urlscan.io logo urlscan.io
SecurityTrails logo

newspaper24hr.com Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
URL: https://newspaper24hr.com/
Submission: On December 25 via api from DO — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 44 IPs in 6 countries across 45 domains to perform 121 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is newspaper24hr.com. The Cisco Umbrella rank of the primary domain is 351641.
TLS certificate: Issued by E1 on November 2nd 2022. Valid for: 3 months.
This is the only time newspaper24hr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
30 2a06:98c1:312... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 89.187.169.3 60068 (CDN77 ^_^)
5 138.199.36.10 60068 (CDN77 ^_^)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:225... 16509 (AMAZON-02)
1 3.11.61.23 16509 (AMAZON-02)
3 141.95.98.64 16276 (OVH)
3 13.32.28.197 16509 (AMAZON-02)
1 51.77.64.70 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 52.85.121.86 16509 (AMAZON-02)
2 51.38.120.206 16276 (OVH)
2 35.244.159.8 15169 (GOOGLE)
1 2602:803:c004... 26667 (RUBICONPR...)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 23.64.52.128 ()
2 2.18.36.193 ()
1 185.64.190.78 ()
1 1 185.29.134.248 ()
11 185.64.190.80 ()
2 2 213.155.156.168 ()
1 178.250.2.151 ()
1 2 67.220.228.203 ()
2 2 185.89.210.153 ()
1 1 2620:116:800d... ()
1 1 85.114.159.118 ()
1 1 54.243.58.43 ()
7 7 142.250.185.66 ()
1 2606:4700:10:... ()
1 52.213.183.227 ()
1 2 34.111.129.221 ()
1 35.204.158.49 ()
2 35.71.131.137 ()
2 2 37.157.3.20 ()
1 2a05:d018:d29... ()
2 2 3.126.56.137 ()
1 185.64.190.81 ()
3 3 3.122.66.11 ()
2 2 3.67.148.215 ()
1 2a02:fa8:8806... ()
1 98.98.134.241 ()
1 1 159.65.196.12 ()
1 69.173.144.139 ()
121 44
30    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
newspaper24hr.com
4    2a00:1450:400d:802::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    89.187.169.3 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 89-187-169-3.bunnyinfra.net
cdn.unibotscdn.com
5    138.199.36.10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 138-199-36-10.bunnyinfra.net
cdn.unibots.in
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    2a00:1450:400d:80d::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
region1.google-analytics.com
1    2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.co.uk
fonts.gstatic.com
3    2a00:1450:400d:808::2002 (Ireland)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2600:9000:225e:fc00:12:abfb:9280:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.unblockia.com
1    3.11.61.23 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-61-23.eu-west-2.compute.amazonaws.com
spadsync.com
3    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
id5-sync.com
lb.eu-1-id5-sync.com
3    13.32.28.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-28-197.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com
pro.ip-api.com
1    2a00:1450:400d:804::2002 (Ireland)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    52.85.121.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-121-86.bud50.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
2    51.38.120.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
unibots-d.openx.net
u.openx.net
1    2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    2a00:1450:400d:807::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:400d:802::2001 (Ireland)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
2    23.64.52.128 (None, )

ASN- ()
eus.rubiconproject.com
2    2.18.36.193 (None, )

ASN- ()
ads.pubmatic.com
1    185.64.190.78 (None, )

ASN- ()
image6.pubmatic.com
1    185.29.134.248 (None, )

ASN- ()
sync.mathtag.com
11    185.64.190.80 (None, )

ASN- ()
simage2.pubmatic.com
image2.pubmatic.com
2    213.155.156.168 (None, )

ASN- ()
d5p.de17a.com
1    178.250.2.151 (None, )

ASN- ()
dis.criteo.com
2    67.220.228.203 (None, )

ASN- ()
aax-eu.amazon-adsystem.com
2    185.89.210.153 (None, )

ASN- ()
ib.adnxs.com
1    2620:116:800d:21:93ca:31d8:d86e:38f6 (None, )

ASN- ()
cms.quantserve.com
1    85.114.159.118 (None, )

ASN- ()
dsp.adfarm1.adition.com
1    54.243.58.43 (None, )

ASN- ()
sync.srv.stackadapt.com
7    142.250.185.66 (None, )

ASN- ()
cm.g.doubleclick.net
1    2606:4700:10::ac43:db6 (None, )

ASN- ()
mwzeom.zeotap.com
1    52.213.183.227 (None, )

ASN- ()
sync.crwdcntrl.net
2    34.111.129.221 (None, )

ASN- ()
cr.frontend.weborama.fr
1    35.204.158.49 (None, )

ASN- ()
um.simpli.fi
2    35.71.131.137 (None, )

ASN- ()
match.adsrvr.org
2    37.157.3.20 (None, )

ASN- ()
c1.adform.net
1    2a05:d018:d29:3605:b7dd:4922:54:1ebd (None, )

ASN- ()
pr-bh.ybp.yahoo.com
2    3.126.56.137 (None, )

ASN- ()
ups.analytics.yahoo.com
1    185.64.190.81 (None, )

ASN- ()
image4.pubmatic.com
3    3.122.66.11 (None, )

ASN- ()
x.bidswitch.net
2    3.67.148.215 (None, )

ASN- ()
ads.creative-serving.com
1    2a02:fa8:8806:13::1370 (None, )

ASN- ()
pubmatic-match.dotomi.com
1    98.98.134.241 (None, )

ASN- ()
pixel-sync.sitescout.com
1    159.65.196.12 (None, )

ASN- ()
match.adsby.bidtheatre.com
1    69.173.144.139 (None, )

ASN- ()
pixel.rubiconproject.com
Apex Domain
Subdomains		 Transfer
30 newspaper24hr.com
newspaper24hr.com — Cisco Umbrella Rank: 351641
4 MB
16 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 449
ads.pubmatic.com
image6.pubmatic.com
simage2.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
29 KB
11 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 192
cm.g.doubleclick.net
159 KB
8 gstatic.com
www.gstatic.com
fonts.gstatic.com
1 MB
8 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 4762
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1976
184 KB
6 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 296
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 503
aax-eu.amazon-adsystem.com
s.amazon-adsystem.com Failed
50 KB
5 unibots.in
cdn.unibots.in — Cisco Umbrella Rank: 73982
32 KB
4 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 462
eus.rubiconproject.com
pixel.rubiconproject.com Failed
15 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 51
273 KB
3 bidswitch.net
x.bidswitch.net
1 KB
3 yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
1 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
region1.google-analytics.com — Cisco Umbrella Rank: 2623
20 KB
2 creative-serving.com
ads.creative-serving.com
1 KB
2 adform.net
c1.adform.net
1 KB
2 adsrvr.org
match.adsrvr.org
529 B
2 weborama.fr
cr.frontend.weborama.fr
459 B
2 adnxs.com
ib.adnxs.com
2 KB
2 de17a.com
d5p.de17a.com
562 B
2 openx.net
unibots-d.openx.net — Cisco Umbrella Rank: 172084
u.openx.net
470 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 690
365 B
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 413
1 KB
1 bidtheatre.com
match.adsby.bidtheatre.com
555 B
1 sitescout.com
pixel-sync.sitescout.com
191 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 simpli.fi
um.simpli.fi
611 B
1 crwdcntrl.net
sync.crwdcntrl.net
266 B
1 zeotap.com
mwzeom.zeotap.com
382 B
1 stackadapt.com
sync.srv.stackadapt.com
615 B
1 adition.com
dsp.adfarm1.adition.com
524 B
1 quantserve.com
cms.quantserve.com
589 B
1 criteo.com
dis.criteo.com
363 B
1 mathtag.com
sync.mathtag.com
725 B
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 68
10 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
4 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
49 KB
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1122
404 B
1 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 5261
194 B
1 spadsync.com
spadsync.com — Cisco Umbrella Rank: 79101
90 B
1 unblockia.com
cdn.unblockia.com — Cisco Umbrella Rank: 21941
32 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 381
113 KB
1 google.co.uk
www.google.co.uk — Cisco Umbrella Rank: 3445
501 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 211
29 KB
1 unibotscdn.com
cdn.unibotscdn.com — Cisco Umbrella Rank: 46736
47 KB
0 linkedin.com Failed
px.ads.linkedin.com Failed
0 contextweb.com Failed
bh.contextweb.com Failed
121 45
Domain Requested by
30 newspaper24hr.com newspaper24hr.com
cdnjs.cloudflare.com
7 cm.g.doubleclick.net 7 redirects
7 simage2.pubmatic.com ads.pubmatic.com
5 cdn.unibots.in newspaper24hr.com
cdn.unibots.in
4 image2.pubmatic.com ads.pubmatic.com
4 fonts.gstatic.com www.google.com
fonts.googleapis.com
4 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com newspaper24hr.com
www.gstatic.com
www.google.com
4 www.googletagmanager.com newspaper24hr.com
cdn.unibots.in
www.googletagmanager.com
3 x.bidswitch.net 3 redirects
3 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
3 c.amazon-adsystem.com cdn.unibots.in
c.amazon-adsystem.com
3 securepubads.g.doubleclick.net cdn.unibots.in
securepubads.g.doubleclick.net
2 ads.creative-serving.com 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 c1.adform.net 2 redirects
2 match.adsrvr.org
2 cr.frontend.weborama.fr 1 redirects
2 ib.adnxs.com 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 ads.pubmatic.com cdn.jsdelivr.net
2 eus.rubiconproject.com cdn.jsdelivr.net
eus.rubiconproject.com
2 onetag-sys.com cdn.jsdelivr.net
2 id5-sync.com cdn.jsdelivr.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 pixel.rubiconproject.com
1 match.adsby.bidtheatre.com 1 redirects
1 pixel-sync.sitescout.com
1 pubmatic-match.dotomi.com
1 image4.pubmatic.com
1 pr-bh.ybp.yahoo.com
1 um.simpli.fi
1 sync.crwdcntrl.net
1 mwzeom.zeotap.com
1 sync.srv.stackadapt.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 cms.quantserve.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 sync.mathtag.com 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 u.openx.net cdn.jsdelivr.net
1 lh3.googleusercontent.com newspaper24hr.com
1 fonts.googleapis.com
1 hbopenbid.pubmatic.com cdn.jsdelivr.net
1 fastlane.rubiconproject.com cdn.jsdelivr.net
1 unibots-d.openx.net cdn.jsdelivr.net
1 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
1 pagead2.googlesyndication.com cdn.unblockia.com
1 lb.eu-1-id5-sync.com cdn.jsdelivr.net
1 pro.ip-api.com cdn.unibots.in
1 spadsync.com cdn.jsdelivr.net
1 cdn.unblockia.com cdn.unibots.in
1 region1.google-analytics.com www.googletagmanager.com
1 cdn.jsdelivr.net cdn.unibots.in
1 www.google.co.uk newspaper24hr.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 cdnjs.cloudflare.com newspaper24hr.com
1 cdn.unibotscdn.com newspaper24hr.com
0 px.ads.linkedin.com Failed
0 s.amazon-adsystem.com Failed
0 bh.contextweb.com Failed ads.pubmatic.com
121 63

