname=1674806724&adk=1142252154&adf=3325007952&pi=t.ma~as.1674806724&w=160&lmt=1668442755&format=160x600&url=https%3A%2F%2Fmainnews.us%2Fcontact%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668468034698&bpp=8&bdt=1099&idt=8&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1232439954974&rume=1&frm=20&pv=1&ga_vid=1636432863.1668468034&ga_sid=1668468035&ga_hid=2122621651&ga_fc=1&ga_cid=1965668284.1668468034&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070923%2C44770880%2C31061691%2C31061692&oid=2&pvsid=3623171978390649&tmod=820620704&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=J4gJPtP64Y&p=https%3A//mainnews.us&dtd=15
Frame ID: 0276FFEFA441D5BF4ADBF4A00A745065
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4975286303495203&output=html&h=600&slotname=1674806724&adk=1241852481&adf=2062364780&pi=t.ma~as.1674806724&w=160&lmt=1668442755&format=160x600&url=https%3A%2F%2Fmainnews.us%2Fcontact%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668468034716&bpp=1&bdt=1116&idt=1&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=1232439954974&rume=1&frm=20&pv=1&ga_vid=1636432863.1668468034&ga_sid=1668468035&ga_hid=2122621651&ga_fc=1&ga_cid=1965668284.1668468034&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070923%2C44770880%2C31061691%2C31061692&oid=2&pvsid=3623171978390649&tmod=820620704&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IT3SnAHwu6&p=https%3A//mainnews.us&dtd=4
Frame ID: B96F5E37CD16308CAC3B96DE6302002C
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DDB15C4477F73507267199C20630BF53
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Frame ID: 094126137211A95D122934D06D0DE87B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Frame ID: 2283381FDF4BB21E9B4D28CF311D4D4C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8B84FA73B3E262D02C1E3E88418B4290
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E6EEE61F79E23749D68C920223BDC9A5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Contact | U.S Main News

Page URL History Show full URLs

https://apps2.xendsys.com/index.php/campaigns/jv248sx5oxb72/track-url/vk0466ftelff8/0f8148354b4a4021b4... HTTP 301
https://bit.ly/Contact-US-Main-News HTTP 301
https://mainnews.us/contact/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

153
Requests

100 %
HTTPS

77 %
IPv6

16
Domains

23
Subdomains

21
IPs

3
Countries

1587 kB
Transfer

5354 kB
Size

11
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/usmainnews

Search URL Search Domain Scan URL

URL: https://twitter.com/US_Main_News

Search URL Search Domain Scan URL

URL: https://joinbox.today/landing/6007343eea75320001ecbc3d/6339222dd63f4a00017c4eca
Title: SUBSCRIBE NEWSLETTERS

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://apps2.xendsys.com/index.php/campaigns/jv248sx5oxb72/track-url/vk0466ftelff8/0f8148354b4a4021b463bbbb8b422f92ab6cf6f1 HTTP 301
https://bit.ly/Contact-US-Main-News HTTP 301
https://mainnews.us/contact/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 118

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

153 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
mainnews.us/contact/
Redirect Chain

https://apps2.xendsys.com/index.php/campaigns/jv248sx5oxb72/track-url/vk0466ftelff8/0f8148354b4a4021b463bbbb8b422f92ab6cf6f1
https://bit.ly/Contact-US-Main-News
https://mainnews.us/contact/

162 KB
34 KB

712ms
338ms

Document
text/html

207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: 2f5d62e8728c5492ee70f9e9c35858ecb1993569eb5a5b2e349a00fc123c831b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 10852
cache-control: max-age=0
cache-provider: CLOUDWAYS-CACHE-DE
content-encoding: gzip
content-length: 34071
content-type: text/html; charset=utf-8
date: Mon, 14 Nov 2022 23:20:33 GMT
expires: Mon, 14 Nov 2022 20:19:40 GMT
last-modified: Mon, 14 Nov 2022 16:19:15 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=90
content-length: 115
content-type: text/html; charset=utf-8
date: Mon, 14 Nov 2022 23:20:32 GMT
location: https://mainnews.us/contact/
server: nginx
via: 1.1 google

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 89ms
36ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-233292510-1

Requested by

Host: mainnews.us
URL: https://mainnews.us/contact/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ef17fc912866f1d8a5bf16191e8c8278ca4d40468e48556bf326bd7fcf8673fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43680
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 22:32:10 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 14 Nov 2022 23:20:33 GMT

GET
H2 200 style.min.css
mainnews.us/wp-includes/css/dist/block-library/ 93 KB
12 KB 195ms
189ms Stylesheet
text/css 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-includes/css/dist/block-library/style.min.css?ver=6.1
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: 187af6783dd59cd3b9dd90e77b3daa1509c1c3c18f5ce5d6fe2133f9bc3828df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:33 GMT
content-encoding: gzip
last-modified: Wed, 02 Nov 2022 03:50:38 GMT
server: nginx
etag: W/"6361e90e-17265"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 classic-themes.min.css
mainnews.us/wp-includes/css/ 217 B
348 B 195ms
190ms Stylesheet
text/css 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:33 GMT
content-encoding: gzip
last-modified: Wed, 02 Nov 2022 03:50:38 GMT
server: nginx
etag: W/"6361e90e-d9"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 cleantalk-public.min.css
mainnews.us/wp-content/plugins/cleantalk-spam-protect/css/ 591 B
495 B 202ms
196ms Stylesheet
text/css 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-content/plugins/cleantalk-spam-protect/css/cleantalk-public.min.css?ver=5.188
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: 22e1d4ca8e3b35d99f52810f28e11145a323dd0e849caea9ae81f34e19adcb65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:33 GMT
content-encoding: gzip
last-modified: Thu, 03 Nov 2022 02:21:33 GMT
server: nginx
etag: W/"636325ad-24f"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 84ms
30ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald%3A400&display=swap&ver=6.1

Requested by

Host: mainnews.us
URL: https://mainnews.us/contact/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

710eaf5de9e92f3e678aaa8c5789dc4fd9a7537ba964c94041f28f415f6adc7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Nov 2022 23:20:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 21:27:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Nov 2022 23:20:33 GMT

GET
H2 200 wpforms-full.min.css
mainnews.us/wp-content/plugins/wpforms/assets/css/ 40 KB
6 KB 217ms
212ms Stylesheet
text/css 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-content/plugins/wpforms/assets/css/wpforms-full.min.css?ver=1.7.7.2
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: 255461391b6771e7dc6c882281d511840dadb05a17e8488fb9cdb7c470f3966f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:33 GMT
content-encoding: gzip
last-modified: Sun, 16 Oct 2022 21:14:44 GMT
server: nginx
etag: W/"634c7444-9ffd"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 css
fonts.googleapis.com/ 17 KB
1 KB 88ms
34ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%26subset%3Dlatin%2Ccyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext&display=swap&ver=8.2.8

Requested by

Host: mainnews.us
URL: https://mainnews.us/contact/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b253ef3fe01bdd1dbcf682caf6954cbf64877cf67955b085f18fd896809d7e83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Nov 2022 23:20:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 23:20:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Nov 2022 23:20:33 GMT

GET
H2 200 main.css
mainnews.us/wp-content/themes/soledad/ 1 MB
135 KB 259ms
253ms Stylesheet
text/css 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-content/themes/soledad/main.css?ver=8.2.8
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: 5e94a3a8b9b7aee447df06f08ca5ddbf00f3e3d52d3112af6726ee8a69299637

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:33 GMT
content-encoding: gzip
last-modified: Fri, 28 Oct 2022 03:17:53 GMT
server: nginx
etag: W/"635b49e1-116f73"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 font-awesome.4.7.0.swap.min.css
mainnews.us/wp-content/themes/soledad/css/ 30 KB
7 KB 518ms
513ms Stylesheet
text/css 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-content/themes/soledad/css/font-awesome.4.7.0.swap.min.css?ver=4.7.0
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: 582c413cbd7988d2047f667ccda947fcb5b1df3505ff0506fe9fd90188236b1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:33 GMT
content-encoding: gzip
last-modified: Fri, 28 Oct 2022 03:17:53 GMT
server: nginx
etag: W/"635b49e1-793f"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 penci-icon.css
mainnews.us/wp-content/themes/soledad/css/ 6 KB
1 KB 519ms
514ms Stylesheet
text/css 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-content/themes/soledad/css/penci-icon.css?ver=8.2.8
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: e10fd00a2b96373b8b2eb67e8826be0c9e9b84b285d83a63c85037277fca8c1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:33 GMT
content-encoding: gzip
last-modified: Fri, 28 Oct 2022 03:17:53 GMT
server: nginx
etag: W/"635b49e1-1845"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 style.css
mainnews.us/wp-content/themes/soledad/ 698 B
600 B 519ms
514ms Stylesheet
text/css 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-content/themes/soledad/style.css?ver=8.2.8
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: 9e3f3086eed70349e0bff17948927d693d5e3127f49ae823a5d7a820fcd02e3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:33 GMT
content-encoding: gzip
last-modified: Fri, 28 Oct 2022 03:17:53 GMT
server: nginx
etag: W/"635b49e1-2ba"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 social-counter.css
mainnews.us/wp-content/themes/soledad/css/ 4 KB
971 B 519ms
515ms Stylesheet
text/css 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-content/themes/soledad/css/social-counter.css?ver=8.2.8
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: e5847f348a4a136d00816c7b18e42cd0f67b762057cb00a3e404abf6dc5268c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:33 GMT
content-encoding: gzip
last-modified: Fri, 28 Oct 2022 03:17:53 GMT
server: nginx
etag: W/"635b49e1-110e"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 frontend-lite.min.css
mainnews.us/wp-content/plugins/elementor/assets/css/ 101 KB
13 KB 519ms
515ms Stylesheet
text/css 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.8.1
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: 68dc20b37b0b7071711805588742ddad6cc6aaac49f319148fb78a648baeaa60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:33 GMT
content-encoding: gzip
last-modified: Sun, 13 Nov 2022 15:51:22 GMT
server: nginx
etag: W/"6371127a-19538"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 post-9.css
mainnews.us/wp-content/uploads/elementor/css/ 1 KB
516 B 520ms
515ms Stylesheet
text/css 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-content/uploads/elementor/css/post-9.css?ver=1668354727
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: 96c4039641b29e4adb7d3701b67df4fa7972b174e9241ded98b0611ba7f535f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:33 GMT
content-encoding: gzip
last-modified: Sun, 13 Nov 2022 15:52:07 GMT
server: nginx
etag: W/"637112a7-44b"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 global.css
mainnews.us/wp-content/uploads/elementor/css/ 9 KB
995 B 520ms
516ms Stylesheet
text/css 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-content/uploads/elementor/css/global.css?ver=1668354727
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: 7b64a84c219d901e94b497f2374a5eabfa89a26b3c2891c774979dea81bb66d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:33 GMT
content-encoding: gzip
last-modified: Sun, 13 Nov 2022 15:52:07 GMT
server: nginx
etag: W/"637112a7-2503"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 post-16.css
mainnews.us/wp-content/uploads/elementor/css/ 2 KB
665 B 520ms
516ms Stylesheet
text/css 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-content/uploads/elementor/css/post-16.css?ver=1668363873
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: 51e96c923e6df4a1a64113bcc8c2a7636c36848b8b7cd9ea3a379cb19548d213

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:33 GMT
content-encoding: gzip
last-modified: Sun, 13 Nov 2022 18:24:33 GMT
server: nginx
etag: W/"63713661-862"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 post-1420.css
mainnews.us/wp-content/uploads/elementor/css/ 8 KB
1 KB 521ms
517ms Stylesheet
text/css 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-content/uploads/elementor/css/post-1420.css?ver=1668354727
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: b170ab2f002233aac70a0afb9fac94cf43ab5bb260cd966f399580c7bdfa105c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:33 GMT
content-encoding: gzip
last-modified: Sun, 13 Nov 2022 15:52:07 GMT
server: nginx
etag: W/"637112a7-21f3"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 recipe.css
mainnews.us/wp-content/plugins/penci-recipe/css/ 22 KB
4 KB 521ms
517ms Stylesheet
text/css 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-content/plugins/penci-recipe/css/recipe.css?ver=3.3
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: 834619f071e37fd4b396c70c32c74d00f2b7e92f8c1839b7e09093157784d64c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:33 GMT
content-encoding: gzip
last-modified: Sun, 16 Oct 2022 21:14:41 GMT
server: nginx
etag: W/"634c7441-5962"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 css
fonts.googleapis.com/ 42 KB
2 KB 85ms
33ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1

Requested by

Host: mainnews.us
URL: https://mainnews.us/contact/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5dfdf00359b7743919a732ae8eb80536ff206faaf16a99fcdd3f967aca1f81e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Nov 2022 23:20:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 23:20:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Nov 2022 23:20:33 GMT

GET
H2 200 frontend-gtag.min.js Show response
mainnews.us/wp-content/plugins/google-analytics-premium/assets/js/ 12 KB
3 KB 521ms
517ms Script
application/javascript 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-content/plugins/google-analytics-premium/assets/js/frontend-gtag.min.js?ver=8.10.0
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: abc9faa4970e07db7d506d6b2a98e4c86223be305c7541ced54ea2e15f99a76e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:33 GMT
content-encoding: gzip
last-modified: Mon, 07 Nov 2022 19:38:08 GMT
server: nginx
etag: W/"63695ea0-2e7a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 jquery.min.js Show response
mainnews.us/wp-includes/js/jquery/ 88 KB
31 KB 521ms
518ms Script
application/javascript 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:33 GMT
content-encoding: gzip
last-modified: Wed, 02 Nov 2022 03:50:38 GMT
server: nginx
etag: W/"6361e90e-15e54"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 jquery-migrate.min.js Show response
mainnews.us/wp-includes/js/jquery/ 11 KB
4 KB 521ms
518ms Script
application/javascript 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:33 GMT
content-encoding: gzip
last-modified: Sun, 16 Oct 2022 21:14:43 GMT
server: nginx
etag: W/"634c7443-2bd8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 apbct-public-bundle.min.js Show response
mainnews.us/wp-content/plugins/cleantalk-spam-protect/js/ 44 KB
12 KB 521ms
518ms Script
application/javascript 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-content/plugins/cleantalk-spam-protect/js/apbct-public-bundle.min.js?ver=5.188
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: f12b90d295e63139db9a67d0adaed520b37cae4fadf071c5541c421c021c84d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:33 GMT
content-encoding: gzip
last-modified: Thu, 03 Nov 2022 02:21:33 GMT
server: nginx
etag: W/"636325ad-afab"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 pub-4975286303495203 Show response
fundingchoicesmessages.google.com/i/ 110 KB
39 KB 130ms
63ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/pub-4975286303495203?ers=1