This site contains no links.

Subject Issuer Validity Valid
*.newspaper24hr.com
E1		 2022-11-02 -
2023-01-31		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
cdn.unibotscdn.com
R3		 2022-12-09 -
2023-03-09		 3 months crt.sh
cdn.unibots.in
R3		 2022-12-10 -
2023-03-10		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.google.co.uk
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.unblockia.com
Amazon		 2022-03-23 -
2023-04-21		 a year crt.sh
spadsync.com
SSL.com RSA SSL subCA		 2022-03-02 -
2023-03-02		 a year crt.sh
*.id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-25 -
2023-12-26		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh

This page contains 15 frames:

Primary Page: https://newspaper24hr.com/
Frame ID: 3A66F837C975214F7CB1C8E4FFCDEA25
Requests: 75 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LduzTIjAAAAAJasgwt-GI55LU-BJY6ejL6gi5Pk&co=aHR0cHM6Ly9uZXdzcGFwZXIyNGhyLmNvbTo0NDM.&hl=nl&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=kuff058zhcdo
Frame ID: B6C822C1A0E62B2789C34F790D7705B8
Requests: 8 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: E52645088609362BDDBE78EC3B1FD7D4
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159448
Frame ID: 9C87964BA04D987294AEED75C3C98F6E
Requests: 17 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 3CBF051968E6F98A59BE3B9C1771CD19
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1671969777532
Frame ID: B481C1E5D16BBDA9FBEF71986E3660CD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8cec63a8-3bf6-4100-85c7-d2444d01e86a&gdpr=0&gdpr_consent=
Frame ID: 0A63DF063DC52758F6052E2558052194
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6265717200977266810
Frame ID: 8A39D5B0D50106563DADCA54B5D4B399
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: FB84128E33B1F22368AF5C13D35D90B5
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=8ABD946A-BAD0-48D1-943A-2ACC50378CC3&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: A47DECBDAD560A87017572B27F002BCE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=337096570404000196&gdpr=0&gdpr_consent=
Frame ID: 706369492E8B04AA2AFF270BFEBF92C5
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=qHeHz60mgMGzcN_Hq33Lkv0h0MCzcIfAqSKPy3sx
Frame ID: 828445205BF76326764137F139D0A679
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7181055533596866711&gdpr=0&gdpr_consent=
Frame ID: 8CF6CAF265A707B65FEAB4CD84A8B9E6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=NvogOTSsSAtvTRPptEaVGCUwXik
Frame ID: 3341AF59F993608B1E08A65AC56175F6
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAGAUU7HUHgAACB3XBZoxQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0
Frame ID: 261C9C52F47158C3733FF8C4F1EF5C8D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

NewsPaper24hr

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

121
Requests

87 %
HTTPS

38 %
IPv6

45
Domains

63
Subdomains

44
IPs

6
Countries

6510 kB
Transfer

9797 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 88
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8cec63a8-3bf6-4100-85c7-d2444d01e86a&gdpr=0&gdpr_consent=
Request Chain 89
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6265717200977266810
Request Chain 91
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=8ABD946A-BAD0-48D1-943A-2ACC50378CC3&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=8ABD946A-BAD0-48D1-943A-2ACC50378CC3&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 92
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=337096570404000196&gdpr=0&gdpr_consent=
Request Chain 93
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=qHeHz60mgMGzcN_Hq33Lkv0h0MCzcIfAqSKPy3sx
Request Chain 94
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7181055533596866711&gdpr=0&gdpr_consent=
Request Chain 95
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=NvogOTSsSAtvTRPptEaVGCUwXik
Request Chain 96
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHQVVVN0hVSGdBQUNCM1hCWm94UQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAGAUU7HUHgAACB3XBZoxQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0
Request Chain 97
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ir2UarrQSNGUOirMUDeMww%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ir2UarrQSNGUOirMUDeMww%3D%3D&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 100
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1212448926
Request Chain 101
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OEFCRDk0NkEtQkFEMC00OEQxLTk0M0EtMkFDQzUwMzc4Q0Mz&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OEFCRDk0NkEtQkFEMC00OEQxLTk0M0EtMkFDQzUwMzc4Q0Mz&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 102
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMPlUl06S2NGtG5ejcfH8no&google_cver=1
Request Chain 105
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6074804525334365013
Request Chain 107
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=8ABD946A-BAD0-48D1-943A-2ACC50378CC3&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=8ABD946A-BAD0-48D1-943A-2ACC50378CC3&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ST_2lnlE2uXIbZsnc.Vh0J120FfSrzk-~A&gdpr=0&gdpr_consent=
Request Chain 108
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=c385c90c-44b4-44e2-8299-4034357b1b10 HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=c385c90c-44b4-44e2-8299-4034357b1b10 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=6448d29f-fae0-4202-ae25-3f43c9b6380f&ssp=pubmatic&expires=30&user_group=5&bsw_param=c385c90c-44b4-44e2-8299-4034357b1b10 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c385c90c-44b4-44e2-8299-4034357b1b10&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 111
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:e90155b4-24bf-45d6-9247-470a9f837d3e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 113
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=0yP6HVlJRu2xGXPaNIuTDQ&rk=usync-other
Request Chain 114
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEMzQk1XWlotMTUtNk1UVg==&us_privacy=1---
Request Chain 115
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHv2tjMCc0rf4ETCiGc4Q0M&google_cver=1
Request Chain 117
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDllZDViNjAzZDk0MTc1NzdkZWU5MWQ0MTRlMTVkYTk2NjE2YTJjOQ&us_privacy=1---
Request Chain 118
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1--- HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LC3BMWZZ-15-6MTV&us_privacy=1---
Request Chain 119
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Ndns3IedR5urIZ17sSD7Asn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1---