Requested by

Host: mainnews.us
URL: https://mainnews.us/contact/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b8e1d161afce8b7ce07e094b5597a59b7be4a8eb938aa45b201869956676f6a5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-g3hH88Fch7eriDYlkwsHqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:34 GMT
content-security-policy: script-src 'report-sample' 'nonce-g3hH88Fch7eriDYlkwsHqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK vhsgotusOnsOLVBQ Show response
www.droptrim.com/pixel/ 73 KB
17 KB 500ms
257ms Script
application/javascript 54.235.194.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.droptrim.com/pixel/vhsgotusOnsOLVBQ
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.235.194.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: droptrim.com
Software: nginx/1.18.0 (Ubuntu) / PHP/7.2.34
Resource Hash: 6ac209c96aa9112483b9e62cc6255555b2638bb0d326825d389bb7760dfe7d81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: cache
Date: Mon, 14 Nov 2022 23:20:34 GMT
Content-Encoding: gzip
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: PHP/7.2.34
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS,PUT,DELETE,PATCH
Content-Type: application/javascript
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 16327
Expires: Mon, 14 Nov 2022 23:20:34 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 169 KB
55 KB 117ms
60ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4975286303495203

Requested by

Host: mainnews.us
URL: https://mainnews.us/contact/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7835dce12be04d159745cef8e699c59ecc7cc29efaa19900c0adf36ac0e69f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mainnews.us/
Origin: https://mainnews.us
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55495
x-xss-protection: 0
server: cafe
etag: 4714410958713254604
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 14 Nov 2022 23:20:34 GMT

GET
H2 200 MainNews-Logo-1.png
mainnews.us/wp-content/uploads/2022/10/ 2 KB
2 KB 381ms
377ms Image
image/png 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mainnews.us/wp-content/uploads/2022/10/MainNews-Logo-1.png
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: bb687b459083ae32bf76364ba91570b898e31c2ae06ca058a28a294288216ad8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:34 GMT
last-modified: Sun, 16 Oct 2022 21:08:30 GMT
server: nginx
etag: "634c72ce-64e"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1614

GET
H2 200 submit-spin.svg
mainnews.us/wp-content/plugins/wpforms/assets/images/ 509 B
506 B 381ms
377ms Image
image/svg+xml 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mainnews.us/wp-content/plugins/wpforms/assets/images/submit-spin.svg
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: 7ffd6ec4d1b1980400d8cc710d2edd0fb7833e2c83262f8401247043ca258149

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:34 GMT
content-encoding: gzip
last-modified: Sun, 16 Oct 2022 21:14:45 GMT
server: nginx
etag: W/"634c7445-1fd"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000

GET
H2 200 Mian-News-Logo.png
mainnews.us/wp-content/uploads/2021/11/ 3 KB
3 KB 381ms
378ms Image
image/png 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mainnews.us/wp-content/uploads/2021/11/Mian-News-Logo.png
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: 15fbc37b143fcd68af84ba0672fec28552104ba8da1e4be39541ecb9458d496b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:34 GMT
last-modified: Sun, 16 Oct 2022 21:09:02 GMT
server: nginx
etag: "634c72ee-a53"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2643

GET
H2 200 widget-icon-list.min.css
mainnews.us/wp-content/plugins/elementor/assets/css/ 11 KB
1 KB 170ms
170ms Stylesheet
text/css 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: ca64cc8b00bd9235466fbc6a2c84877714af3720d7dd78cf070f4cd7d82dec17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:34 GMT
content-encoding: gzip
last-modified: Sun, 13 Nov 2022 15:51:22 GMT
server: nginx
etag: W/"6371127a-2dff"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H/1.1 200
OK e24dc0fd19cd69ea1a8dde634d26b5a8.gif
moderate1.cleantalk.org/pixel/ 43 B
364 B 551ms
174ms Image
image/gif 2604:a880:4:1d0::4cf:c000
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://moderate1.cleantalk.org/pixel/e24dc0fd19cd69ea1a8dde634d26b5a8.gif

Requested by

Host: mainnews.us
URL: https://mainnews.us/contact/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2604:a880:4:1d0::4cf:c000 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 23:20:34 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 animations.min.css
mainnews.us/wp-content/plugins/elementor/assets/lib/animations/ 18 KB
3 KB 171ms
171ms Stylesheet
text/css 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.8.1
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:34 GMT
content-encoding: gzip
last-modified: Sun, 13 Nov 2022 15:51:22 GMT
server: nginx
etag: W/"6371127a-4824"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 intl-tel-input.min.css
mainnews.us/wp-content/plugins/wpforms/assets/pro/css/fields/phone/ 79 KB
7 KB 179ms
171ms Stylesheet
text/css 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-content/plugins/wpforms/assets/pro/css/fields/phone/intl-tel-input.min.css?ver=17.0.17
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: f94b28d0dafc3943e6cc6dae6756a1b1551c63b12bdbfe2be65d24a64f89c940

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:34 GMT
content-encoding: gzip
last-modified: Sun, 16 Oct 2022 21:14:48 GMT
server: nginx
etag: W/"634c7448-13a43"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 jquery.easypiechart.min.js Show response
mainnews.us/wp-content/plugins/penci-review/js/ 4 KB
2 KB 179ms
172ms Script
application/javascript 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-content/plugins/penci-review/js/jquery.easypiechart.min.js?ver=1.0
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: f73f452b5961dbe04bffdc40586dc8c689e172c2dcbfa90353d92acb7a08c444

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:34 GMT
content-encoding: gzip
last-modified: Sun, 16 Oct 2022 21:14:43 GMT
server: nginx
etag: W/"634c7443-f96"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 review.js Show response
mainnews.us/wp-content/plugins/penci-review/js/ 789 B
533 B 180ms
172ms Script
application/javascript 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-content/plugins/penci-review/js/review.js?ver=1.0
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: 26b5a9446c18da1563178cd30d379a3b569420d1ab17f8f8282430de8b8482b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:34 GMT
content-encoding: gzip
last-modified: Sun, 16 Oct 2022 21:14:41 GMT
server: nginx
etag: W/"634c7441-315"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 play.js Show response
mainnews.us/wp-content/plugins/penci-shortcodes/assets/ 415 B
453 B 181ms
173ms Script
application/javascript 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-content/plugins/penci-shortcodes/assets/play.js?ver=5.3
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: 1f85dab3cd1a342bf26134fd9c422cd3bee58230c8c3fbad9b035d2ac02c8175

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:34 GMT
content-encoding: gzip
last-modified: Sun, 16 Oct 2022 21:14:43 GMT
server: nginx
etag: W/"634c7443-19f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 penci-lazy.js Show response
mainnews.us/wp-content/themes/soledad/js/ 9 KB
3 KB 181ms
173ms Script
application/javascript 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-content/themes/soledad/js/penci-lazy.js?ver=8.2.8
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: 6671249683f30cbeaf1362a61f8793660a1ea97751cc7f4a614f585fa41b9d91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:34 GMT
content-encoding: gzip
last-modified: Fri, 28 Oct 2022 03:17:53 GMT
server: nginx
etag: W/"635b49e1-228f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 libs-script.min.js Show response
mainnews.us/wp-content/themes/soledad/js/ 165 KB
45 KB 189ms
182ms Script
application/javascript 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-content/themes/soledad/js/libs-script.min.js?ver=8.2.8
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: 7707208a1c71243cb764c0a95bc41ce8b0d2a316d2d01b3b9678b2560cdb06d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:34 GMT
content-encoding: gzip
last-modified: Fri, 28 Oct 2022 03:17:53 GMT
server: nginx
etag: W/"635b49e1-29331"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 main.js Show response
mainnews.us/wp-content/themes/soledad/js/ 93 KB
15 KB 207ms
200ms Script
application/javascript 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-content/themes/soledad/js/main.js?ver=8.2.8
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: 2ac6574404f8332cae71e40a3b4ab642b8e71ef4c56a1e9684394656e2472a55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:34 GMT
content-encoding: gzip
last-modified: Fri, 28 Oct 2022 03:17:53 GMT
server: nginx
etag: W/"635b49e1-1759e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 post-like.js Show response
mainnews.us/wp-content/themes/soledad/js/ 1 KB
635 B 208ms
201ms Script
application/javascript 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-content/themes/soledad/js/post-like.js?ver=8.2.8
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: 012f916c0da7df9f2f60c07ecac0fb5112fca218ae271b22f976aeb4ae811d02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:34 GMT
content-encoding: gzip
last-modified: Fri, 28 Oct 2022 03:17:53 GMT
server: nginx
etag: W/"635b49e1-459"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 archive-more-post.js Show response
mainnews.us/wp-content/themes/soledad/js/ 8 KB
2 KB 332ms
326ms Script
application/javascript 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-content/themes/soledad/js/archive-more-post.js?ver=8.2.8
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: d2420602ab8ccfe6007950965aade5665ae47f64af257146d8df0f6892c18454

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:34 GMT
content-encoding: gzip
last-modified: Fri, 28 Oct 2022 03:17:53 GMT
server: nginx
etag: W/"635b49e1-21c4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 comment-reply.min.js Show response
mainnews.us/wp-includes/js/ 3 KB
1 KB 333ms
326ms Script
application/javascript 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-includes/js/comment-reply.min.js?ver=6.1
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:34 GMT
content-encoding: gzip
last-modified: Sun, 16 Oct 2022 21:14:43 GMT
server: nginx
etag: W/"634c7443-ba5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 penci-header-builder.js Show response
mainnews.us/wp-content/themes/soledad/inc/builder/assets/js/ 4 KB
1 KB 333ms
327ms Script
application/javascript 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-content/themes/soledad/inc/builder/assets/js/penci-header-builder.js?ver=8.2.8
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: d77f34e949801d83dc82c9272f0496bf9ea3d69b3d74b8e3209e706cda968c08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:34 GMT
content-encoding: gzip
last-modified: Fri, 28 Oct 2022 03:17:53 GMT
server: nginx
etag: W/"635b49e1-1006"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 jquery.rateyo.min.js Show response
mainnews.us/wp-content/plugins/penci-recipe/js/ 9 KB
4 KB 334ms
328ms Script
application/javascript 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-content/plugins/penci-recipe/js/jquery.rateyo.min.js?ver=3.3
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: b5d02f2185ebaa449c168561a1900a1540c68aee0241feadb3c75a545900fff7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:34 GMT
content-encoding: gzip
last-modified: Sun, 16 Oct 2022 21:14:41 GMT
server: nginx
etag: W/"634c7441-23c4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 rating_recipe.js Show response
mainnews.us/wp-content/plugins/penci-recipe/js/ 1 KB
693 B 335ms
328ms Script
application/javascript 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-content/plugins/penci-recipe/js/rating_recipe.js?ver=3.3
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: e7a9aaef125713e5b57733e89b419b2dc7145efb1301fadc6eb312f21fbe0838

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:34 GMT
content-encoding: gzip
last-modified: Sun, 16 Oct 2022 21:14:42 GMT
server: nginx
etag: W/"634c7442-4cc"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 penci-portfolio.js Show response
mainnews.us/wp-content/plugins/penci-portfolio/js/ 1 KB
605 B 335ms
329ms Script
application/javascript 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-content/plugins/penci-portfolio/js/penci-portfolio.js?ver=1.0
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: 32e092aeb78ab1755b68404b12f3e60807633957e2847d89793a57cf123d3668