121 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
newspaper24hr.com/ 		170 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newspaper24hr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b3d696c5bf52a2c0c89592cc816ddf75d697be93793388dea7debb5d79e9b55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
77f16e387ac7996e-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 25 Dec 2022 12:02:55 GMT
last-modified
Sun, 25 Dec 2022 11:38:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c4BC9C9%2F58GkuY%2BcL8KQOtHpMmBanin%2BbeCGlnIyGEyH1lfHe6ugxILymozqP97PT6Y%2BlXa%2F8many6RCoOFkTARiMJIN5kNkNqeQNKDgBbEbz5JWRaxN9Ym8qGP8yUG1%2FIHQOC3kgrjXzMewxaGaSw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
style.min.css
newspaper24hr.com/wp-includes/css/dist/block-library/ 		93 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newspaper24hr.com/wp-includes/css/dist/block-library/style.min.css?ver=81582bdb254a94e4464424087c6479a8
Requested by
Host: newspaper24hr.com
URL: https://newspaper24hr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:02:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Nov 2022 01:35:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1489
etag
W/"63743e6d-172a9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=81Wri9QEiUSGswJeeQukIV3V2sv2vnxHTAAqI0AlG8XzCbkZJyRADL81F8dWXHsKE04Bsb%2BMhnfRwubO0HarBCqLZuJStyTXCabDkywl6LcLEk6CAhWGS1RQcJ6%2FBiV21eEFfh%2Faok%2BHjtar6KbrOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=16070400, must-revalidate, proxy-revalidate
cf-ray
77f16e39fd59996e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 24 Jan 2023 11:37:45 GMT
classic-themes.min.css
newspaper24hr.com/wp-includes/css/ 		217 B
565 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newspaper24hr.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by
Host: newspaper24hr.com
URL: https://newspaper24hr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:02:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 02 Nov 2022 01:35:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1489
etag
W/"6361c950-d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QeBbR%2FF%2Bin8y5vurwwWVkiAZ2PG50soMJwMVgrms4UtLx3PPsoxZOcd2WSS1Lx%2BZU6cUDN6vNe%2B2W0sobqrDczOnxgp1aT9xtApFUOA8s1mHvDVy4%2BjIPdiyPDAYD3VbFI25g15k7AJIKjCJui4rVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=16070400, must-revalidate, proxy-revalidate
cf-ray
77f16e39fd5b996e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 24 Jan 2023 11:37:45 GMT
ai-aos.css
newspaper24hr.com/wp-content/plugins/ad-inserter-pro/includes/aos/ 		47 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newspaper24hr.com/wp-content/plugins/ad-inserter-pro/includes/aos/ai-aos.css?ver=2.7.22
Requested by
Host: newspaper24hr.com
URL: https://newspaper24hr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
848e50546f9feb30920ac53dcd70d46e36ca7d060b90b437833fa2d9a2ae37c7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:02:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 04 Nov 2022 09:51:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1489
etag
W/"6364e085-bae3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zj%2BB7u22Mm%2FLRJPUsmT%2BFCLwFmijhdBHMh6Y%2FntsZkDRPueJG2ZzQfcPMqtSLAevLqwXM1roX1DLZy2iJube%2B6kX6boCX9CCwaHC71MCEM%2BxAlWtAKVQMfa100Py%2Fx6gF0QxaX6G3IzrnEiKlrcqPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=16070400, must-revalidate, proxy-revalidate
cf-ray
77f16e39fd5c996e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 24 Jan 2023 11:37:45 GMT
styles.css
newspaper24hr.com/wp-content/plugins/contact-form-7/includes/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newspaper24hr.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.1
Requested by
Host: newspaper24hr.com
URL: https://newspaper24hr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a38595d63dfae35b88183515b69f8b742128b564b9ea4dbd79908c3aa73921a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:02:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 16 Dec 2022 09:00:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1489
etag
W/"639c33c2-af3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rJ%2FCnx73xKETxE1wqwH9fXkbDrjll%2Bg7Dbmd4gxpMoxrw5%2BvafBry1Q89vf1503napuUipatYYAy%2FyTm3S7eOGS0GvUEyAY6n0fBLRN0M%2FTa7VAEJy%2F9YoeeMVn0EYOYDK3xyo4HSxvlFptr7mTn0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=16070400, must-revalidate, proxy-revalidate
cf-ray
77f16e39fd5f996e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 24 Jan 2023 11:37:45 GMT
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-189072159-7
Requested by
Host: newspaper24hr.com
URL: https://newspaper24hr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4428006304292533e2555ee27c9ec8f76a87f7621f050c717e44bc856ceb68e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:02:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
43652
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 25 Dec 2022 12:02:56 GMT
js
www.googletagmanager.com/gtag/ 		216 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PX3PZ6Q9RG
Requested by
Host: newspaper24hr.com
URL: https://newspaper24hr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8dce640d375f810a7e9695ec1c638beebfba1789f4ef6ca2a2254539717de409
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:02:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76898
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 25 Dec 2022 12:02:56 GMT
player.js
cdn.unibotscdn.com/ubplayer/ 		130 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/player.js
Requested by
Host: newspaper24hr.com
URL: https://newspaper24hr.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
89-187-169-3.bunnyinfra.net
Software
BunnyCDN-DE1-752 /
Resource Hash
ef0a3f1e274da89f34f4ae7640b2cb4b6858b474cf39568887decd99834212c4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:02:56 GMT
content-encoding
br
cdn-edgestorageid
1049
cdn-storageserver
DE-167
cdn-cachedat
12/22/2022 11:48:30
cdn-pullzone
873945
last-modified
Thu, 22 Dec 2022 05:22:22 GMT
server
BunnyCDN-DE1-752
cdn-fileserver
336
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"63a3e98e-20615"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
f67b22327dd93ddb00619296137f41f9
cdn-requestcountrycode
NL
cdn-status
200
cdn-requestpullsuccess
True
hb_new.js
cdn.unibots.in/headerbidding/common/ 		418 B
705 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibots.in/headerbidding/common/hb_new.js
Requested by
Host: newspaper24hr.com
URL: https://newspaper24hr.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-10.bunnyinfra.net
Software
BunnyCDN-DE1-1053 /
Resource Hash
1a3f417d7d9af45ab60444c65553c70e16f65174fbf2a2ed88ad790715a3093d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:02:55 GMT
content-encoding
br
cdn-edgestorageid
1053
cdn-storageserver
DE-168
cdn-cachedat
12/24/2022 06:51:47
cdn-pullzone
483488
last-modified
Sat, 24 Dec 2022 06:50:53 GMT
server
BunnyCDN-DE1-1053
cdn-fileserver
379
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"63a6a14d-1a2"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
50d65140ba060d9e8d0d2a2c309a1c9e
cdn-requestcountrycode
NL
cdn-status
200
cdn-requestpullsuccess
True
style.min.css
newspaper24hr.com/wp-content/themes/theme-traffic-vietnam/assets/css/ 		348 KB
63 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newspaper24hr.com/wp-content/themes/theme-traffic-vietnam/assets/css/style.min.css
Requested by
Host: newspaper24hr.com
URL: https://newspaper24hr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a53b1393dac844555455b387432b2401f003c826ae2f226f1360ccecae8a774c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:02:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 11 Oct 2021 01:43:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1489
etag
W/"616396d4-571f1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=98YEJDjOTlNwJ7mh7G0d0lqNh3kDHY78R419JQH06mJHPv0S2o4uAVWm6npMl2PXjBbTwXc9mQuWOP5PnZPmVZ4F6%2BTVdiXKJWtxIHX9Lbcbg3FSwOCOJiuGprdFB9BdGfheztKVpQArufk2WXRoKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=16070400, must-revalidate, proxy-revalidate
cf-ray
77f16e39fd61996e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 24 Jan 2023 11:37:45 GMT
skin.css
newspaper24hr.com/wp-content/themes/theme-traffic-vietnam/assets/css/ilightbox/dark-skin/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newspaper24hr.com/wp-content/themes/theme-traffic-vietnam/assets/css/ilightbox/dark-skin/skin.css
Requested by
Host: newspaper24hr.com
URL: https://newspaper24hr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
949448840982c267cbacb0aadde067218f404646e15e92b72991715a2988d1f0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:02:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 05 Oct 2021 03:53:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1489
etag
W/"615bcc2b-1c79"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FUmsIMdMbfIXMpPnykt3dRG495tywJR%2FpK1w%2FwvY%2FZtaShaRnput%2BIS5gmYbuZIXaPNQ0lLJ6OwV3MyIuc0ON%2F7hNIH%2BCtNt6CvnsBMFRazUMDzFc6%2Fmd6UH7NeDykGh7pfhAurlqRW%2B4MZuLwnauA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=16070400, must-revalidate, proxy-revalidate
cf-ray
77f16e39fd65996e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 24 Jan 2023 11:37:45 GMT
style.css
newspaper24hr.com/wp-content/themes/theme-traffic-vietnam/assets/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newspaper24hr.com/wp-content/themes/theme-traffic-vietnam/assets/css/style.css
Requested by
Host: newspaper24hr.com
URL: https://newspaper24hr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af6d52f31d6e209c5338234fbc12a936f290652f0df7769534f780b98f118f2f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:02:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 20 Dec 2022 03:36:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1489
etag
W/"63a12da5-2c18"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FCl8KUwKipLGKmIx6jVqZlCs2P9MJe8WjPdixHTSAau3a50g5rYf0lkAjMggjfH1T95aIAE6MaWpQ4GYCJVARCTbiYTMHw4F%2F7xDyeDsiOZTbnoT6fzjQdW0Inxd96g%2BfINZTLq6F4kck7FvcBGSCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=16070400, must-revalidate, proxy-revalidate
cf-ray
77f16e39fd67996e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 24 Jan 2023 11:37:45 GMT
Newspaper24hr.png
newspaper24hr.com/wp-content/uploads/2022/11/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newspaper24hr.com/wp-content/uploads/2022/11/Newspaper24hr.png
Requested by
Host: newspaper24hr.com
URL: https://newspaper24hr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc5382bb945da1c30c0696c156e53dd7edb352f813b9c0477d6a90bc074cb9ce