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:34 GMT
content-encoding: gzip
last-modified: Sun, 16 Oct 2022 21:14:42 GMT
server: nginx
etag: W/"634c7442-4b0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 webpack.runtime.min.js Show response
mainnews.us/wp-content/plugins/elementor/assets/js/ 5 KB
2 KB 336ms
330ms Script
application/javascript 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: f6eb858ead7f15dcd18541c5433714e0c0966d81b8d009a2d49e5a181e548fbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:34 GMT
content-encoding: gzip
last-modified: Sun, 13 Nov 2022 15:51:22 GMT
server: nginx
etag: W/"6371127a-135d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 frontend-modules.min.js Show response
mainnews.us/wp-content/plugins/elementor/assets/js/ 32 KB
11 KB 342ms
336ms Script
application/javascript 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: 5d80f13fd7524318f81eb1301170d4d0fbee242c12403c01f3a06c9f681192c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:34 GMT
content-encoding: gzip
last-modified: Sun, 13 Nov 2022 15:51:22 GMT
server: nginx
etag: W/"6371127a-80b3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 waypoints.min.js Show response
mainnews.us/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
3 KB 343ms
337ms Script
application/javascript 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:34 GMT
content-encoding: gzip
last-modified: Sun, 13 Nov 2022 15:51:22 GMT
server: nginx
etag: W/"6371127a-2fa6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 core.min.js Show response
mainnews.us/wp-includes/js/jquery/ui/ 21 KB
7 KB 347ms
341ms Script
application/javascript 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:34 GMT
content-encoding: gzip
last-modified: Wed, 02 Nov 2022 03:50:38 GMT
server: nginx
etag: W/"6361e90e-53c0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 frontend.min.js Show response
mainnews.us/wp-content/plugins/elementor/assets/js/ 40 KB
12 KB 350ms
345ms Script
application/javascript 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: 5ceb0c2088d29cecbe3ee571dc3cf6fec764bbb7c73f0e22c73007149a2ce68d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:34 GMT
content-encoding: gzip
last-modified: Sun, 13 Nov 2022 15:51:22 GMT
server: nginx
etag: W/"6371127a-9e41"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 underscore.min.js Show response
mainnews.us/wp-includes/js/ 18 KB
7 KB 353ms
348ms Script
application/javascript 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-includes/js/underscore.min.js?ver=1.13.4
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: 726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:34 GMT
content-encoding: gzip
last-modified: Wed, 02 Nov 2022 03:50:38 GMT
server: nginx
etag: W/"6361e90e-4991"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 wp-util.min.js Show response
mainnews.us/wp-includes/js/ 1 KB
926 B 354ms
349ms Script
application/javascript 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-includes/js/wp-util.min.js?ver=6.1
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: 3bc6467a95cec8fa516c6f5f69e1301e37e16f9bb1046fe7756729249f901b95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:34 GMT
content-encoding: gzip
last-modified: Wed, 02 Nov 2022 03:50:38 GMT
server: nginx
etag: W/"6361e90e-592"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 frontend.min.js Show response
mainnews.us/wp-content/plugins/wpforms/assets/js/integrations/elementor/ 754 B
544 B 355ms
350ms Script
application/javascript 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-content/plugins/wpforms/assets/js/integrations/elementor/frontend.min.js?ver=1.7.7.2
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: c30dab20b677f2b13f42a4a04385a3c6d380fa023a4a1c32f45f2996e152bfba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:34 GMT
content-encoding: gzip
last-modified: Sun, 16 Oct 2022 21:14:48 GMT
server: nginx
etag: W/"634c7448-2f2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 jquery.intl-tel-input.min.js Show response
mainnews.us/wp-content/plugins/wpforms/assets/pro/lib/intl-tel-input/ 29 KB
11 KB 359ms
354ms Script
application/javascript 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-content/plugins/wpforms/assets/pro/lib/intl-tel-input/jquery.intl-tel-input.min.js?ver=17.0.17
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: 2d925a37e23eb27529f5a78e149a75a3c6e13e29e2e9e13c3baee01816c260c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:34 GMT
content-encoding: gzip
last-modified: Sun, 16 Oct 2022 21:14:47 GMT
server: nginx
etag: W/"634c7447-750b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 jquery.validate.min.js Show response
mainnews.us/wp-content/plugins/wpforms/assets/lib/ 24 KB
8 KB 363ms
358ms Script
application/javascript 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-content/plugins/wpforms/assets/lib/jquery.validate.min.js?ver=1.19.5
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: 2f4cfbbc8e5ec834092f3e40158b5a1b1551fb0b8e5bb9894335bac7b49f913a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:34 GMT
content-encoding: gzip
last-modified: Sun, 16 Oct 2022 21:14:45 GMT
server: nginx
etag: W/"634c7445-601a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 jquery.inputmask.min.js Show response
mainnews.us/wp-content/plugins/wpforms/assets/lib/ 94 KB
28 KB 370ms
365ms Script
application/javascript 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-content/plugins/wpforms/assets/lib/jquery.inputmask.min.js?ver=5.0.7-beta.29
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: c35de839bf714c1ae5ff01f24453ba7293d36427f10f8c296a9046ba34eded39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:34 GMT
content-encoding: gzip
last-modified: Sun, 16 Oct 2022 21:14:44 GMT
server: nginx
etag: W/"634c7444-179df"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 mailcheck.min.js Show response
mainnews.us/wp-content/plugins/wpforms/assets/lib/ 4 KB
2 KB 376ms
371ms Script
application/javascript 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-content/plugins/wpforms/assets/lib/mailcheck.min.js?ver=1.1.2
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: 8a3820962c15d26c4cdc9eff4f8c66ed29f96e353b7893285cb14962d6a6956d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:34 GMT
content-encoding: gzip
last-modified: Sun, 16 Oct 2022 21:14:44 GMT
server: nginx
etag: W/"634c7444-fae"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 punycode.min.js Show response
mainnews.us/wp-content/plugins/wpforms/assets/lib/ 2 KB
1 KB 376ms
372ms Script
application/javascript 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-content/plugins/wpforms/assets/lib/punycode.min.js?ver=1.0.0
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: 69a15ba379260f131f7dfa2a5414cbdc48db661ac21d696773c7e67259255ca1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:34 GMT
content-encoding: gzip
last-modified: Sun, 16 Oct 2022 21:14:45 GMT
server: nginx
etag: W/"634c7445-6b1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 utils.min.js Show response
mainnews.us/wp-content/plugins/wpforms/assets/js/ 174 B
319 B 377ms
372ms Script
application/javascript 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-content/plugins/wpforms/assets/js/utils.min.js?ver=1.7.7.2
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: 499999d720ab71bdffc4e0115b8b05e1d5997f12e482426546a58a00edd77f74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:34 GMT
content-encoding: gzip
last-modified: Sun, 16 Oct 2022 21:14:45 GMT
server: nginx
etag: W/"634c7445-ae"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 wpforms.min.js Show response
mainnews.us/wp-content/plugins/wpforms/assets/js/ 32 KB
10 KB 380ms
376ms Script
application/javascript 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-content/plugins/wpforms/assets/js/wpforms.min.js?ver=1.7.7.2
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: ef158567919a5eb4c76c8c434a00ab26099be4c37f176ae62944d6d4b26292a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:34 GMT
content-encoding: gzip
last-modified: Sun, 16 Oct 2022 21:14:44 GMT
server: nginx
etag: W/"634c7444-7e09"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 wp-emoji-release.min.js Show response
mainnews.us/wp-includes/js/ 18 KB
5 KB 383ms
380ms Script
application/javascript 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-includes/js/wp-emoji-release.min.js?ver=6.1
Requested by: Host: mainnews.us
URL: https://mainnews.us/contact/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:34 GMT
content-encoding: gzip
last-modified: Sun, 16 Oct 2022 21:14:42 GMT
server: nginx
etag: W/"634c7442-48b9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 78ms
22ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-233292510-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 14 Nov 2022 23:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 280
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 15 Nov 2022 01:15:54 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 177 KB
65 KB 43ms
40ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8BM2NHQH5D&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-233292510-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

351b060630b82af10b1104fbb4cb8305ac19d31e7e5a883033f7b09f18520d32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 66648
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 14 Nov 2022 23:20:34 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 80ms
27ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%26subset%3Dlatin%2Ccyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext&display=swap&ver=8.2.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mainnews.us
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 05:09:29 GMT
x-content-type-options: nosniff
age: 324665
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Nov 2023 05:09:29 GMT

GET
H2 200 penciicon.ttf
mainnews.us/wp-content/themes/soledad/fonts/ 33 KB
33 KB 354ms
354ms Font
application/octet-stream 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-content/themes/soledad/fonts/penciicon.ttf
Requested by: Host: mainnews.us
URL: https://mainnews.us/wp-content/themes/soledad/css/penci-icon.css?ver=8.2.8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: 0c6ba4901cfb68b03ca9a97ce1d7cbb688d6802c60819dd7cea0522aca8a0576

Request headers

Referer: https://mainnews.us/wp-content/themes/soledad/css/penci-icon.css?ver=8.2.8
Origin: https://mainnews.us
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:34 GMT
last-modified: Fri, 28 Oct 2022 03:17:53 GMT
server: nginx
etag: "635b49e1-8370"
content-type: application/octet-stream
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 33648

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 81ms
28ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mainnews.us
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:14:53 GMT
x-content-type-options: nosniff
age: 295541
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Nov 2023 13:14:53 GMT

GET
H2 200 fontawesome-webfont.woff2
mainnews.us/wp-content/themes/soledad/fonts/ 75 KB
76 KB 357ms
357ms Font
application/font-woff2 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-content/themes/soledad/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: mainnews.us
URL: https://mainnews.us/wp-content/themes/soledad/css/font-awesome.4.7.0.swap.min.css?ver=4.7.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://mainnews.us/wp-content/themes/soledad/css/font-awesome.4.7.0.swap.min.css?ver=4.7.0
Origin: https://mainnews.us
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:34 GMT
last-modified: Fri, 28 Oct 2022 03:17:53 GMT
server: nginx
etag: "635b49e1-12d68"
content-type: application/font-woff2
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 77160

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 78ms
27ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 22:20:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3593
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 14 Nov 2022 23:20:41 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
344 B 85ms
30ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8BM2NHQH5D&gtm=2oeb90&_p=2122621651&gdid=dZGIzZG.dZTNiMT&cid=1636432863.1668468034&ul=en-us&sr=1600x1200&_s=1&sid=1668468034&sct=1&seg=0&dl=https%3A%2F%2Fmainnews.us%2Fcontact%2F&dt=Contact%20%7C%20U.S%20Main%20News&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8BM2NHQH5D&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 23:20:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mainnews.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ 355 KB
117 KB 97ms
54ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4975286303495203&plah=mainnews.us&bust=31070923

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4975286303495203

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c6269d98660443db9f9578af480b83a1c511c5a3a24602492fec3fd3dde2b62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119607
x-xss-protection: 0
server: cafe
etag: 15994130142540813998
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 14 Nov 2022 23:20:34 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame 8AC5 10 KB
5 KB 89ms
21ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4975286303495203

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mainnews.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 4974
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 21:57:40 GMT
etag: 10353107486223812946
expires: Mon, 28 Nov 2022 21:57:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 AGSKWxXsaDuwbijmvDjUIDDA0ozzI8lbzuJLtfwZMFDmS7FiZXFR6Oa7vh23xNINRXrxqGL49xtAkPvw6FZT0bMY7ds= Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 122ms
77ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXsaDuwbijmvDjUIDDA0ozzI8lbzuJLtfwZMFDmS7FiZXFR6Oa7vh23xNINRXrxqGL49xtAkPvw6FZT0bMY7ds=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjY4NDY4MDM0LDQ1MjAwMDAwMF0sIjEyMTFGQThGLTQ4OTEtNEU5Ny1BMkExLTg2MTc2RkM0MzM0MCIsbnVsbCxudWxsLFtudWxsLFs3XSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsdHJ1ZSx0cnVlXSwiaHR0cHM6Ly9tYWlubmV3cy51cy9jb250YWN0LyIsbnVsbCxbWzgsImNLWkhJbHUxclFFIl0sWzksImRlIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.cKZHIlu1rQE.es5.O/d=1/rs=AJlcJMyOmvqyUxfM1TqRv0beWqoocDHbGw/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b68417fef759c8bd12f27b97cb36d5c3314ad94a9307d3d640b884d25e9e7618

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vzpBX7LugEMBIvDYJHBDZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:34 GMT
content-security-policy: script-src 'report-sample' 'nonce-vzpBX7LugEMBIvDYJHBDZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b43e7516a3b6d3dad2f2aa6e74743ca94e8c7f327505d696c94e8ba79972985f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 67ms
24ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mainnews.us
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 20:10:25 GMT
x-content-type-options: nosniff
age: 443409
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Nov 2023 20:10:25 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 30ms
29ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=2122621651&t=pageview&_s=1&dl=https%3A%2F%2Fmainnews.us%2Fcontact%2F&ul=en-us&de=UTF-8&dt=Contact%20%7C%20U.S%20Main%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAUIhAAAAACAAI~&jid=1065013515&gjid=903073571&cid=1636432863.1668468034&tid=UA-233292510-1&_gid=1965668284.1668468034&_r=1&gtm=2oub90&did=dZGIzZG&gdid=dZGIzZG&z=1921181495

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mainnews.us/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 23:20:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mainnews.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
21ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&aip=1&a=2122621651&t=pageview&_s=1&dl=https%3A%2F%2Fmainnews.us%2Fcontact%2F&ul=en-us&de=UTF-8&dt=Contact%20%7C%20U.S%20Main%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACUIhBAAAACAAI~&jid=&gjid=&cid=1636432863.1668468034&tid=UA-233292510-1&_gid=1965668284.1668468034&gtm=2oub90&did=dZGIzZG%2CdZTNiMT&gdid=dZGIzZG.dZTNiMT&z=487372091

Requested by

Host: mainnews.us
URL: https://mainnews.us/contact/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 15:06:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 29655
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rum_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ 55 KB
21 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/rum_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4975286303495203&plah=mainnews.us&bust=31070923

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

945b3fb4d4f9036f7fcc9ff1d3f7c38c911ed4048446e49556a55dd957c982b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 11:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42681
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21300
x-xss-protection: 0
server: cafe
etag: 10372875706270616980
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Nov 2022 11:29:13 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
694 B 101ms
32ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=mainnews.us&callback=_gfp_s_&client=ca-pub-4975286303495203&gpid_exp=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

391544c91fc7d42342bf4c020dd280a2743964992bc8eb5f642dc160595ff78d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 250
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 86ms
32ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=mainnews.us

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 81ms
31ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mainnews.us

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C126 0
19 B 174ms
124ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4975286303495203&output=html&adk=1812271804&adf=3025194257&lmt=1668442755&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fmainnews.us%2Fcontact%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668468034397&bpp=4&bdt=798&idt=162&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1232439954974&rume=1&frm=20&pv=2&ga_vid=1636432863.1668468034&ga_sid=1668468035&ga_hid=2122621651&ga_fc=1&ga_cid=1965668284.1668468034&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070923%2C44770880%2C31061691%2C31061692&oid=2&pvsid=3623171978390649&tmod=820620704&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mainnews.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 23:20:34 GMT
expires: Mon, 14 Nov 2022 23:20:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0276 94 KB
33 KB 726ms
725ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4975286303495203&output=html&h=600&slotname=1674806724&adk=1142252154&adf=3325007952&pi=t.ma~as.1674806724&w=160&lmt=1668442755&format=160x600&url=https%3A%2F%2Fmainnews.us%2Fcontact%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668468034698&bpp=8&bdt=1099&idt=8&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1232439954974&rume=1&frm=20&pv=1&ga_vid=1636432863.1668468034&ga_sid=1668468035&ga_hid=2122621651&ga_fc=1&ga_cid=1965668284.1668468034&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070923%2C44770880%2C31061691%2C31061692&oid=2&pvsid=3623171978390649&tmod=820620704&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=J4gJPtP64Y&p=https%3A//mainnews.us&dtd=15

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d2d96062a0686d81df42977c967371c8e5f6cbad438bd385df245a5f52c2f4e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mainnews.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33410
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 23:20:35 GMT
expires: Mon, 14 Nov 2022 23:20:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B96F 97 KB
34 KB 697ms
696ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4975286303495203&output=html&h=600&slotname=1674806724&adk=1241852481&adf=2062364780&pi=t.ma~as.1674806724&w=160&lmt=1668442755&format=160x600&url=https%3A%2F%2Fmainnews.us%2Fcontact%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668468034716&bpp=1&bdt=1116&idt=1&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=1232439954974&rume=1&frm=20&pv=1&ga_vid=1636432863.1668468034&ga_sid=1668468035&ga_hid=2122621651&ga_fc=1&ga_cid=1965668284.1668468034&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070923%2C44770880%2C31061691%2C31061692&oid=2&pvsid=3623171978390649&tmod=820620704&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IT3SnAHwu6&p=https%3A//mainnews.us&dtd=4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03c389054a74d50cb6bdcca5f5419adb6d51f5f7364f9b80dfe37b036b686623

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mainnews.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 34336
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 23:20:35 GMT
expires: Mon, 14 Nov 2022 23:20:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 alt_sessions Show response
mainnews.us/wp-json/cleantalk-antispam/v1/ 16 B
439 B 387ms
387ms XHR
application/json 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://mainnews.us/wp-json/cleantalk-antispam/v1/alt_sessions

Requested by

Host: mainnews.us
URL: https://mainnews.us/wp-content/plugins/cleantalk-spam-protect/js/apbct-public-bundle.min.js?ver=5.188

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

207.246.97.180.vultrusercontent.com

Software

nginx /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mainnews.us/contact/
accept-language: de-DE,de;q=0.9
X-WP-Nonce: acda6df9ce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryBLvEKwUTEo5KwuVb

Response headers

date: Mon, 14 Nov 2022 23:20:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
cache-control: max-age=0
x-robots-tag: noindex
link: <https://mainnews.us/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
x-wp-nonce: acda6df9ce
expires: Mon, 14 Nov 2022 23:20:34 GMT

GET
H2 200 json Show response
geo.wpforms.com/v3/geolocate/ 467 B
710 B 355ms
116ms XHR
application/json 50.19.60.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.wpforms.com/v3/geolocate/json
Requested by: Host: mainnews.us
URL: https://mainnews.us/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.19.60.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-19-60-226.compute-1.amazonaws.com
Software: Pagely Gateway/1.5.1 /
Resource Hash: eac98e7da4ea2a477e741eb800f4321aae98b8f09051589a6e7aa74a08760ad6

Request headers

Accept: */*
Referer: https://mainnews.us/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:29 GMT
x-user-agent: standard--
x-cache-config: 0 0
server: Pagely Gateway/1.5.1
x-cache-status: BYPASS
x-ratelimit-remaining: 999
content-type: application/json
access-control-allow-origin: *
x-ratelimit-reset: 1668468089
x-ratelimit-limit: 1000
x-pagely-debug: mainblock
content-length: 467

GET
H2 200 intl-tel-input-flags.png
mainnews.us/wp-content/plugins/wpforms/assets/pro/images/vendor/ 69 KB
69 KB 175ms
174ms Image
image/png 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mainnews.us/wp-content/plugins/wpforms/assets/pro/images/vendor/intl-tel-input-flags.png
Requested by: Host: mainnews.us
URL: https://mainnews.us/wp-content/plugins/wpforms/assets/pro/css/fields/phone/intl-tel-input.min.css?ver=17.0.17
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: 0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/wp-content/plugins/wpforms/assets/pro/css/fields/phone/intl-tel-input.min.css?ver=17.0.17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:34 GMT
last-modified: Sun, 16 Oct 2022 21:14:47 GMT
server: nginx
etag: "634c7447-114c9"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 70857

GET
H2 200 text-editor.2c35aafbe5bf0e127950.bundle.min.js Show response
mainnews.us/wp-content/plugins/elementor/assets/js/ 1 KB
835 B 178ms
178ms Script
application/javascript 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
Requested by: Host: mainnews.us
URL: https://mainnews.us/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: 4a518bd1723da2b6011895ad68059361ebb4cb80de3eec9145eacee89ddd9745

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:34 GMT
content-encoding: gzip
last-modified: Sun, 13 Nov 2022 15:51:22 GMT
server: nginx
etag: W/"6371127a-54f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H/1.1 200
OK stacktrace.min.js Show response
www.droptrim.com/assets/js/ 30 KB
10 KB 115ms
115ms Script
application/javascript 54.235.194.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.droptrim.com/assets/js/stacktrace.min.js
Requested by: Host: www.droptrim.com
URL: https://www.droptrim.com/pixel/vhsgotusOnsOLVBQ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.235.194.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: droptrim.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 7014c257b8d425fafe16091833d0a2e07d8466ab341c6d1ddde3c342fe208951

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 23:20:34 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Jan 2021 07:28:46 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "79c2-5b927ac1d0780-gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS,PUT,DELETE,PATCH
Content-Type: application/javascript
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 9530

POST
H/1.1 200
OK vhsgotusOnsOLVBQ Show response
www.droptrim.com/pixel-track/ 0
977 B 175ms
175ms XHR
text/html 54.235.194.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.droptrim.com/pixel-track/vhsgotusOnsOLVBQ
Requested by: Host: www.droptrim.com
URL: https://www.droptrim.com/pixel/vhsgotusOnsOLVBQ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.235.194.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: droptrim.com
Software: nginx/1.18.0 (Ubuntu) / PHP/7.2.34
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mainnews.us/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Mon, 14 Nov 2022 23:20:35 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: PHP/7.2.34
Access-Control-Allow-Methods: GET,HEAD,OPTIONS,POST,PUT, GET,POST,OPTIONS,PUT,DELETE,PATCH
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true, true
Connection: keep-alive
Access-Control-Allow-Headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, token, Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 0
Expires: Thu, 19 Nov 1981 08:52:00 GMT

OPTIONS
H/1.1 200
OK vhsgotusOnsOLVBQ
www.droptrim.com/pixel-track/ Frame 0
0 365ms
134ms Preflight
text/html 54.235.194.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.droptrim.com/pixel-track/vhsgotusOnsOLVBQ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.235.194.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: droptrim.com
Software: nginx/1.18.0 (Ubuntu) / PHP/7.2.34
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://mainnews.us
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true true
Access-Control-Allow-Headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, token Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Allow-Methods: GET,HEAD,OPTIONS,POST,PUT GET,POST,OPTIONS,PUT,DELETE,PATCH
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Mon, 14 Nov 2022 23:20:35 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: PHP/7.2.34

OPTIONS
H/1.1 200
OK vhsgotusOnsOLVBQ
www.droptrim.com/pixel-track/ Frame 0
0 136ms
136ms Preflight
text/html 54.235.194.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.droptrim.com/pixel-track/vhsgotusOnsOLVBQ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.235.194.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: droptrim.com
Software: nginx/1.18.0 (Ubuntu) / PHP/7.2.34
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://mainnews.us
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true true
Access-Control-Allow-Headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, token Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Allow-Methods: GET,HEAD,OPTIONS,POST,PUT GET,POST,OPTIONS,PUT,DELETE,PATCH
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Mon, 14 Nov 2022 23:20:35 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: PHP/7.2.34

OPTIONS
H/1.1 200
OK vhsgotusOnsOLVBQ
www.droptrim.com/pixel-track/ Frame 0
0 270ms
134ms Preflight
text/html 54.235.194.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.droptrim.com/pixel-track/vhsgotusOnsOLVBQ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.235.194.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: droptrim.com
Software: nginx/1.18.0 (Ubuntu) / PHP/7.2.34
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://mainnews.us
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true true
Access-Control-Allow-Headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, token Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Allow-Methods: GET,HEAD,OPTIONS,POST,PUT GET,POST,OPTIONS,PUT,DELETE,PATCH
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Mon, 14 Nov 2022 23:20:35 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: PHP/7.2.34

POST
H/1.1 200
OK vhsgotusOnsOLVBQ Show response
www.droptrim.com/pixel-track/ 0
977 B 243ms
151ms XHR
text/html 54.235.194.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.droptrim.com/pixel-track/vhsgotusOnsOLVBQ
Requested by: Host: www.droptrim.com
URL: https://www.droptrim.com/pixel/vhsgotusOnsOLVBQ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.235.194.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: droptrim.com
Software: nginx/1.18.0 (Ubuntu) / PHP/7.2.34
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mainnews.us/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Mon, 14 Nov 2022 23:20:35 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: PHP/7.2.34
Access-Control-Allow-Methods: GET,HEAD,OPTIONS,POST,PUT, GET,POST,OPTIONS,PUT,DELETE,PATCH
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true, true
Connection: keep-alive
Access-Control-Allow-Headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, token, Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 0
Expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H/1.1 200
OK vhsgotusOnsOLVBQ Show response
www.droptrim.com/pixel-track/ 0
977 B 151ms
151ms XHR
text/html 54.235.194.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.droptrim.com/pixel-track/vhsgotusOnsOLVBQ
Requested by: Host: www.droptrim.com
URL: https://www.droptrim.com/pixel/vhsgotusOnsOLVBQ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.235.194.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: droptrim.com
Software: nginx/1.18.0 (Ubuntu) / PHP/7.2.34
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mainnews.us/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Mon, 14 Nov 2022 23:20:35 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: PHP/7.2.34
Access-Control-Allow-Methods: GET,HEAD,OPTIONS,POST,PUT, GET,POST,OPTIONS,PUT,DELETE,PATCH
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true, true
Connection: keep-alive
Access-Control-Allow-Headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, token, Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 0
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 92d0eacbdd534f81de4b06016912d49f.js Show response
www.gstatic.com/mysidia/ Frame B96F 9 KB
5 KB 76ms
20ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/92d0eacbdd534f81de4b06016912d49f.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4975286303495203&output=html&h=600&slotname=1674806724&adk=1241852481&adf=2062364780&pi=t.ma~as.1674806724&w=160&lmt=1668442755&format=160x600&url=https%3A%2F%2Fmainnews.us%2Fcontact%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668468034716&bpp=1&bdt=1116&idt=1&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=1232439954974&rume=1&frm=20&pv=1&ga_vid=1636432863.1668468034&ga_sid=1668468035&ga_hid=2122621651&ga_fc=1&ga_cid=1965668284.1668468034&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070923%2C44770880%2C31061691%2C31061692&oid=2&pvsid=3623171978390649&tmod=820620704&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IT3SnAHwu6&p=https%3A//mainnews.us&dtd=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdd929f4e7f24ceca1f21a2548a5b7ed985acf6a294ae92beab97c07558de1fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:03:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 415023
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4142
x-xss-protection: 0
last-modified: Thu, 10 Nov 2022 02:40:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 08 Feb 2023 04:03:32 GMT

GET
H2 200 cc1b8d1e1903d75e43ed2b2152915588.js Show response
www.gstatic.com/mysidia/ Frame B96F 18 KB
8 KB 77ms
22ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cc1b8d1e1903d75e43ed2b2152915588.js?tag=pingback

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfde0dff7c17f03aab9949cb2d2e922610484ab4f4be0a3cb3f39ee2d0c9203e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 08:18:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 313303
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
last-modified: Sat, 05 Nov 2022 00:06:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 09 Feb 2023 08:18:52 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B96F 6 KB
672 B 75ms
31ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Nov 2022 23:20:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 23:07:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Nov 2022 23:20:35 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame B96F 2 KB
765 B 70ms
21ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 14:50:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30580
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Nov 2022 14:50:55 GMT

GET
H2 200 2c96be29c806e6a30d72c34b34031cd2.js Show response
www.gstatic.com/mysidia/ Frame B96F 5 KB
2 KB 80ms
25ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2c96be29c806e6a30d72c34b34031cd2.js?tag=analytics_pingback_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

909e4f36928b8676e7947d125e90b8c2baee1afc6c0dead2ddc05a665811470a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 03:02:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 245865
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2003
x-xss-protection: 0
last-modified: Fri, 11 Nov 2022 03:42:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 10 Feb 2023 03:02:50 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame B96F 23 KB
10 KB 78ms
23ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 21:11:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7728
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Nov 2022 21:11:47 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame B96F 3 KB
1 KB 68ms
21ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 21:46:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5648
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Nov 2022 21:46:27 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame B96F 18 KB
7 KB 78ms
24ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 15:54:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26746
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Nov 2022 15:54:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B96F 154 KB
48 KB 90ms
37ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 14 Nov 2022 23:20:35 GMT

GET
H3 200 f7733d2b54a65c984752ab0a98c7def9.js Show response
www.gstatic.com/mysidia/ Frame B96F 34 KB
14 KB 66ms
21ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:22:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 511056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14118
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 08:03:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 07 Feb 2023 01:22:59 GMT

GET
H2 200 92d0eacbdd534f81de4b06016912d49f.js Show response
www.gstatic.com/mysidia/ Frame 0276 9 KB
4 KB 73ms
28ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/92d0eacbdd534f81de4b06016912d49f.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4975286303495203&output=html&h=600&slotname=1674806724&adk=1142252154&adf=3325007952&pi=t.ma~as.1674806724&w=160&lmt=1668442755&format=160x600&url=https%3A%2F%2Fmainnews.us%2Fcontact%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668468034698&bpp=8&bdt=1099&idt=8&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1232439954974&rume=1&frm=20&pv=1&ga_vid=1636432863.1668468034&ga_sid=1668468035&ga_hid=2122621651&ga_fc=1&ga_cid=1965668284.1668468034&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070923%2C44770880%2C31061691%2C31061692&oid=2&pvsid=3623171978390649&tmod=820620704&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=J4gJPtP64Y&p=https%3A//mainnews.us&dtd=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdd929f4e7f24ceca1f21a2548a5b7ed985acf6a294ae92beab97c07558de1fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:03:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 415023
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4142
x-xss-protection: 0
last-modified: Thu, 10 Nov 2022 02:40:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 08 Feb 2023 04:03:32 GMT