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:02:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1473
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14717
last-modified
Fri, 11 Nov 2022 07:24:10 GMT
server
cloudflare
etag
"636df89a-397d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vy6Q%2FkaKRGnl4XR4NlzsoVE2Jb9k2rcT0NP5xaLa8vc5AFliDoZNiS1p7vuDwZQ9vbkAXF4uuqOqR8GIjzKk92tg8uckJz3q7wkb%2B86W5n7RPdXRfDwOQkvgfKsMQHs413mPxgpOme23Cg4Z%2BmU9lA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=16070400, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
77f16e3b9f3a9b58-FRA
expires
Tue, 24 Jan 2023 11:37:46 GMT
OUT-2022-12-25T183714.348.png
newspaper24hr.com/wp-content/uploads/2022/12/ 		913 KB
913 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newspaper24hr.com/wp-content/uploads/2022/12/OUT-2022-12-25T183714.348.png
Requested by
Host: newspaper24hr.com
URL: https://newspaper24hr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfa2493d99c2b2cc53b8fad45d32331b4bf5cd4aff9845a675a9ede4b751632a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:02:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1473
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
934422
last-modified
Sun, 25 Dec 2022 11:37:29 GMT
server
cloudflare
etag
"63a835f9-e4216"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hMMauDZxAoc7Cs5hunPgu%2BxVXYCuCvJy1W%2FJPlXw1hjCM%2FmtCERD9nrXWsrBL%2B4PhABkG9am70sM8oNF8Q%2BiOEuWXV5lcMtNY9AXmJ%2FjDy1GgwZfmynbAgH1JZg4kkYRGrKOKhqoIitu0nuazkAP1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=16070400, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
77f16e3b9f3d9b58-FRA
expires
Tue, 24 Jan 2023 11:37:46 GMT
OUT-2022-12-25T182141.215.png
newspaper24hr.com/wp-content/uploads/2022/12/ 		287 KB
287 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newspaper24hr.com/wp-content/uploads/2022/12/OUT-2022-12-25T182141.215.png
Requested by
Host: newspaper24hr.com
URL: https://newspaper24hr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1173ba777b3e4488d4cdf527504532f00ec8f63ed41df67f27ab647b9aed3aaf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:02:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1471
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
293754
last-modified
Sun, 25 Dec 2022 11:27:01 GMT
server
cloudflare
etag
"63a83385-47b7a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HPcinbRVHoEB5VeiWDktVL3shVY88dfqR059FdIIYotOaskrWYeyiOKUOwEspfC2%2BuNdzHbhLAQORpFy6tjWKypwZoRs5fZbVCynnyvOfqdWK9WHQi1fvQF5m8Az%2BvyN8s4PI7uhJtO6j7%2FV0dTCCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=16070400, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
77f16e3b9f409b58-FRA
expires
Tue, 24 Jan 2023 11:37:47 GMT
liverpool-ace-mo-salah-criticized-by-fans-hg2.png
newspaper24hr.com/wp-content/uploads/2022/12/ 		439 KB
440 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newspaper24hr.com/wp-content/uploads/2022/12/liverpool-ace-mo-salah-criticized-by-fans-hg2.png
Requested by
Host: newspaper24hr.com
URL: https://newspaper24hr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aca66d64923c40c3e214b48960e205193496bf882763c8e45f0b2a1fc907a981

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:02:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1473
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
449533
last-modified
Sun, 25 Dec 2022 11:09:53 GMT
server
cloudflare
etag
"63a82f81-6dbfd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TKkfr2NxRSA91yYlvQLYwCsroceGB4QtAqkBt0yViZuqd0WKqz2aD88dROA7kW8on8oVChqjTd2gH0AwLUGCVraO1529Wm4KjR47kONo0viAIyEXyQSHleZ11D3EXgCG93JvQfuEttiNheBs5HGqdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=16070400, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
77f16e3b9f429b58-FRA
expires
Tue, 24 Jan 2023 11:37:46 GMT
mo-salah-criticized-by-fans-hg.png
newspaper24hr.com/wp-content/uploads/2022/12/ 		442 KB
443 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newspaper24hr.com/wp-content/uploads/2022/12/mo-salah-criticized-by-fans-hg.png
Requested by
Host: newspaper24hr.com
URL: https://newspaper24hr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fad48b3ed4bbe8d834a2546a0a5513b8900bef508fa1469ed2d6f895cf78b741

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:02:56 GMT
cf-cache-status
HIT
last-modified
Sun, 25 Dec 2022 11:00:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"63a82d36-6e75b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=og5rC0hLuYJiEPxUm1kzu6vy18rzS%2BPRBrxd327IAiCH1A6Q5L2Jp5OuJ7faqKv4Hfb60%2BgjzWPmlLvrSfeAdaazR0lwfDoNvOho%2FnnNg%2BtbyNdWFoc%2F%2FGZOU7FOCGMaVW4wOxfafA0vf7FiMQoDpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=16070400, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
77f16e3b9f459b58-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
452443
expires
Tue, 24 Jan 2023 11:37:51 GMT
OUT-2022-12-25T174917.861.png
newspaper24hr.com/wp-content/uploads/2022/12/ 		400 KB
400 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newspaper24hr.com/wp-content/uploads/2022/12/OUT-2022-12-25T174917.861.png
Requested by
Host: newspaper24hr.com
URL: https://newspaper24hr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f893626901db2901f0060345d43dabeee270c6e830556f9342cfdbcb7ad3ceae

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:02:56 GMT
cf-cache-status
HIT
last-modified
Sun, 25 Dec 2022 10:50:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"63a82adc-63e5b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RvuIgDDp6bGHEenmqDymklB%2FFG0sBWZCryZbad%2FSRlbMYTyj8U%2Fne%2FRL78Y9deTjNdr9QknpVTH6a3uX7l5ATpp8l0ddk2N9khW1QMDLSJW2PI55Z3OrhuZalrEsP7DRzYhsg8brlGRQJxaa1Fq4Pg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=16070400, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
77f16e3b9f489b58-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
409179
expires
Tue, 24 Jan 2023 11:38:05 GMT
sdgv35rgrwds.png
newspaper24hr.com/wp-content/uploads/2022/12/ 		264 KB
265 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newspaper24hr.com/wp-content/uploads/2022/12/sdgv35rgrwds.png
Requested by
Host: newspaper24hr.com
URL: https://newspaper24hr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f42d85744f918a245e7c6fa3f743f211ed8aed3905c0a981b26d8a346ddecc94

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:02:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1471
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
270261
last-modified
Sun, 25 Dec 2022 10:59:52 GMT
server
cloudflare
etag
"63a82d28-41fb5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ix5%2BqmgILlsH5wfyr05AgE%2FyG4w5YfoeU1kxCeBUNTQbPfnUgE6rkwZeCL2L3xveXbvEgfp1lrEhtgP1fikQ6OoF0FV%2FmZ%2BUJmRScBfxWVzmuyjNKBY3KuFoZwP8NYakzi8Y%2Boq6KvxueD%2BFUEkewQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=16070400, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
77f16e3b9f4c9b58-FRA
expires
Tue, 24 Jan 2023 11:37:47 GMT
sge24efdsd.png
newspaper24hr.com/wp-content/uploads/2022/12/ 		320 KB
321 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newspaper24hr.com/wp-content/uploads/2022/12/sge24efdsd.png
Requested by
Host: newspaper24hr.com
URL: https://newspaper24hr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af038ef0100222c016b742ab226a79132e6fba3c4ba96668a078f35bcc1870ad

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:02:56 GMT
cf-cache-status
HIT
last-modified
Sun, 25 Dec 2022 10:49:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"63a82acf-5009a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aPQ0VSGY%2BOyT%2B2bIy2mXQQklNsRVc6KEfTPgFWD2QpJLASTPNJr7crEqm%2FeFM83plKOUh9Y%2BX5ws1uawUDpOz4IceNnkH4tXMEuLPhRTbxyTBupQUmB47LiZJtkmrYRZqVpbDk3haKwxTmd6Dl6O6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=16070400, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
77f16e3b9f4d9b58-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
327834
expires
Tue, 24 Jan 2023 11:39:45 GMT
sg35rdasa.png
newspaper24hr.com/wp-content/uploads/2022/12/ 		392 KB
393 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newspaper24hr.com/wp-content/uploads/2022/12/sg35rdasa.png
Requested by
Host: newspaper24hr.com
URL: https://newspaper24hr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3e964425ce91482c1a2d1d995b57d9753cc95b34c1df430bd30c53296b31f8a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:02:56 GMT
cf-cache-status
HIT
last-modified
Sun, 25 Dec 2022 10:39:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"63a82878-62015"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0z9wU0fliIfrSCrf471FKYNut1%2F4AU8CFsZig%2FCVYKhHSMeDTQhs43wzfnL6VRzikM6JcAwU%2BJWp1otPtO4AaYFqPrAwCTCkuMFXzAMFaQSHAwo0BStPfd%2Fg8tmoVoQFm1hJAlkNIny44%2FXjroiFGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=16070400, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
77f16e3b9f4e9b58-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
401429
expires
Tue, 24 Jan 2023 11:40:26 GMT
youssoufa-chelsea-hg.png
newspaper24hr.com/wp-content/uploads/2022/12/ 		349 KB
350 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newspaper24hr.com/wp-content/uploads/2022/12/youssoufa-chelsea-hg.png
Requested by
Host: newspaper24hr.com
URL: https://newspaper24hr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
380a4b053e7400fac04dbcf92b3ddb156e2cb786f37f8cfcc20be111581bf811