GET
H2 200 71e59f4e7c1ff3257428cb688bf08820.js Show response
www.gstatic.com/mysidia/ Frame 0276 10 KB
4 KB 89ms
45ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/71e59f4e7c1ff3257428cb688bf08820.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4975286303495203&output=html&h=600&slotname=1674806724&adk=1142252154&adf=3325007952&pi=t.ma~as.1674806724&w=160&lmt=1668442755&format=160x600&url=https%3A%2F%2Fmainnews.us%2Fcontact%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668468034698&bpp=8&bdt=1099&idt=8&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1232439954974&rume=1&frm=20&pv=1&ga_vid=1636432863.1668468034&ga_sid=1668468035&ga_hid=2122621651&ga_fc=1&ga_cid=1965668284.1668468034&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070923%2C44770880%2C31061691%2C31061692&oid=2&pvsid=3623171978390649&tmod=820620704&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=J4gJPtP64Y&p=https%3A//mainnews.us&dtd=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ea25a82fc8550aa425b9bfce9d621f22a15ca6a381c515ce6c7404d17edbc50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 08:18:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 313312
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4402
x-xss-protection: 0
last-modified: Sat, 05 Nov 2022 00:06:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 09 Feb 2023 08:18:43 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 0276 8 KB
895 B 66ms
34ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4975286303495203&output=html&h=600&slotname=1674806724&adk=1142252154&adf=3325007952&pi=t.ma~as.1674806724&w=160&lmt=1668442755&format=160x600&url=https%3A%2F%2Fmainnews.us%2Fcontact%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668468034698&bpp=8&bdt=1099&idt=8&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1232439954974&rume=1&frm=20&pv=1&ga_vid=1636432863.1668468034&ga_sid=1668468035&ga_hid=2122621651&ga_fc=1&ga_cid=1965668284.1668468034&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070923%2C44770880%2C31061691%2C31061692&oid=2&pvsid=3623171978390649&tmod=820620704&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=J4gJPtP64Y&p=https%3A//mainnews.us&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Nov 2022 23:20:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 22:21:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Nov 2022 23:20:35 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 0276 2 KB
765 B 50ms
28ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4975286303495203&output=html&h=600&slotname=1674806724&adk=1142252154&adf=3325007952&pi=t.ma~as.1674806724&w=160&lmt=1668442755&format=160x600&url=https%3A%2F%2Fmainnews.us%2Fcontact%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668468034698&bpp=8&bdt=1099&idt=8&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1232439954974&rume=1&frm=20&pv=1&ga_vid=1636432863.1668468034&ga_sid=1668468035&ga_hid=2122621651&ga_fc=1&ga_cid=1965668284.1668468034&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070923%2C44770880%2C31061691%2C31061692&oid=2&pvsid=3623171978390649&tmod=820620704&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=J4gJPtP64Y&p=https%3A//mainnews.us&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 14:50:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30580
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Nov 2022 14:50:55 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 0276 23 KB
9 KB 71ms
28ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4975286303495203&output=html&h=600&slotname=1674806724&adk=1142252154&adf=3325007952&pi=t.ma~as.1674806724&w=160&lmt=1668442755&format=160x600&url=https%3A%2F%2Fmainnews.us%2Fcontact%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668468034698&bpp=8&bdt=1099&idt=8&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1232439954974&rume=1&frm=20&pv=1&ga_vid=1636432863.1668468034&ga_sid=1668468035&ga_hid=2122621651&ga_fc=1&ga_cid=1965668284.1668468034&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070923%2C44770880%2C31061691%2C31061692&oid=2&pvsid=3623171978390649&tmod=820620704&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=J4gJPtP64Y&p=https%3A//mainnews.us&dtd=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 21:11:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7728
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Nov 2022 21:11:47 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 0276 3 KB
1 KB 52ms
29ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4975286303495203&output=html&h=600&slotname=1674806724&adk=1142252154&adf=3325007952&pi=t.ma~as.1674806724&w=160&lmt=1668442755&format=160x600&url=https%3A%2F%2Fmainnews.us%2Fcontact%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668468034698&bpp=8&bdt=1099&idt=8&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1232439954974&rume=1&frm=20&pv=1&ga_vid=1636432863.1668468034&ga_sid=1668468035&ga_hid=2122621651&ga_fc=1&ga_cid=1965668284.1668468034&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070923%2C44770880%2C31061691%2C31061692&oid=2&pvsid=3623171978390649&tmod=820620704&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=J4gJPtP64Y&p=https%3A//mainnews.us&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 21:46:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5648
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Nov 2022 21:46:27 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 0276 18 KB
7 KB 89ms
46ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4975286303495203&output=html&h=600&slotname=1674806724&adk=1142252154&adf=3325007952&pi=t.ma~as.1674806724&w=160&lmt=1668442755&format=160x600&url=https%3A%2F%2Fmainnews.us%2Fcontact%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668468034698&bpp=8&bdt=1099&idt=8&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1232439954974&rume=1&frm=20&pv=1&ga_vid=1636432863.1668468034&ga_sid=1668468035&ga_hid=2122621651&ga_fc=1&ga_cid=1965668284.1668468034&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070923%2C44770880%2C31061691%2C31061692&oid=2&pvsid=3623171978390649&tmod=820620704&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=J4gJPtP64Y&p=https%3A//mainnews.us&dtd=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 15:54:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26746
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Nov 2022 15:54:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0276 154 KB
47 KB 111ms
70ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4975286303495203&output=html&h=600&slotname=1674806724&adk=1142252154&adf=3325007952&pi=t.ma~as.1674806724&w=160&lmt=1668442755&format=160x600&url=https%3A%2F%2Fmainnews.us%2Fcontact%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668468034698&bpp=8&bdt=1099&idt=8&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1232439954974&rume=1&frm=20&pv=1&ga_vid=1636432863.1668468034&ga_sid=1668468035&ga_hid=2122621651&ga_fc=1&ga_cid=1965668284.1668468034&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070923%2C44770880%2C31061691%2C31061692&oid=2&pvsid=3623171978390649&tmod=820620704&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=J4gJPtP64Y&p=https%3A//mainnews.us&dtd=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 14 Nov 2022 23:20:35 GMT

GET
H3 200 f7733d2b54a65c984752ab0a98c7def9.js Show response
www.gstatic.com/mysidia/ Frame 0276 34 KB
14 KB 44ms
25ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4975286303495203&output=html&h=600&slotname=1674806724&adk=1142252154&adf=3325007952&pi=t.ma~as.1674806724&w=160&lmt=1668442755&format=160x600&url=https%3A%2F%2Fmainnews.us%2Fcontact%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668468034698&bpp=8&bdt=1099&idt=8&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1232439954974&rume=1&frm=20&pv=1&ga_vid=1636432863.1668468034&ga_sid=1668468035&ga_hid=2122621651&ga_fc=1&ga_cid=1965668284.1668468034&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070923%2C44770880%2C31061691%2C31061692&oid=2&pvsid=3623171978390649&tmod=820620704&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=J4gJPtP64Y&p=https%3A//mainnews.us&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:22:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 511056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14118
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 08:03:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 07 Feb 2023 01:22:59 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B96F 0
0 69ms
66ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CMebfQs1yY9TkLZKLjuwPvva76Av0xdG7Z8vq1_n5CNrZHhABIMPzipIBYJUCoAG89YXgA8gBCagDAcgDywSqBNcBT9CdfzoT16bhzuVEoCqmH-xyl-JtqfcBf05PObVnmxLsZi-pupkn_hwMBR3b8PR-fHg5-U8xrYhc8inojpDjGiwDkhFbnlSAm2wyuKFisLIBW3N9x9TQ7XiXO0YjtAiT8dI3J1U36izkj6-uYchJeYLbAXQPi5rDSs9KUI5cXNdwuDWvuhYKnlrQGPN53WNMvQNRT0cokEgoULngj8dpU4foNia0IwGpTwThaaiEnfwhbKkOUjYOqiz6mWu_glvBTo_qCblbpI0Ox4qwx_t02eg4-BSxwVjABLzQ4fOFApIFBAgEGAGSBQQIBRgEoAYugAesivofqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ2sAB0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMNiBQG0BUBmBYBgBcBshccChoIABIUcHViLTQ5NzUyODYzMDM0OTUyMDMYAA&sigh=IjfZXeJq18k&uach_m=[UACH]&cid=CAQSGwDq26N95Pq9w4FpfJ-l0C9dfzOe5tQY2V8EoxgBIBM&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4975286303495203&output=html&h=600&slotname=1674806724&adk=1241852481&adf=2062364780&pi=t.ma~as.1674806724&w=160&lmt=1668442755&format=160x600&url=https%3A%2F%2Fmainnews.us%2Fcontact%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668468034716&bpp=1&bdt=1116&idt=1&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=1232439954974&rume=1&frm=20&pv=1&ga_vid=1636432863.1668468034&ga_sid=1668468035&ga_hid=2122621651&ga_fc=1&ga_cid=1965668284.1668468034&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070923%2C44770880%2C31061691%2C31061692&oid=2&pvsid=3623171978390649&tmod=820620704&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IT3SnAHwu6&p=https%3A//mainnews.us&dtd=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 14 Nov 2022 23:20:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 14 Nov 2022 23:20:35 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0276 0
0 67ms
67ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C-uSGQs1yY-2aLYyv3gOjoZ_4CMnbh4BtvoSd6YYM2cz93wUQASDD84qSAWCVAqAB-9iHlQPIAQGpAmbfyUQNe6g-qAMByAPDBKoE1QFP0JpZpIVLAgh67KWzRBnvv7IxFYdulANTI5cLlngQu5yAKa50Xar2MDtIQzMcynwih8h7f31HTIlH8dnbr0cfn5XB9sTUyUmdRHGo04morSHl9QTUPYkfpKZQN9XIHXihe5BJ0lpLUb8UZA5wQe2X2ZYHPSgFFK6OxV-JTBG4Gd0pfbxJeXUW-a-NlO9uqazVjl8dClVefEg7EyubpWtoPwazGdRsSIpRFUHXCkEKnGaYRlZCIxGVDdkoTj9TkCC_BlgkEU9qx8gHlH_9AkiqQly4lqLABPW17PSSA5IFBAgEGAGSBQQIBRgEoAZRgAftpvhqqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwMQ6UHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDYgUA9AVAZgWAYAXAbIXHAoaCAASFHB1Yi00OTc1Mjg2MzAzNDk1MjAzGAA&sigh=nzeM4YbFTJI&uach_m=[UACH]&cid=CAQSGwDq26N9Q7ZCCu48Q6L7wh5o440ocLquibmkVhgBIBM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4975286303495203&output=html&h=600&slotname=1674806724&adk=1142252154&adf=3325007952&pi=t.ma~as.1674806724&w=160&lmt=1668442755&format=160x600&url=https%3A%2F%2Fmainnews.us%2Fcontact%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668468034698&bpp=8&bdt=1099&idt=8&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1232439954974&rume=1&frm=20&pv=1&ga_vid=1636432863.1668468034&ga_sid=1668468035&ga_hid=2122621651&ga_fc=1&ga_cid=1965668284.1668468034&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070923%2C44770880%2C31061691%2C31061692&oid=2&pvsid=3623171978390649&tmod=820620704&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=J4gJPtP64Y&p=https%3A//mainnews.us&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4975286303495203&output=html&h=600&slotname=1674806724&adk=1142252154&adf=3325007952&pi=t.ma~as.1674806724&w=160&lmt=1668442755&format=160x600&url=https%3A%2F%2Fmainnews.us%2Fcontact%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668468034698&bpp=8&bdt=1099&idt=8&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1232439954974&rume=1&frm=20&pv=1&ga_vid=1636432863.1668468034&ga_sid=1668468035&ga_hid=2122621651&ga_fc=1&ga_cid=1965668284.1668468034&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070923%2C44770880%2C31061691%2C31061692&oid=2&pvsid=3623171978390649&tmod=820620704&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=J4gJPtP64Y&p=https%3A//mainnews.us&dtd=15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 14 Nov 2022 23:20:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 14 Nov 2022 23:20:35 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DDB1 143 B
166 B 22ms
21ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4975286303495203&output=html&h=600&slotname=1674806724&adk=1142252154&adf=3325007952&pi=t.ma~as.1674806724&w=160&lmt=1668442755&format=160x600&url=https%3A%2F%2Fmainnews.us%2Fcontact%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668468034698&bpp=8&bdt=1099&idt=8&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1232439954974&rume=1&frm=20&pv=1&ga_vid=1636432863.1668468034&ga_sid=1668468035&ga_hid=2122621651&ga_fc=1&ga_cid=1965668284.1668468034&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070923%2C44770880%2C31061691%2C31061692&oid=2&pvsid=3623171978390649&tmod=820620704&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=J4gJPtP64Y&p=https%3A//mainnews.us&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4975286303495203&output=html&h=600&slotname=1674806724&adk=1142252154&adf=3325007952&pi=t.ma~as.1674806724&w=160&lmt=1668442755&format=160x600&url=https%3A%2F%2Fmainnews.us%2Fcontact%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668468034698&bpp=8&bdt=1099&idt=8&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1232439954974&rume=1&frm=20&pv=1&ga_vid=1636432863.1668468034&ga_sid=1668468035&ga_hid=2122621651&ga_fc=1&ga_cid=1965668284.1668468034&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070923%2C44770880%2C31061691%2C31061692&oid=2&pvsid=3623171978390649&tmod=820620704&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=J4gJPtP64Y&p=https%3A//mainnews.us&dtd=15
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1488
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 22:55:47 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B96F 0
20 B 56ms
56ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoQCAEqDHRvd2VyQVRocm9uZQoKCAIqBnNlcnZlcgosCAQqKG15c2lkaWFfYW5hbHl0aWNzLG15c2lkaWFfcmVsZWFzZV9jYW5hcnkKDRArIQAAAAAAACJAMAQKDRADIQAAgJmZHYxAMAQKDRANIQAAAAAAAAAAMAQKCRAeKgMweDAwBAoJEBkqAzB4MDAECg0QKyEAAAAAAAAoQDAECg0QECEAAAAAgOngQDAECg0QESEAAAAAgBPRQDAECg0QEiEAAAAAAAAYQDAECg0QEyEAAAAAAAAQQDAECg0QFyEAAIDMzCiPQDAEEhpDTlNObi1UbnJ2c0NGWktGZ3djZFB2c092USIcc2NyZWFtL3Rocm9uZV9pbWFnZV9sb2dvX29jaCgR