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:02:56 GMT
cf-cache-status
HIT
last-modified
Sun, 25 Dec 2022 10:29:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"63a82620-5750f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4VtHjsWFjbRxclE3oRq%2FWkk4pCqzRXsZdJqLIc1M4rzh4UyYAXpGZwQAI8Mn0jMypP96mksqJ6APIKXeifWwgeFhajMsAQ5FNW4MKZr4Fm8GA8Grsv%2BjZqgFO5tenGNvxO5ZVekPeARbWzA9jsx18A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=16070400, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
77f16e3b9f509b58-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
357647
expires
Tue, 24 Jan 2023 11:40:26 GMT
T39109DPT0112-16.png
newspaper24hr.com/wp-content/uploads/2022/12/ 		283 KB
284 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newspaper24hr.com/wp-content/uploads/2022/12/T39109DPT0112-16.png
Requested by
Host: newspaper24hr.com
URL: https://newspaper24hr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
239d7995cbdb7a291cc0c4c38507d26a03579c24b07b63c9975d9bb7b19b181f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:02:56 GMT
cf-cache-status
HIT
last-modified
Sun, 25 Dec 2022 09:45:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"63a81bce-46c34"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UBQgV%2BhkNlyIUlCfH9LA9%2F8BDGoY5SzW8a3OnHocgtNoSsMUV3uNqzjSKTrWGL9VbPbowzipLS9J80sTFXhSbeDkc2CPWB2iyshARmV%2FXc4owKz57XHxVnhW4cBqdASXcp4wuDXGD0pJ%2BeTItbwACQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=16070400, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
77f16e3b9f539b58-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
289844
expires
Tue, 24 Jan 2023 11:38:20 GMT
email-decode.min.js
newspaper24hr.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newspaper24hr.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: newspaper24hr.com
URL: https://newspaper24hr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:02:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 20 Dec 2022 16:36:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63a1e484-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1QKlxM%2B5l4KJLScFpu5oNM1%2FkBNJ4LSNcF9atjdVZBXAiVs9DDOq%2B8ArFZjcxsVGQi%2FSgxEzEPMYzt3oiZUBHuExrb7njkNkN5BXp2qh5HUJagdUfJdGws28zsdSHjhrLhZDElw4VO2UNGGGq%2Fbe2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
77f16e3a5c6c9b58-FRA
expires
Tue, 27 Dec 2022 12:02:55 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/ 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js
Requested by
Host: newspaper24hr.com
URL: https://newspaper24hr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://newspaper24hr.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:02:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1346037
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29363
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-169d5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QzSnV6lpMylH%2B99V8zinNyfszNIabnet6LQuXJsia%2F1Z3DUquBKF%2BjvrIhMQPDgVuQYqliSmrZielr4gpBBoGHBHBq0UKGmL%2B4iZPcJ%2Bp6QmIZ4dkEsacBhtzvcM1l7RZTEPro%2B4ZiPOH%2FX99Dn%2FD9Lq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77f16e3af84a902a-FRA
expires
Fri, 15 Dec 2023 12:02:55 GMT
scripts.min.js
newspaper24hr.com/wp-content/themes/theme-traffic-vietnam/assets/js/ 		239 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newspaper24hr.com/wp-content/themes/theme-traffic-vietnam/assets/js/scripts.min.js
Requested by
Host: newspaper24hr.com
URL: https://newspaper24hr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24e483cf79c921bb269b9979c7ef21d99d37355abce860d4335ccd1140b2e5e6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:02:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 28 Sep 2021 02:57:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1473
etag
W/"615284b7-3bb95"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lm%2BzjPBu4FP%2BvBzDGJyMlo6vNMjA2jo8FRKsxEGeD2aRK6WOjI%2BbQKtiZmCUz%2BK%2F00%2BI4NOfKMdh7ujF5O3TKRdJ4UhdHWY5UywQqeSbGKvq8e9hFGGAgQxZK1Y9eYNO3zkEmpT4gSlU4vzixtCDVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=16070400, must-revalidate, proxy-revalidate
cf-ray
77f16e3b2e409b58-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 24 Jan 2023 11:37:46 GMT
aos.js
newspaper24hr.com/wp-content/plugins/ad-inserter-pro/includes/aos/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newspaper24hr.com/wp-content/plugins/ad-inserter-pro/includes/aos/aos.js?ver=2.7.22
Requested by
Host: newspaper24hr.com
URL: https://newspaper24hr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
867ce49f14ef2fb0cad46608ca0cc05bfb437d71457563b71e522e0dd66b5905

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:02:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 04 Nov 2022 09:51:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1474
etag
W/"6364e085-36a3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NL4szQYKCoL4WsT96EMDHnhH%2BxFDvZjqO1hkmv0YMINcyXTKwXR%2BZevXrLj%2B%2FLdNArnhprF7yiCEEXo5kAhJtA0HjCtRrbWVDsczLePbHfTPky0r7q9vqAJo6Jp4vd6h6W2QMxr1mYBbatjV6%2Ff4ww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=16070400, must-revalidate, proxy-revalidate
cf-ray
77f16e3b8ef29b58-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 24 Jan 2023 11:37:46 GMT
index.js
newspaper24hr.com/wp-content/plugins/contact-form-7/includes/swv/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newspaper24hr.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.1
Requested by
Host: newspaper24hr.com
URL: https://newspaper24hr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:02:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 16 Dec 2022 09:00:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1474
etag
W/"639c33c2-2945"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qKIgfIeIzGlOFqR0j%2FPq96euvVX0ayya8bH%2FGDA0omyEwMz0FM7PFzDtOwLbtHleDW36JMtvn8MpP%2Bd5bzmGquIi83ymt6QigrVjzdUJ5Y9PEYOyjFjMm3RsslMnzD4qus431htIQVuGz%2BKw%2Bdbk9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=16070400, must-revalidate, proxy-revalidate
cf-ray
77f16e3b9f1e9b58-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 24 Jan 2023 11:37:46 GMT
index.js
newspaper24hr.com/wp-content/plugins/contact-form-7/includes/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newspaper24hr.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.1
Requested by
Host: newspaper24hr.com
URL: https://newspaper24hr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f84293668b02b8c83c20c5c2cf51f8a5a64ac5a15d34be26c85382496b107700