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/cc1b8d1e1903d75e43ed2b2152915588.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 23:20:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DDB1
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

38ms
38ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4975286303495203&output=html&h=600&slotname=1674806724&adk=1142252154&adf=3325007952&pi=t.ma~as.1674806724&w=160&lmt=1668442755&format=160x600&url=https%3A%2F%2Fmainnews.us%2Fcontact%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668468034698&bpp=8&bdt=1099&idt=8&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1232439954974&rume=1&frm=20&pv=1&ga_vid=1636432863.1668468034&ga_sid=1668468035&ga_hid=2122621651&ga_fc=1&ga_cid=1965668284.1668468034&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070923%2C44770880%2C31061691%2C31061692&oid=2&pvsid=3623171978390649&tmod=820620704&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=J4gJPtP64Y&p=https%3A//mainnews.us&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 23:20:35 GMT
expires: Mon, 14 Nov 2022 23:20:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 23:20:35 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 38ms
37ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=1.2635713775993394

Requested by

Host: mainnews.us
URL: https://mainnews.us/contact/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-HBAQ7OyzHbMtwgnLQFg0wQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:35 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-HBAQ7OyzHbMtwgnLQFg0wQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 73ms
72ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=7.165528780391548

Requested by

Host: mainnews.us
URL: https://mainnews.us/contact/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-FFmsPd7tDQgV-6P1iqRRYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:35 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-FFmsPd7tDQgV-6P1iqRRYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js Show response
pagead2.googlesyndication.com/bg/ Frame 0941 36 KB
16 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 20:56:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15969
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Nov 2023 20:56:07 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame B96F 62 KB
23 KB 86ms
21ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e5a26e546724b7e80d5f586ea747aa43861f804ead9b6a5d3a2d42601c52275

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:01:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1146
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23357
x-xss-protection: 0
server: cafe
etag: 901223051904315509
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 15 Nov 2022 00:01:29 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B96F 0
20 B 58ms
57ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoQCAEqDHRvd2VyQVRocm9uZQoKCAIqBnNlcnZlcgosCAQqKG15c2lkaWFfYW5hbHl0aWNzLG15c2lkaWFfcmVsZWFzZV9jYW5hcnkKDRAUIQAAAAAAztRAMAQKDRAVIQAAAAAAACZAMAQKDRAWIQAAAAAAABRAMAQKDRAYIQAAAAAA7I9AMAQKDRAyIQAAAACYmdk_MAQKDRAzIQAAAACYmdk_MAQKDRA0IQAAAACYmdk_MAQKDRA1IQAAAACYmdk_MAQKDRA2IQAAAACYmdk_MAQKDRA3IQAAAACYmdk_MAQKDRA4IQAAAAAAAPg_MAQKDRA5IQAAAGZmzoVAMAQKDRA6IQAAAAAAMIZAMAQKDRA7IQAAAAAAJI9AMAQKDRA8IQAAAAAAJI9AMAQKDRA9IQAAgJmZKY9AMAQKDRA-IQAAAAAAsI9AMAQKDRA_IQAAAAAAsI9AMAQKDRBAIQAAwMzMBpBAMAQSGkNOU05uLVRucnZzQ0ZaS0Znd2NkUHZzT3ZRIhxzY3JlYW0vdGhyb25lX2ltYWdlX2xvZ29fb2NoKBE=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/cc1b8d1e1903d75e43ed2b2152915588.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 23:20:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxW9J1hWfn0BQ6UqPGWLrObAenV-z1bT7qDqcHfpl53UV1B0yCuKI4LuL-VH3C2gIY7aNO8UkPYNNxGO6eU5j7QGPxM7-yDpnlYlyXoCRwyLnEfshQSqHsQA4UOFPm0DY4nDTAr0pg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 89ms
39ms XHR
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW9J1hWfn0BQ6UqPGWLrObAenV-z1bT7qDqcHfpl53UV1B0yCuKI4LuL-VH3C2gIY7aNO8UkPYNNxGO6eU5j7QGPxM7-yDpnlYlyXoCRwyLnEfshQSqHsQA4UOFPm0DY4nDTAr0pg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-OHYywU3QUpwSaOgeEW7pTw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mainnews.us/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Nov 2022 23:20:35 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-OHYywU3QUpwSaOgeEW7pTw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://mainnews.us
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 82ms
36ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8de2f34d57738bfa35ec30d4f8e5326ffe32fda1e7f8c93124500f8ba055a327

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11028
x-xss-protection: 0

GET
H2 200 jquery.intl-tel-input-utils.min.js Show response
mainnews.us/wp-content/plugins/wpforms/assets/pro/lib/intl-tel-input/ 247 KB
57 KB 179ms
179ms Script
application/javascript 207.246.97.180
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnews.us/wp-content/plugins/wpforms/assets/pro/lib/intl-tel-input/jquery.intl-tel-input-utils.min.js
Requested by: Host: mainnews.us
URL: https://mainnews.us/wp-content/plugins/wpforms/assets/pro/lib/intl-tel-input/jquery.intl-tel-input.min.js?ver=17.0.17
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.246.97.180 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.246.97.180.vultrusercontent.com
Software: nginx /
Resource Hash: 50b27114d7c2c7a0165f3b68f18e6ecd85f976abda56e84d7e462a7d2ae4978d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/contact/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:35 GMT
content-encoding: gzip
last-modified: Sun, 16 Oct 2022 21:14:47 GMT
server: nginx
etag: W/"634c7447-3dc8a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H3 200 Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js Show response
pagead2.googlesyndication.com/bg/ Frame 2283 36 KB
16 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4975286303495203&output=html&h=600&slotname=1674806724&adk=1142252154&adf=3325007952&pi=t.ma~as.1674806724&w=160&lmt=1668442755&format=160x600&url=https%3A%2F%2Fmainnews.us%2Fcontact%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668468034698&bpp=8&bdt=1099&idt=8&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1232439954974&rume=1&frm=20&pv=1&ga_vid=1636432863.1668468034&ga_sid=1668468035&ga_hid=2122621651&ga_fc=1&ga_cid=1965668284.1668468034&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070923%2C44770880%2C31061691%2C31061692&oid=2&pvsid=3623171978390649&tmod=820620704&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=J4gJPtP64Y&p=https%3A//mainnews.us&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 20:56:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15969
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Nov 2023 20:56:07 GMT

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 0276 62 KB
23 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4975286303495203&output=html&h=600&slotname=1674806724&adk=1142252154&adf=3325007952&pi=t.ma~as.1674806724&w=160&lmt=1668442755&format=160x600&url=https%3A%2F%2Fmainnews.us%2Fcontact%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668468034698&bpp=8&bdt=1099&idt=8&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1232439954974&rume=1&frm=20&pv=1&ga_vid=1636432863.1668468034&ga_sid=1668468035&ga_hid=2122621651&ga_fc=1&ga_cid=1965668284.1668468034&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070923%2C44770880%2C31061691%2C31061692&oid=2&pvsid=3623171978390649&tmod=820620704&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=J4gJPtP64Y&p=https%3A//mainnews.us&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e5a26e546724b7e80d5f586ea747aa43861f804ead9b6a5d3a2d42601c52275

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:01:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1146
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23357
x-xss-protection: 0
server: cafe
etag: 901223051904315509
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 15 Nov 2022 00:01:29 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame B96F 0
54 B 1144ms
393ms Ping
image/gif 2404:6800:4007:82c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lahesfuf&chm=1&ctx=2&gqid=Qs1yY7b2LJqF9u8PruiEkAo&qqid=CNSNn-TnrvsCFZKFgwcdPvsOvQ&met.4=fb.mt~lb.p9~ol.si~bdt.-v5~bpp.-4~idt.-4~dtd.-1~dt.-5&met.3=733.q0~742.q0_1~748.qp~739.rp~555.ru~556.ru_2~738.se~749.se_4~735.sm_1~113.wn_6~112.wm_8&met.1=1.lahesext~6.0~7.0~8.0~9.0~10.0~12.2~13.je~14.jq~15.m1~16.rp~17.rp~18.rp~19.s6~20.s6~21.si&met.7=CAUQCBgBMMYFOIIIaAJwugV4zI4CgAGgjAKIAcuHBrABAbgBAw~CBsQBxgBIKQGKKQGMPIGOE4~CBsQChgBIKUGKKUGMPUGOFA~CBIQBxgBIKUGKKUGMPYGOFJQpgZY0AZgpgZo0QZw8AZ4sAeAAYQFiAGWL6oBFAoSUm9ib3RvOjMwMCw0MDAsNzAwsAEBuAED~CBsQChgBIKUGKKUGMPgGOFM~CBwQChgBIKUGKKUGMMkHOKQBaK4HcMMHeI4IgAHiBYgBkQywAQG4AQM~CAkQChgBIKUGKKUGMPQGOE9ApgZIpwZQpwZY2wZgugZo3AZw8wZ4gEyAAdRJiAH6ugGwAQG4AQM~CB4QChgBIKUGKKUGMMQHOJ4BUP4GWK0HYP4GaK0HcMIHeIAMgAHUCYgBgRWwAQG4AQM~CBwQChgBIKUGKKUGMPgGOFJo3AZw9AZ4zjyAAaI6iAH4jAGwAQG4AQM~CCoQChgBIKYGKKYGMKAHOHs~CBsQChgBIKYGKKYGMM4HOKgB~CCEQBBgBIIYHKIYHMM8HOElojAdwzgd4rAKwAQG4AQM~CBwQARgBIPAHKPAHMKkIODlo8AdwqAh4rAKwAQG4AQM~CCgQChgBIIUIKIUIMPUIOG9AighImAhQmAhYywhgrQhozAhw4Ah46bgBgAG9tgGIAefuA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4007:82c::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 23:20:36 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 307ms
306ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 14 Nov 2022 23:20:36 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 0276 0
327 B 1063ms
393ms Ping
image/gif 2404:6800:4007:82c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lahesfx0&chm=1&ctx=2&gqid=Qs1yY9OzLLWE9u8Px8KPkAY&qqid=CO3DnuTnrvsCFYyXdwodo9AHjw&met.4=fb.n0~lb.py~ol.wj~bdt.-uz~bpp.-8~idt.-8~dtd.-1~dt.-g&met.3=733.rh~742.rh~748.rt~555.s8~739.s8~556.s9~738.wf~749.wg_4~735.x4_1~113.ze_1~112.ze_1&met.1=1.lahesexm~6.1~7.1~8.1~9.1~10.1~12.3~13.k8~14.kk~15.mm~16.s9~17.s9~18.sa~19.w5~20.w5~21.wk&met.7=CAUQCBgBKAEw4wU4kwloA3DYBXiuhwKAAYKFAogB-PEFsAEBuAED~CBsQBxgBILYGKLYGMI8HOFk~CBsQBxgBILYGKLYGMJAHOFo~CBIQBxgBILcGKLcGMP4GOEdo1wZw-QZ4jwmAAeMGiAHzQqoBFQoTR29vZ2xlIFNhbnM6NDAwLDUwMLABAbgBAw~CAkQChgBILcGKLcGMJEHOFpo4wZw_gZ4gEyAAdRJiAH6ugGwAQG4AQM~CBwQChgBILcGKLcGMNMHOJwBaLQHcNAHeI4IgAHiBYgBkQywAQG4AQM~CB4QChgBILcGKLcGMNQHOJwBaLQHcNIHeIAMgAHUCYgBgRWwAQG4AQM~CBwQChgBILcGKLcGMJIHOFto4wZwkQd4zjyAAaI6iAH4jAGwAQG4AQM~CCoQChgBILcGKLcGMLcHOH8~CBsQChgBILgGKLgGMNQHOJwB~CCEQBBgBIKMHKKMHMOcHOERopAdw5gd4rAKwAQG4AQM~CCgQBRgBIKUHKKUHMLwHOBdopwdwuwd4vQOAAZEBiAGPAbABAbgBAw~CCgQChgBIKYJKKYJML8JOBlopwlwvQl46bgBgAG9tgGIAefuA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4007:82c::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 23:20:36 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8B84 13 KB
5 KB 24ms
23ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mainnews.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5541
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 21:48:15 GMT
expires: Tue, 14 Nov 2023 21:48:15 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E6EE 783 B
536 B 84ms
35ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