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:02:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 16 Dec 2022 09:00:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1474
etag
W/"639c33c2-316c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OTFePu5VzQpkcHxGoppZkgT7dREATXsYYOYTDUQgluIM7XGndr7M1%2F4ZKNiuqjvwcflrR8Lnl85atYyI0dexOB5DVjt%2F%2FFDGmvvVvKuG%2BW9NLcC%2F%2B8adfsDfbipTYFw8gKsB3IDtUzK53E45ZKGAvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=16070400, must-revalidate, proxy-revalidate
cf-ray
77f16e3b9f2d9b58-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 24 Jan 2023 11:37:46 GMT
api.js
www.google.com/recaptcha/ 		884 B
997 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LduzTIjAAAAAJasgwt-GI55LU-BJY6ejL6gi5Pk&ver=3.0
Requested by
Host: newspaper24hr.com
URL: https://newspaper24hr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b155b9882e08f1bea77d45dcb9432c0b70bcd39464f29d58833b2e65ab2a1bce
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:02:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
584
x-xss-protection
1; mode=block
expires
Sun, 25 Dec 2022 12:02:56 GMT
regenerator-runtime.min.js
newspaper24hr.com/wp-includes/js/dist/vendor/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newspaper24hr.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by
Host: newspaper24hr.com
URL: https://newspaper24hr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:02:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 25 May 2022 01:35:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1474
etag
W/"628d87fd-194b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0EsPW4GItqI%2FDPS8RTqcjMS7JDvJ5z6KBjGaE8saUFindxPeaOJwVqAFrxQvwyqLwCG6lpQvnD90MpsHkTzPxXhFz6lHheevY4zhsU2KhbXhVhZ5jpGrnzIsDc67IbzwTX90Cx%2BcYv1SYoGBpkWR5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=16070400, must-revalidate, proxy-revalidate
cf-ray
77f16e3b9f339b58-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 24 Jan 2023 11:37:46 GMT
wp-polyfill.min.js
newspaper24hr.com/wp-includes/js/dist/vendor/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newspaper24hr.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: newspaper24hr.com
URL: https://newspaper24hr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:02:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 02 Nov 2022 01:35:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1474
etag
W/"6361c950-459f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DJsa6w1NbE1Nj5kddrkW%2FGQFW6e1H3g%2B5HL4y1CE5pI9FN0j87JexzsS7zG2e%2F%2BLvDuXhHY0L7%2BCqGefUEybhpNGtfeuoKY4B3sgsF%2B9YriRA60jnl4GJ86UHVr5Pgk4xS%2Bn9ME2MnUsNp3HuolcOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=16070400, must-revalidate, proxy-revalidate
cf-ray
77f16e3b9f379b58-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 24 Jan 2023 11:37:46 GMT
index.js
newspaper24hr.com/wp-content/plugins/contact-form-7/modules/recaptcha/ 		999 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newspaper24hr.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.7.1
Requested by
Host: newspaper24hr.com
URL: https://newspaper24hr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2648a1333fa24d383fd73a6beaac17156ae78f4267ff7407ad60e05a788df44c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:02:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 16 Dec 2022 09:00:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1474
etag
W/"639c33c2-3e7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5bVodeAY3%2FdEwICVidIFMt5sh4S%2FKrzQHADJqKmZw6ohvKb2oBDx7ve6%2F7ivUCrgzbjLFRmNZeHofuEOEPNxYWwpWqTEl%2F6lUEDJF2ybO2O33xFNu9RO4slX8jwDrrVxWN5GGLSUUJOr66VkHBpj6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=16070400, must-revalidate, proxy-revalidate
cf-ray
77f16e3b9f389b58-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 24 Jan 2023 11:37:46 GMT
hb.js
cdn.unibots.in/headerbidding/common/ 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibots.in/headerbidding/common/hb.js
Requested by
Host: cdn.unibots.in
URL: https://cdn.unibots.in/headerbidding/common/hb_new.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-10.bunnyinfra.net
Software
BunnyCDN-DE1-1053 /
Resource Hash
6dd3d9e1620710f847284e7c592281e2b252a82d7e14fe9cc3811ba27581b9d8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:02:55 GMT
content-encoding
br
cdn-edgestorageid
755
cdn-storageserver
DE-199
cdn-cachedat
12/20/2022 11:15:48
cdn-pullzone
483488
last-modified
Tue, 20 Dec 2022 07:16:36 GMT
server
BunnyCDN-DE1-1053
cdn-fileserver
311
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"63a16154-ee3e"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
9765d5b2e22d8d118f3f812a66540e39
cdn-requestcountrycode
NL
cdn-status
200
cdn-requestpullsuccess
True
fontawesome-webfont.woff2
newspaper24hr.com/wp-content/themes/theme-traffic-vietnam/assets/fonts/fontawesome/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://newspaper24hr.com/wp-content/themes/theme-traffic-vietnam/assets/fonts/fontawesome/fontawesome-webfont.woff2
Requested by
Host: newspaper24hr.com
URL: https://newspaper24hr.com/wp-content/themes/theme-traffic-vietnam/assets/css/style.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://newspaper24hr.com/wp-content/themes/theme-traffic-vietnam/assets/css/style.min.css
Origin
https://newspaper24hr.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:02:55 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1464
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
x-xss-protection
1; mode=block
last-modified
Wed, 29 Sep 2021 02:55:16 GMT
server
cloudflare
etag
"6153d594-12d68"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9DqUixDHzQj5wpwwSIex8OiXhpJF0yzRDri1vbu1WEmEKzEYLs3lFrc8A9axAD1X8m4nw1lHZGQ7DTllYHrRUl7uai0vPw3aXeJKsCiyBeUK2%2Fz4ds0KEK%2BSunoLH%2F4bAqoIqW%2FacIQXhJRFK7KbBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
vary
Accept-Encoding
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
77f16e3baf559b58-FRA
tiefonticon.ttf
newspaper24hr.com/wp-content/themes/theme-traffic-vietnam/assets/fonts/tiefonticon/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://newspaper24hr.com/wp-content/themes/theme-traffic-vietnam/assets/fonts/tiefonticon/tiefonticon.ttf
Requested by
Host: newspaper24hr.com
URL: https://newspaper24hr.com/wp-content/themes/theme-traffic-vietnam/assets/css/style.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e5fe3d9f3103e880a68f6ce8ab0d505eea2b6ea38daf1b873304cb6f837cbe4