589721a6eca6dde574e69a5b4f2af79c8f6c2e35b1de68e18fe9ed10fac6216a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YE5LXZqfOEP2B5OiR-rCEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mainnews.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-YE5LXZqfOEP2B5OiR-rCEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 23:20:36 GMT
expires: Mon, 14 Nov 2022 23:20:36 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js Show response
pagead2.googlesyndication.com/bg/ Frame 8B84 36 KB
16 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 20:56:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95069
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15969
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Nov 2023 20:56:07 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E6EE 0
0 54ms
54ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=3623171978390649&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8B84 0
10 B 22ms
21ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Rk9Y1A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:36 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 dyn_banners_ Show response
fundingchoicesmessages.google.com/f/AGSKWxV3SKwBKSJwSSsYW7h_Wjsz8DImaFZVbGh7udlooJQcIUfrEoABVKHyx9zTwcX0zMoi88fKpRzWYHn9ueYuR3XjTvJgvRmnZ_3NcHDznZ8KlBcspVP19uILlwlVNJWtEpc8EZbqcH3i3LcU9ey9Opw1EuQSk... 54 B
110 B 40ms
40ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxV3SKwBKSJwSSsYW7h_Wjsz8DImaFZVbGh7udlooJQcIUfrEoABVKHyx9zTwcX0zMoi88fKpRzWYHn9ueYuR3XjTvJgvRmnZ_3NcHDznZ8KlBcspVP19uILlwlVNJWtEpc8EZbqcH3i3LcU9ey9Opw1EuQSkpYARFfw_bspiAXBmhSNqA3idhKTYR5H/_/sponsored-banner-/abvAds_.bbn.by//adv_468./dyn_banners_

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.cKZHIlu1rQE.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyOmvqyUxfM1TqRv0beWqoocDHbGw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

54cadb0ef04ecd64aa0d3845a795cf7dd05897248ce8d11bfc697e899b8fc8cc

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-umDv-nDJ2S4oMmLFjMnKWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:36 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-umDv-nDJ2S4oMmLFjMnKWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 169 KB
54 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

536b2a2ea1ff31d5e4db4b01741f4d8ce61b64a4f4dee296c14e27ef1a8cfb5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55582
x-xss-protection: 0
server: cafe
etag: 10931231619453154868
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 14 Nov 2022 23:20:36 GMT

POST
H3 204 AGSKWxW9J1hWfn0BQ6UqPGWLrObAenV-z1bT7qDqcHfpl53UV1B0yCuKI4LuL-VH3C2gIY7aNO8UkPYNNxGO6eU5j7QGPxM7-yDpnlYlyXoCRwyLnEfshQSqHsQA4UOFPm0DY4nDTAr0pg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 38ms
38ms XHR
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW9J1hWfn0BQ6UqPGWLrObAenV-z1bT7qDqcHfpl53UV1B0yCuKI4LuL-VH3C2gIY7aNO8UkPYNNxGO6eU5j7QGPxM7-yDpnlYlyXoCRwyLnEfshQSqHsQA4UOFPm0DY4nDTAr0pg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-64p67WjzWhGxTS6ySCCKzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mainnews.us/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Nov 2022 23:20:36 GMT
content-security-policy: script-src 'report-sample' 'nonce-64p67WjzWhGxTS6ySCCKzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://mainnews.us
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200
OK vhsgotusOnsOLVBQ
www.droptrim.com/pixel-track/ Frame 0
0 133ms
133ms Preflight
text/html 54.235.194.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.droptrim.com/pixel-track/vhsgotusOnsOLVBQ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.235.194.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: droptrim.com
Software: nginx/1.18.0 (Ubuntu) / PHP/7.2.34
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://mainnews.us
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true true
Access-Control-Allow-Headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, token Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Allow-Methods: GET,HEAD,OPTIONS,POST,PUT GET,POST,OPTIONS,PUT,DELETE,PATCH
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Mon, 14 Nov 2022 23:20:36 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: PHP/7.2.34

POST
H/1.1 200
OK vhsgotusOnsOLVBQ Show response
www.droptrim.com/pixel-track/ 0
977 B 1857ms
1010ms XHR
text/html 54.235.194.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.droptrim.com/pixel-track/vhsgotusOnsOLVBQ
Requested by: Host: www.droptrim.com
URL: https://www.droptrim.com/pixel/vhsgotusOnsOLVBQ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.235.194.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: droptrim.com
Software: nginx/1.18.0 (Ubuntu) / PHP/7.2.34
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mainnews.us/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Mon, 14 Nov 2022 23:20:38 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: PHP/7.2.34
Access-Control-Allow-Methods: GET,HEAD,OPTIONS,POST,PUT, GET,POST,OPTIONS,PUT,DELETE,PATCH
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true, true
Connection: keep-alive
Access-Control-Allow-Headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, token, Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 0
Expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H3 204 AGSKWxW9J1hWfn0BQ6UqPGWLrObAenV-z1bT7qDqcHfpl53UV1B0yCuKI4LuL-VH3C2gIY7aNO8UkPYNNxGO6eU5j7QGPxM7-yDpnlYlyXoCRwyLnEfshQSqHsQA4UOFPm0DY4nDTAr0pg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 39ms
39ms XHR
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW9J1hWfn0BQ6UqPGWLrObAenV-z1bT7qDqcHfpl53UV1B0yCuKI4LuL-VH3C2gIY7aNO8UkPYNNxGO6eU5j7QGPxM7-yDpnlYlyXoCRwyLnEfshQSqHsQA4UOFPm0DY4nDTAr0pg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ByLIiSeaL2wBOuca5LvvSQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mainnews.us/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Nov 2022 23:20:36 GMT
content-security-policy: script-src 'report-sample' 'nonce-ByLIiSeaL2wBOuca5LvvSQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://mainnews.us
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxW9J1hWfn0BQ6UqPGWLrObAenV-z1bT7qDqcHfpl53UV1B0yCuKI4LuL-VH3C2gIY7aNO8UkPYNNxGO6eU5j7QGPxM7-yDpnlYlyXoCRwyLnEfshQSqHsQA4UOFPm0DY4nDTAr0pg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 60ms
59ms XHR
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW9J1hWfn0BQ6UqPGWLrObAenV-z1bT7qDqcHfpl53UV1B0yCuKI4LuL-VH3C2gIY7aNO8UkPYNNxGO6eU5j7QGPxM7-yDpnlYlyXoCRwyLnEfshQSqHsQA4UOFPm0DY4nDTAr0pg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lPL9ldYQAcowdXzBJ5B1UA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mainnews.us/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Nov 2022 23:20:36 GMT
content-security-policy: script-src 'report-sample' 'nonce-lPL9ldYQAcowdXzBJ5B1UA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://mainnews.us
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxW9J1hWfn0BQ6UqPGWLrObAenV-z1bT7qDqcHfpl53UV1B0yCuKI4LuL-VH3C2gIY7aNO8UkPYNNxGO6eU5j7QGPxM7-yDpnlYlyXoCRwyLnEfshQSqHsQA4UOFPm0DY4nDTAr0pg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 74ms
73ms XHR
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW9J1hWfn0BQ6UqPGWLrObAenV-z1bT7qDqcHfpl53UV1B0yCuKI4LuL-VH3C2gIY7aNO8UkPYNNxGO6eU5j7QGPxM7-yDpnlYlyXoCRwyLnEfshQSqHsQA4UOFPm0DY4nDTAr0pg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-NbfjSALto7NDVz3dl2m70Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mainnews.us/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Nov 2022 23:20:36 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-NbfjSALto7NDVz3dl2m70Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://mainnews.us
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXh0HB0xMs8lgh_p8KBp1rxOo17Y_pGLXML2nz9QPvv99DxzlJLbzF_pe_3YBfP7PvSnjDSx91bNL-pJupiRNzDeOxEfkVO02pa0DwrfdTd3JmtTgt46Pk8NPfvSPQRUBFsCaUWPw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 55ms
55ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXh0HB0xMs8lgh_p8KBp1rxOo17Y_pGLXML2nz9QPvv99DxzlJLbzF_pe_3YBfP7PvSnjDSx91bNL-pJupiRNzDeOxEfkVO02pa0DwrfdTd3JmtTgt46Pk8NPfvSPQRUBFsCaUWPw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjY4NDY4MDM2LDU5NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDEsMSxudWxsLG51bGwsMV0sImh0dHBzOi8vbWFpbm5ld3MudXMvY29udGFjdC8iLG51bGwsW1s4LCJjS1pISWx1MXJRRSJdLFs5LCJkZSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

11564e12d58fa26a3044ddd50b21e8f278bc9674a49b7c76724e725e5cc0707f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3umzLNFcoYPKoafI3vmfVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 23:20:36 GMT
content-security-policy: script-src 'report-sample' 'nonce-3umzLNFcoYPKoafI3vmfVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUX-wjBBLfk1VFSPc1rmArRGVh7OZpnsGwGiGaYCIzfrTHStk9bvKSzWLNTVp6OsZWUMnon2enJd7EKx9W7FsoPpfio95Ov3CMFfz7MMBIR84O-7lfx7U91OnvRNQbiRVXTALYSFQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 39ms
38ms XHR
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUX-wjBBLfk1VFSPc1rmArRGVh7OZpnsGwGiGaYCIzfrTHStk9bvKSzWLNTVp6OsZWUMnon2enJd7EKx9W7FsoPpfio95Ov3CMFfz7MMBIR84O-7lfx7U91OnvRNQbiRVXTALYSFQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Gi_60CunlrIHpKnOcM78Mw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mainnews.us/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Nov 2022 23:20:36 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Gi_60CunlrIHpKnOcM78Mw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://mainnews.us
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 59ms
58ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=3623171978390649&bg=!ICOlI2fNAAbvMpMzzzI7ACkAdvg8Wphijt0jxPxNs-eMpjwd1I_iq0-1B-oUe9NfL5_FmYiJSpv4eAIAAABSUgAAAANoAQeZAqZAhmv1dJpra7JcgL59_anhsvkuNu7Dj4y-XK19HtaNujsQrm2kiIq0e9pBu2Z1-5krfcHLeQh0KDFqV_jbXwMI7yfHfoZ-s5hWvQzhl6o8HUsWa8BwHQvNK7yqj6aaGSMVVnWc758vNXA0JbsePx3PEx5UCNWDa-XM53yvmuQtQLVryR1DM7T1zN1Nag6HFOBghlQ1XK7RmsWud97CW_u6872jvXgHA5BRgX9KLFbATZKp47dXWyzncrqofSHRIGWBvfMqekH0I0VGQLWo2EPyjTrmqD9QoyTo2F8X06cRyJIvD0uTZNQhV6gDbAMSqwYfiL2sDo45NFBr8od-_ExmT2tz7YJJi0n1bTpLwK5IsOpPTDtuHj6CkTH094LEUlWHGhawaZjA8IAvEzXCz52TZ1SbTDVfbn1F92T9QQHbn0k47gFoGK6Y2zmpJg2JY6CeiMdQ2udDy4f-1wteGUl9tuHu6xhPTYB3DvZurGN8R6my94PNzl0Iw0KNl_krLMdjc4JvHsF8K0h40TzgkmMkC3mhIWnIAwYfp1mKXdi-zwA8SNIVlBJI1ToFeRe-d_NNhCO-vVK2nxRt1bVz4Cc8ZqPDqjvLiOBe2YpMr_6LPrSDfDLPaEvIyiKA-GxtvHByGuiU2grr5WSA7rdaTfu0Gr2Ec5wnXUQ1B-2DC-CIhGfnguxsXoXt6os124Da9QD3U2VHwU1dN2bq9nuSsF7BHm3DKU4MVr3WDVhhV8rHrOxYXCHkx7pKuzCOIMPBhGcwck3-9jK5NBX0-gFQqL-vn4lXK82VpIH6L0aa-pUfZJG2A3B5q8JFbOhKEWg803h0PZlHIO9hAaukirse8_SDHRGMxjzxrLwLNpw7VY34GEw1TJXHhC75cRcukUVE3rSPvcWmQkA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ 0
54 B 392ms
392ms Ping
image/gif 2404:6800:4007:82c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~lahesey2&c=3623171978390649&e=44759875%2C44759926%2C44759837%2C42531706%2C31070923%2C44770880%2C31061691%2C31061692&ctx=1&met.3=1001.2cp_1__1~164.2cr_1~165.2co_4~166.2cb_t~166.2d6_3~1032.2h6~326.2h9_2~832.2hc~868.2hc~216.2h6_1k~215.2h6_1k~843.2h4_1l~779.2iq~889.2j9_1~639.2jf~1032.2l9~326.2l9~832.2l9~868.2l9~164.2l8_2~165.2l1_9~779.2la~889.2ld~639.2li~1032.2lj~326.2lk~832.2lk~868.2lk~164.2lj_2~165.2li_2~779.2ll~889.2lm~639.2lo~112.2lw_2~166.2m4_2~166.2m7_2~629.2om_1~168.3b1~168.3b1~168.3b1~168.3b1~168.3b1~168.3b1~168.3b1_1~168.3b1_1~168.3bg~168.3bg~168.3bg~168.3bh_1~168.3bg_1~168.3bh~168.3bh~168.3bh~113.3ik_1~166.41h_6&met.1=1.lahescc5~6.15b~7.15c~8.16a~9.16a~10.1fq~11.1ay~12.1fq~13.1p4~14.1qq~15.1qi~16.2ma~17.2ma~18.2mj~19.3i1~20.3i1~21.3i5~22.299~23.299
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/rum_fy2021.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4007:82c::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mainnews.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 23:20:37 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK vhsgotusOnsOLVBQ Show response
www.droptrim.com/pixel-track/ 0
977 B 154ms
154ms XHR
text/html 54.235.194.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.droptrim.com/pixel-track/vhsgotusOnsOLVBQ
Requested by: Host: www.droptrim.com
URL: https://www.droptrim.com/pixel/vhsgotusOnsOLVBQ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.235.194.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: droptrim.com
Software: nginx/1.18.0 (Ubuntu) / PHP/7.2.34
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mainnews.us/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Mon, 14 Nov 2022 23:20:37 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: PHP/7.2.34
Access-Control-Allow-Methods: GET,HEAD,OPTIONS,POST,PUT, GET,POST,OPTIONS,PUT,DELETE,PATCH
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true, true
Connection: keep-alive
Access-Control-Allow-Headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, token, Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 0
Expires: Thu, 19 Nov 1981 08:52:00 GMT