Request headers

Referer
https://newspaper24hr.com/wp-content/themes/theme-traffic-vietnam/assets/css/style.min.css
Origin
https://newspaper24hr.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:02:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1464
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8916
last-modified
Wed, 29 Sep 2021 02:34:05 GMT
server
cloudflare
etag
"6153d09d-22d4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b3Rn1Mb5vnzv1lc4zzEaNO64bATJdtE73E2H550Dpb8COaju6dQf9MZBSvnliowmukniYAHjFw8okyxUpekgjwFpQvRpDVc0DzBU0s04U8mVCMqrC58LQqt4AZf%2FUtyZf6ZITHOexHvy78rmtmgvpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
public, max-age=16070400, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
77f16e3bdfac9b58-FRA
expires
Tue, 24 Jan 2023 11:37:46 GMT
recaptcha__nl.js
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ 		405 KB
406 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__nl.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LduzTIjAAAAAJasgwt-GI55LU-BJY6ejL6gi5Pk&ver=3.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4234c8d55104f2d3be250bcfc0a9e3cf8f4bb26381dc5c9ac01dd9054df556f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newspaper24hr.com/
Origin
https://newspaper24hr.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 03:15:01 GMT
x-content-type-options
nosniff
age
550075
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
414914
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 05:24:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Dec 2023 03:15:01 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-189072159-7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 25 Dec 2022 10:36:51 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
5165
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sun, 25 Dec 2022 12:36:51 GMT
collect
region1.analytics.google.com/g/ 		0
339 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-PX3PZ6Q9RG&gtm=2oebu0&_p=2058546669&_gaz=1&cid=1453853494.1671969776&ul=en-us&sr=1600x1200&_s=1&sid=1671969776&sct=1&seg=0&dl=https%3A%2F%2Fnewspaper24hr.com%2F&dt=NewsPaper24hr&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PX3PZ6Q9RG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 12:02:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://newspaper24hr.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
348 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-PX3PZ6Q9RG&cid=1453853494.1671969776&gtm=2oebu0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PX3PZ6Q9RG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 12:02:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://newspaper24hr.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-PX3PZ6Q9RG&cid=1453853494.1671969776&gtm=2oebu0&aip=1&z=1613164696
Requested by
Host: newspaper24hr.com
URL: https://newspaper24hr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 12:02:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame B6C8 		42 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LduzTIjAAAAAJasgwt-GI55LU-BJY6ejL6gi5Pk&co=aHR0cHM6Ly9uZXdzcGFwZXIyNGhyLmNvbTo0NDM.&hl=nl&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=kuff058zhcdo
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__nl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
489003db4fbeb42106a1b5f26f9e232cefcb6e40f53c0401813aaae21edd12aa
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vyMM9t2_m9Sd9qsjJXPDlw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://newspaper24hr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22206
content-security-policy
script-src 'report-sample' 'nonce-vyMM9t2_m9Sd9qsjJXPDlw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 25 Dec 2022 12:02:56 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=2058546669&t=pageview&_s=1&dl=https%3A%2F%2Fnewspaper24hr.com%2F&ul=en-us&de=UTF-8&dt=NewsPaper24hr&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1439441699&gjid=423870253&cid=1453853494.1671969776&tid=UA-189072159-7&_gid=1420945115.1671969776&_r=1&gtm=2oubu0&z=694193212
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://newspaper24hr.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 12:02:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://newspaper24hr.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
newspaper24hr.json
cdn.unibots.in/headerbidding/ 		13 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.unibots.in/headerbidding/newspaper24hr.json
Requested by
Host: cdn.unibots.in
URL: https://cdn.unibots.in/headerbidding/common/hb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-10.bunnyinfra.net
Software
BunnyCDN-DE1-1053 /
Resource Hash
666f361cf3679b5681fc4d9d4c15214aa5b81649c0197f0e6ceff79bef13b03a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:02:56 GMT
content-encoding
gzip
cdn-edgestorageid
1047
cdn-storageserver
DE-168
cdn-cachedat
12/24/2022 07:11:22
cdn-pullzone
483488
last-modified
Sat, 24 Dec 2022 07:11:19 GMT
server
BunnyCDN-DE1-1053
cdn-fileserver
478
cdn-requestpullcode
206
cdn-proxyver
1.03
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
3ef20939066de47bb3ac997b82c8c9e0
cdn-requestcountrycode
NL
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
styles__ltr.css
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame B6C8 		52 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LduzTIjAAAAAJasgwt-GI55LU-BJY6ejL6gi5Pk&co=aHR0cHM6Ly9uZXdzcGFwZXIyNGhyLmNvbTo0NDM.&hl=nl&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=kuff058zhcdo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 16:18:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
157454
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24262
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 05:24:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 23 Dec 2023 16:18:42 GMT
recaptcha__nl.js
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame B6C8 		405 KB
405 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__nl.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LduzTIjAAAAAJasgwt-GI55LU-BJY6ejL6gi5Pk&co=aHR0cHM6Ly9uZXdzcGFwZXIyNGhyLmNvbTo0NDM.&hl=nl&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=kuff058zhcdo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4234c8d55104f2d3be250bcfc0a9e3cf8f4bb26381dc5c9ac01dd9054df556f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 03:15:01 GMT
x-content-type-options
nosniff
age
550075
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
414914
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 05:24:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Dec 2023 03:15:01 GMT
newspaper24hr.css
cdn.unibots.in/headerbidding/css/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibots.in/headerbidding/css/newspaper24hr.css
Requested by
Host: cdn.unibots.in
URL: https://cdn.unibots.in/headerbidding/common/hb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-10.bunnyinfra.net
Software
BunnyCDN-DE1-1053 /
Resource Hash
fb6040f85f5e91a4d1467a6d581cca48b3c235b16c975f00c5067f296a60079f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:02:56 GMT
content-encoding
br
cdn-edgestorageid
865
cdn-storageserver
DE-165
cdn-cachedat
12/21/2022 15:19:09
cdn-pullzone
483488
last-modified
Sat, 17 Dec 2022 07:26:07 GMT
server
BunnyCDN-DE1-1053
cdn-fileserver
436
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"639d6f0f-c3b"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
b0ad4b722e519ce584dcdd98c1de8e56
cdn-requestcountrycode
NL
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
js
www.googletagmanager.com/gtag/ 		224 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-LMZRVE8HGJ
Requested by
Host: cdn.unibots.in
URL: https://cdn.unibots.in/headerbidding/common/hb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a579042c36199d8bd54cdfd46465f39fc147fa9d84db396bddf0ca4a3e7cb4f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:02:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78999
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 25 Dec 2022 12:02:56 GMT
js
www.googletagmanager.com/gtag/ 		224 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-LMZRVE8HGJ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-189072159-7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3e8e7aedea52f632ed3a1dfc7fe052da1003344896a4412ec7686827a7f7293c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:02:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78971
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 25 Dec 2022 12:02:56 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.unibots.in
URL: https://cdn.unibots.in/headerbidding/common/hb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2456b1d45a2509aed4032ad6f95a368f9b0202db240666b6b798728c8d0205db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:02:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27666
x-xss-protection
0
server
sffe
etag
"1431 / 706 of 1000 / last-modified: 1670587582"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 25 Dec 2022 12:02:56 GMT
adScript.js
cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/ 		374 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScript.js
Requested by
Host: cdn.unibots.in
URL: https://cdn.unibots.in/headerbidding/common/hb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb186c331c443b3d4152bc07f91c1d0595f1f0d10303774bbe30454124c87f91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:02:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
15108
x-jsd-version
2.3.96
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230139-FRA, cache-yyz4524-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"5d865-RXas/aYuPFOyub9+Equ60FVNOOE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y7QxX3ShH0GdZrpWaQPqkI4HPX3LJ%2BByjy3WPkMrvn%2FckmIHHLP5Gl7awSVLXmhuicHxpEo65Wt%2B9rhHoe62MpKy1O1eeMb8HPcHyvuS3Ca92mzwh2ygpstmWgunrsFP7Vr1hZFzVAVvW0DHXxQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
77f16e403f579974-FRA
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame B6C8 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 19:40:09 GMT
x-content-type-options
nosniff
age
231767
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 29 Dec 2022 19:40:09 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B6C8 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LduzTIjAAAAAJasgwt-GI55LU-BJY6ejL6gi5Pk&co=aHR0cHM6Ly9uZXdzcGFwZXIyNGhyLmNvbTo0NDM.&hl=nl&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=kuff058zhcdo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:17:50 GMT
x-content-type-options
nosniff
age
85506
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Dec 2023 12:17:50 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B6C8 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LduzTIjAAAAAJasgwt-GI55LU-BJY6ejL6gi5Pk&co=aHR0cHM6Ly9uZXdzcGFwZXIyNGhyLmNvbTo0NDM.&hl=nl&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=kuff058zhcdo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 22:21:19 GMT
x-content-type-options
nosniff
age
481297
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Dec 2023 22:21:19 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame B6C8 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=nl&v=5qcenVbrhOy8zihcc2aHOWD4
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LduzTIjAAAAAJasgwt-GI55LU-BJY6ejL6gi5Pk&co=aHR0cHM6Ly9uZXdzcGFwZXIyNGhyLmNvbTo0NDM.&hl=nl&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=kuff058zhcdo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ee251ef9ee193fc016b4005fb344d430bd47b6f3bf77f0e74d60e4dfacc0e055
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LduzTIjAAAAAJasgwt-GI55LU-BJY6ejL6gi5Pk&co=aHR0cHM6Ly9uZXdzcGFwZXIyNGhyLmNvbTo0NDM.&hl=nl&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=kuff058zhcdo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:02:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Sun, 25 Dec 2022 12:02:56 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-LMZRVE8HGJ&gtm=2oebu0&_p=2058546669&cid=1453853494.1671969776&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1671969776&sct=1&seg=0&dl=https%3A%2F%2Fnewspaper24hr.com%2F&dt=NewsPaper24hr&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LMZRVE8HGJ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 12:02:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://newspaper24hr.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022120701.js
securepubads.g.doubleclick.net/gpt/ 		382 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071294
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2f8c7997f52d388163a69b8832524663fd4b607f83cdb13ed9c6e928ad71fac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:30:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
383528
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132289
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 09:34:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 21 Dec 2023 01:30:49 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		196 B
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=newspaper24hr.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d6e1feb298b77d45c6250074b727338544625f8116147699e082fbaa9c2fb127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:02:57 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
94
x-xss-protection
0
expires
Sun, 25 Dec 2022 12:02:57 GMT
newspaper24hr.js
cdn.unibots.in/headerbidding/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibots.in/headerbidding/js/newspaper24hr.js
Requested by
Host: cdn.unibots.in
URL: https://cdn.unibots.in/headerbidding/common/hb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-10.bunnyinfra.net
Software
BunnyCDN-DE1-1053 /
Resource Hash
557506851199f3c143645f829af47c11b2f98604ba89934362699df6ab1a753f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:02:57 GMT
content-encoding
br
cdn-edgestorageid
864
cdn-storageserver
DE-165
cdn-cachedat
12/22/2022 05:54:38
cdn-pullzone
483488
last-modified
Thu, 22 Dec 2022 05:54:29 GMT
server
BunnyCDN-DE1-1053
cdn-fileserver
438
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"63a3f115-1e39"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
14e0805406afef474315dbfc4f66626b
cdn-requestcountrycode
NL
cdn-status
200
cdn-requestpullsuccess
True
reload
www.google.com/recaptcha/api2/ Frame B6C8 		32 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LduzTIjAAAAAJasgwt-GI55LU-BJY6ejL6gi5Pk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__nl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bd52935511fa927b511d5379a8de2c82f50bd68dfbb30a2a30f7d02456340673
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LduzTIjAAAAAJasgwt-GI55LU-BJY6ejL6gi5Pk&co=aHR0cHM6Ly9uZXdzcGFwZXIyNGhyLmNvbTo0NDM.&hl=nl&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=kuff058zhcdo
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Sun, 25 Dec 2022 12:02:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18676
x-xss-protection
1; mode=block
expires
Sun, 25 Dec 2022 12:02:57 GMT
h.js
cdn.unblockia.com/ 		150 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unblockia.com/h.js
Requested by
Host: cdn.unibots.in
URL: https://cdn.unibots.in/headerbidding/js/newspaper24hr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:fc00:12:abfb:9280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d0dbc85cf3f26fd439ac581c0d779df96bccf4c628b54d96ce1d058092205770