OPTIONS
H/1.1 200
OK vhsgotusOnsOLVBQ
www.droptrim.com/pixel-track/ Frame 0
0 132ms
132ms Preflight
text/html 54.235.194.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.droptrim.com/pixel-track/vhsgotusOnsOLVBQ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.235.194.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: droptrim.com
Software: nginx/1.18.0 (Ubuntu) / PHP/7.2.34
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://mainnews.us
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true true
Access-Control-Allow-Headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, token Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Allow-Methods: GET,HEAD,OPTIONS,POST,PUT GET,POST,OPTIONS,PUT,DELETE,PATCH
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Mon, 14 Nov 2022 23:20:37 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: PHP/7.2.34

POST
H/1.1 200
OK vhsgotusOnsOLVBQ Show response
www.droptrim.com/pixel-track/ 0
977 B 148ms
147ms XHR
text/html 54.235.194.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.droptrim.com/pixel-track/vhsgotusOnsOLVBQ
Requested by: Host: www.droptrim.com
URL: https://www.droptrim.com/pixel/vhsgotusOnsOLVBQ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.235.194.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: droptrim.com
Software: nginx/1.18.0 (Ubuntu) / PHP/7.2.34
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mainnews.us/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Mon, 14 Nov 2022 23:20:38 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: PHP/7.2.34
Access-Control-Allow-Methods: GET,HEAD,OPTIONS,POST,PUT, GET,POST,OPTIONS,PUT,DELETE,PATCH
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true, true
Connection: keep-alive
Access-Control-Allow-Headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, token, Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 0
Expires: Thu, 19 Nov 1981 08:52:00 GMT

OPTIONS
H/1.1 200
OK vhsgotusOnsOLVBQ
www.droptrim.com/pixel-track/ Frame 0
0 131ms
131ms Preflight
text/html 54.235.194.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.droptrim.com/pixel-track/vhsgotusOnsOLVBQ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.235.194.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: droptrim.com
Software: nginx/1.18.0 (Ubuntu) / PHP/7.2.34
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://mainnews.us
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true true
Access-Control-Allow-Headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, token Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Allow-Methods: GET,HEAD,OPTIONS,POST,PUT GET,POST,OPTIONS,PUT,DELETE,PATCH
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Mon, 14 Nov 2022 23:20:38 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: PHP/7.2.34

Verdicts & Comments Add Verdict or Comment

211 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bit.ly/	1970-01-20 11:47:00	Name: _bit Value: maenkw-0f5b798d7de81fb6d1-005
.mainnews.us/	1970-01-20 07:29:14	Name: _gid Value: GA1.2.1965668284.1668468034
.mainnews.us/	1970-01-20 17:03:48	Name: _ga_8BM2NHQH5D Value: GS1.1.1668468034.1.0.1668468034.0.0.0
.mainnews.us/	1970-01-20 07:27:48	Name: _gat_gtag_UA_233292510_1 Value: 1
.mainnews.us/	1970-01-20 17:03:48	Name: _ga Value: GA1.2.1636432863.1668468034
mainnews.us/	1970-01-20 17:03:48	Name: _wpfuuid Value: c03a616e-4b73-4a57-a1e8-087e29cbf137
.mainnews.us/	1970-01-20 16:49:24	Name: __gads Value: ID=65838ef45d53c084-224464c5b1ce00ea:T=1668468034:RT=1668468034:S=ALNI_MY5T8y8UALNHwOGt_MuQKty9WTXJg
.mainnews.us/	1970-01-20 16:49:24	Name: __gpi Value: UID=00000b818744d8e7:T=1668468034:RT=1668468034:S=ALNI_MZ2TXLyT1w-Kx8uSKlUN7Fz69DXqw
.doubleclick.net/	1970-01-20 16:49:24	Name: IDE Value: AHWqTUnLTDOpjpLYFWYhLkL76sRiXoXSzyzidhM9KC6lAeC1XzoS_Pxpvyfi6c4bHWk
.doubleclick.net/	1970-01-20 07:27:51	Name: DSID Value: NO_DATA
.mainnews.us/	1970-01-20 16:13:24	Name: FCNEC Value: %5B%5B%22AKsRol9ElE7xC8EaRThE-6domZNnvNbwOUROVx7yE_kC9h72Z_GrY-PzOfOOeVIZ73WLgHcVyS45ehiwV94jOwsMFLq0EcLQvyzMnteIZQ9W96cqFe8uvOd26CCphkh8rXBI1Ped2YXIxZMsWNDO66JoKR8Y_ghg8Q%3D%3D%22%5D%2Cnull%2C%5B%5D%5D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
apps2.xendsys.com
bit.ly
csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
geo.wpforms.com
googleads.g.doubleclick.net
mainnews.us
moderate1.cleantalk.org
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.droptrim.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
2001:4860:4802:34::36
207.246.97.180
2404:6800:4007:82c::2003
2604:a880:4:1d0::4cf:c000
2a00:1450:4001:801::2008
2a00:1450:4001:802::200e
2a00:1450:4001:806::2003
2a00:1450:4001:808::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2004
50.19.60.226
54.235.194.113
67.199.248.10
88.198.33.229
012f916c0da7df9f2f60c07ecac0fb5112fca218ae271b22f976aeb4ae811d02
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03c389054a74d50cb6bdcca5f5419adb6d51f5f7364f9b80dfe37b036b686623
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
0c6ba4901cfb68b03ca9a97ce1d7cbb688d6802c60819dd7cea0522aca8a0576
11564e12d58fa26a3044ddd50b21e8f278bc9674a49b7c76724e725e5cc0707f
15fbc37b143fcd68af84ba0672fec28552104ba8da1e4be39541ecb9458d496b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
187af6783dd59cd3b9dd90e77b3daa1509c1c3c18f5ce5d6fe2133f9bc3828df
1f85dab3cd1a342bf26134fd9c422cd3bee58230c8c3fbad9b035d2ac02c8175
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
22e1d4ca8e3b35d99f52810f28e11145a323dd0e849caea9ae81f34e19adcb65
255461391b6771e7dc6c882281d511840dadb05a17e8488fb9cdb7c470f3966f
26b5a9446c18da1563178cd30d379a3b569420d1ab17f8f8282430de8b8482b6
2ac6574404f8332cae71e40a3b4ab642b8e71ef4c56a1e9684394656e2472a55
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d925a37e23eb27529f5a78e149a75a3c6e13e29e2e9e13c3baee01816c260c7
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f4cfbbc8e5ec834092f3e40158b5a1b1551fb0b8e5bb9894335bac7b49f913a
2f5d62e8728c5492ee70f9e9c35858ecb1993569eb5a5b2e349a00fc123c831b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32e092aeb78ab1755b68404b12f3e60807633957e2847d89793a57cf123d3668
351b060630b82af10b1104fbb4cb8305ac19d31e7e5a883033f7b09f18520d32
391544c91fc7d42342bf4c020dd280a2743964992bc8eb5f642dc160595ff78d
3bc6467a95cec8fa516c6f5f69e1301e37e16f9bb1046fe7756729249f901b95
499999d720ab71bdffc4e0115b8b05e1d5997f12e482426546a58a00edd77f74
4a518bd1723da2b6011895ad68059361ebb4cb80de3eec9145eacee89ddd9745
4ea25a82fc8550aa425b9bfce9d621f22a15ca6a381c515ce6c7404d17edbc50
50b27114d7c2c7a0165f3b68f18e6ecd85f976abda56e84d7e462a7d2ae4978d
51e96c923e6df4a1a64113bcc8c2a7636c36848b8b7cd9ea3a379cb19548d213
536b2a2ea1ff31d5e4db4b01741f4d8ce61b64a4f4dee296c14e27ef1a8cfb5f
54cadb0ef04ecd64aa0d3845a795cf7dd05897248ce8d11bfc697e899b8fc8cc
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
582c413cbd7988d2047f667ccda947fcb5b1df3505ff0506fe9fd90188236b1b
589721a6eca6dde574e69a5b4f2af79c8f6c2e35b1de68e18fe9ed10fac6216a
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5c6269d98660443db9f9578af480b83a1c511c5a3a24602492fec3fd3dde2b62
5ceb0c2088d29cecbe3ee571dc3cf6fec764bbb7c73f0e22c73007149a2ce68d
5d80f13fd7524318f81eb1301170d4d0fbee242c12403c01f3a06c9f681192c7
5dfdf00359b7743919a732ae8eb80536ff206faaf16a99fcdd3f967aca1f81e7
5e5a26e546724b7e80d5f586ea747aa43861f804ead9b6a5d3a2d42601c52275
5e94a3a8b9b7aee447df06f08ca5ddbf00f3e3d52d3112af6726ee8a69299637
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6671249683f30cbeaf1362a61f8793660a1ea97751cc7f4a614f585fa41b9d91
68dc20b37b0b7071711805588742ddad6cc6aaac49f319148fb78a648baeaa60
69a15ba379260f131f7dfa2a5414cbdc48db661ac21d696773c7e67259255ca1
6ac209c96aa9112483b9e62cc6255555b2638bb0d326825d389bb7760dfe7d81
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7014c257b8d425fafe16091833d0a2e07d8466ab341c6d1ddde3c342fe208951
710eaf5de9e92f3e678aaa8c5789dc4fd9a7537ba964c94041f28f415f6adc7a
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
7707208a1c71243cb764c0a95bc41ce8b0d2a316d2d01b3b9678b2560cdb06d9
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
7b64a84c219d901e94b497f2374a5eabfa89a26b3c2891c774979dea81bb66d4
7ffd6ec4d1b1980400d8cc710d2edd0fb7833e2c83262f8401247043ca258149
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
834619f071e37fd4b396c70c32c74d00f2b7e92f8c1839b7e09093157784d64c
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
8a3820962c15d26c4cdc9eff4f8c66ed29f96e353b7893285cb14962d6a6956d
8de2f34d57738bfa35ec30d4f8e5326ffe32fda1e7f8c93124500f8ba055a327
909e4f36928b8676e7947d125e90b8c2baee1afc6c0dead2ddc05a665811470a
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
945b3fb4d4f9036f7fcc9ff1d3f7c38c911ed4048446e49556a55dd957c982b1
96c4039641b29e4adb7d3701b67df4fa7972b174e9241ded98b0611ba7f535f6
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9e3f3086eed70349e0bff17948927d693d5e3127f49ae823a5d7a820fcd02e3c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
abc9faa4970e07db7d506d6b2a98e4c86223be305c7541ced54ea2e15f99a76e
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b170ab2f002233aac70a0afb9fac94cf43ab5bb260cd966f399580c7bdfa105c
b253ef3fe01bdd1dbcf682caf6954cbf64877cf67955b085f18fd896809d7e83
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b43e7516a3b6d3dad2f2aa6e74743ca94e8c7f327505d696c94e8ba79972985f
b5d02f2185ebaa449c168561a1900a1540c68aee0241feadb3c75a545900fff7
b68417fef759c8bd12f27b97cb36d5c3314ad94a9307d3d640b884d25e9e7618
b8e1d161afce8b7ce07e094b5597a59b7be4a8eb938aa45b201869956676f6a5
bb687b459083ae32bf76364ba91570b898e31c2ae06ca058a28a294288216ad8
c30dab20b677f2b13f42a4a04385a3c6d380fa023a4a1c32f45f2996e152bfba
c35de839bf714c1ae5ff01f24453ba7293d36427f10f8c296a9046ba34eded39
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca64cc8b00bd9235466fbc6a2c84877714af3720d7dd78cf070f4cd7d82dec17
ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfde0dff7c17f03aab9949cb2d2e922610484ab4f4be0a3cb3f39ee2d0c9203e
d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace
d2420602ab8ccfe6007950965aade5665ae47f64af257146d8df0f6892c18454
d2d96062a0686d81df42977c967371c8e5f6cbad438bd385df245a5f52c2f4e3
d77f34e949801d83dc82c9272f0496bf9ea3d69b3d74b8e3209e706cda968c08
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e10fd00a2b96373b8b2eb67e8826be0c9e9b84b285d83a63c85037277fca8c1c
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5847f348a4a136d00816c7b18e42cd0f67b762057cb00a3e404abf6dc5268c5
e7835dce12be04d159745cef8e699c59ecc7cc29efaa19900c0adf36ac0e69f2
e7a9aaef125713e5b57733e89b419b2dc7145efb1301fadc6eb312f21fbe0838
eac98e7da4ea2a477e741eb800f4321aae98b8f09051589a6e7aa74a08760ad6
ef158567919a5eb4c76c8c434a00ab26099be4c37f176ae62944d6d4b26292a1
ef17fc912866f1d8a5bf16191e8c8278ca4d40468e48556bf326bd7fcf8673fd
f12b90d295e63139db9a67d0adaed520b37cae4fadf071c5541c421c021c84d8
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6eb858ead7f15dcd18541c5433714e0c0966d81b8d009a2d49e5a181e548fbb
f73f452b5961dbe04bffdc40586dc8c689e172c2dcbfa90353d92acb7a08c444
f94b28d0dafc3943e6cc6dae6756a1b1551c63b12bdbfe2be65d24a64f89c940
fdd929f4e7f24ceca1f21a2548a5b7ed985acf6a294ae92beab97c07558de1fa
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

mainnews.us Open in urlscan Pro 207.246.97.180 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

153 Requests

100 %HTTPS

77 %IPv6

16 Domains

23 Subdomains

21 IPs

3 Countries

1587 kBTransfer

5354 kBSize

11 Cookies

3 Outgoing links

Page URL History

Redirected requests

153 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mainnews.us Open in urlscan Pro
207.246.97.180 Public Scan

Screenshot
Live screenshot

Full Image

153
Requests

100 %
HTTPS

77 %
IPv6

16
Domains

23
Subdomains

21
IPs

3
Countries

1587 kB
Transfer

5354 kB
Size

11
Cookies

153 HTTP transactions
1 data transactions