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
ULEk67_ixujKfz5k3KWbm1vPDZeF3pj6
content-encoding
br
via
1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
date
Sat, 24 Dec 2022 13:08:06 GMT
x-amz-cf-pop
FRA60-P4
age
82492
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:987257285531:build/unblockia-loader-codebuild-project:b27a0724-c05c-43be-9f0b-e686c284fd48
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
a083cd542f30fb49b1f4a772c0402c5a
last-modified
Fri, 23 Dec 2022 13:06:30 GMT
server
AmazonS3
etag
W/"a8b5b5e1efde3da4b586add66e96bbf9"
vary
Accept-Encoding, Origin
content-type
application/x-javascript
x-amz-meta-codebuild-content-sha256
4e687c88c5680164933103bf256fc745c23cf0803f53c7b580599cbaa67a0e96
x-amz-cf-id
5e2LcPuhKQH6C6eqv1maV0sltKqWVey6_NW08IRnFMBtClrvs-3NcA==
sync
spadsync.com/ 		0
90 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spadsync.com/sync?snowflake=a4e54a80-9bec-45fd-bea9-377420a611fe7174&sspid=Onp&ssphost=newspaper24hr.com
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScript.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.61.23 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-61-23.eu-west-2.compute.amazonaws.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newspaper24hr.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://newspaper24hr.com
date
Sun, 25 Dec 2022 12:02:57 GMT
server
openresty
prebid
id5-sync.com/api/config/ 		135 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScript.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
0b47ec96c472c2aa059fede00c7611d73a993fcda0b6c18d50778e6b7371bb33
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://newspaper24hr.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://newspaper24hr.com
date
Sun, 25 Dec 2022 12:02:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
apstag.js
c.amazon-adsystem.com/aax2/ 		178 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cdn.unibots.in
URL: https://cdn.unibots.in/headerbidding/common/hb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-28-197.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1a718e27fd0df6d791b9038ae5640afdd677afa35b5e080ce20118a9e11553c4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 11:35:08 GMT
content-encoding
gzip
via
1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront), 1.1 dca6db3c8f31f3cd48bb06d78a8be624.cloudfront.net (CloudFront)
last-modified
Thu, 22 Dec 2022 18:13:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1, FRA56-C2
age
1670
x-amz-server-side-encryption
AES256
etag
W/"01691be6486b0003601b7299d35deebf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
xixf01n_KXK9sM9igyuzrlf20RD1DWs_EKz2sktSM_fKQ3MbkFSlHA==
/
pro.ip-api.com/json/ 		39 B
194 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json/?fields=status,message,countryCode&key=LWKtz4EzQwMJRyQ
Requested by
Host: cdn.unibots.in
URL: https://cdn.unibots.in/headerbidding/common/hb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS
de-fra-1.pro.ip-api.com
Software
/
Resource Hash
eb3a0b1cf44ea9ee81a7ce04b2770c7484a35ad54e15f415e51004b01e6e834f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 25 Dec 2022 12:02:57 GMT
Content-Length
39
Content-Type
application/json; charset=utf-8
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScript.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
c187e74b2e6438a570aac7fd78fa80c8002ec7bf959dda3bf441d9d1f0875697
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://newspaper24hr.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://newspaper24hr.com
date
Sun, 25 Dec 2022 12:02:57 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
49 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?test_adblock=true
Requested by
Host: cdn.unblockia.com
URL: https://cdn.unblockia.com/h.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f0468c0b0114ec41ecb191a223b6d0174686dc948a1a68b28e26ddf63f0cc801
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:02:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49499
x-xss-protection
0
server
cafe
etag
5706511302686031189
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 25 Dec 2022 12:02:57 GMT
21928950349
fundingchoicesmessages.google.com/i/ 		114 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/21928950349?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071294
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f73b49765455453b637de853a1bbbb8f8dd72485cab3c4f46643d88178fb3503
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-DI7tPTSuPZH2xvwwtf2S0g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:02:57 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-DI7tPTSuPZH2xvwwtf2S0g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fnewspaper24hr.com&pubid=8282b9c6-324d-4939-b1ea-958d67a9e637
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-28-197.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 08:01:38 GMT
via
1.1 dca6db3c8f31f3cd48bb06d78a8be624.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C2
age
14478
x-cache
Hit from cloudfront
access-control-allow-origin
https://newspaper24hr.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
K1PXZEt4iQiFyenkUMRFzA42W3l_jYHRI7G1ujNkxgJAvGuYYOObmQ==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		23 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnewspaper24hr.com%2F&pid=9YAwYgJS7UpUx&cb=0&ws=1600x1200&v=22.1213.2134&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1671189523315-0%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22%2F21928950349%2C22801623627%2Fnewspaper24_desktop_siderail_300x600%22%7D%2C%7B%22sd%22%3A%22ub-anchor%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F21928950349%2C22801623627%2Fnewspaper24_desktop_anchor_728x90_970x90%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1671188421448-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F21928950349%2C22801623627%2Fnewspaper24_desktop_header_728x90%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1671188451343-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F21928950349%2C22801623627%2Fnewspaper24_desktop_siderail_300x250_336x280%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1671188572416-0%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F21928950349%2C22801623627%2Fnewspaper24_inarticle1_336x280%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1671188640668-0%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F21928950349%2C22801623627%2Fnewspaper24_inarticle2_336x280%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1671188680488-0%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F21928950349%2C22801623627%2Fnewspaper24_inarticle3_336x280%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1671188712084-0%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F21928950349%2C22801623627%2Fnewspaper24_inarticle4_336x280%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1671188743121-0%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F21928950349%2C22801623627%2Fnewspaper24_inarticle5_336x280%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1671188938393-0%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F21928950349%2C22801623627%2Fnewspaper24_inarticle6_336x280%22%7D%2C%7B%22sd%22%3A%22ub-popup%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F21928950349%2C22801623627%2Fnewspaper24_popup_300x250_300x600%22%7D%5D&schain=1.0%2C1!unibots.in%2C569%2C1%2C%2C%2C&pubid=8282b9c6-324d-4939-b1ea-958d67a9e637&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.121.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-121-86.bud50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:02:57 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 eb9781eaf534229bf5ad50a1b819581a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
BUD50-C1
x-amz-rid
KRAR2GSWDM25Z7MFCQJY
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://newspaper24hr.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
ircBckoZsiGggCUb9VwspfPM-DfG6cYkOVQkGU0UD4QeZ5toqdssXw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-28-197.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
content-encoding
gzip
via
1.1 3fdf3aacaef6ec40c4eedb85c8144da2.cloudfront.net (CloudFront)
date
Sun, 25 Dec 2022 01:29:50 GMT
x-amz-cf-pop
FRA56-C2
age
39376
x-cache
Hit from cloudfront
last-modified
Fri, 23 Dec 2022 01:05:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
vHSFZa-yT9gq6WbiaqVl3B-KQb0cP5q5GvBGHJig3k3cQvhLp4rdWQ==
438.json
id5-sync.com/g/v2/ 		216 B
627 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/438.json
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScript.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
50ff87739edea54878c17d0aa2867138a441a1db736c9e02e097e3e353c9e5b5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://newspaper24hr.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://newspaper24hr.com
date
Sun, 25 Dec 2022 12:02:57 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
prebid-request
onetag-sys.com/ 		15 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScript.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://newspaper24hr.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://newspaper24hr.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
arj
unibots-d.openx.net/w/1.0/ 		73 B
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://unibots-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fnewspaper24hr.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=04c2f3e4-039d-41bf-ac79-0a12232c1b44%2Cb4c348ba-15b7-4af6-8a00-6906037d8bac%2C00395263-fb5b-4867-81a6-f5ba114b2700%2C9abd0c7e-06ea-45da-bd16-f444576a3e77%2Ceafd342b-34c0-405f-baff-416aed7271c5%2Cbce9ee74-0ad9-408d-bf5d-bf9e0cc73095%2C90bfb420-a5e0-4388-8c42-56ed90d07cb3%2C082cba6a-ad36-46d2-a7ce-99ffc068317e%2C57e6773a-ba1e-43ec-adca-79cf5f2a81da%2Ccfa4994c-f37b-46b7-a97f-ac8e56f75f55&nocache=1671969777434&id5id=0&novatiqid=a4e54a80-9bec-45fd-bea9-377420a611fe7174&schain=1.0%2C1!unibots.in%2C569%2C1%2C%2C%2C!152media.info%2C152M49%2C1%2C%2C%2C!pubmatic.com%2C159939%2C1%2C%2C%2C!appnexus.com%2C11798%2C1%2C%2C%2C!onetag.com%2C60c32c42465aac2%2C1%2C%2C%2C!openx.com%2C541212869%2C1%2C%2C%2C!rubiconproject.com%2C23976%2C1%2C%2C%2C&aus=300x600%7C728x90%2C970x90%7C728x90%7C300x250%2C336x280%7C336x280%2C300x250%7C336x280%2C300x250%7C336x280%2C300x250%7C336x280%2C300x250%7C336x280%2C300x250%7C336x280%2C300x250&divids=%252F21928950349%252C22801623627%252Fnewspaper24_desktop_siderail_300x600%2C%252F21928950349%252C22801623627%252Fnewspaper24_desktop_anchor_728x90_970x90%2C%252F21928950349%252C22801623627%252Fnewspaper24_desktop_header_728x90%2C%252F21928950349%252C22801623627%252Fnewspaper24_desktop_siderail_300x250_336x280%2C%252F21928950349%252C22801623627%252Fnewspaper24_inarticle1_336x280%2C%252F21928950349%252C22801623627%252Fnewspaper24_inarticle2_336x280%2C%252F21928950349%252C22801623627%252Fnewspaper24_inarticle3_336x280%2C%252F21928950349%252C22801623627%252Fnewspaper24_inarticle4_336x280%2C%252F21928950349%252C22801623627%252Fnewspaper24_inarticle5_336x280%2C%252F21928950349%252C22801623627%252Fnewspaper24_inarticle6_336x280&aucs=%252F21928950349%252C22801623627%252Fnewspaper24_desktop_siderail_300x600%2C%252F21928950349%252C22801623627%252Fnewspaper24_desktop_anchor_728x90_970x90%2C%252F21928950349%252C22801623627%252Fnewspaper24_desktop_header_728x90%2C%252F21928950349%252C22801623627%252Fnewspaper24_desktop_siderail_300x250_336x280%2C%252F21928950349%252C22801623627%252Fnewspaper24_inarticle1_336x280%2C%252F21928950349%252C22801623627%252Fnewspaper24_inarticle2_336x280%2C%252F21928950349%252C22801623627%252Fnewspaper24_inarticle3_336x280%2C%252F21928950349%252C22801623627%252Fnewspaper24_inarticle4_336x280%2C%252F21928950349%252C22801623627%252Fnewspaper24_inarticle5_336x280%2C%252F21928950349%252C22801623627%252Fnewspaper24_inarticle6_336x280&auid=558602974%2C558602972%2C557951072%2C558602973%2C558602977%2C558602979%2C558602980%2C558602981%2C558602982%2C558602983
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScript.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
102a130fabc5d6f984a7a366a00ea03e22702b2164de2c4a9ed5689b80ed56d1

Request headers

Referer
https://newspaper24hr.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 12:02:57 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://newspaper24hr.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		1 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23976&site_id=400078&zone_id=2693882&size_id=10%3B2%3B2%3B15%3B15%3B15%3B15%3B15%3B15%3B15&alt_size_ids=%3B55%3B%3B16%3B16%3B16%3B16%3B16%3B16%3B16&rp_schain=1.0,1!unibots.in,569,1,,,!152media.info,152M49,1,,,!pubmatic.com,159939,1,,,!appnexus.com,11798,1,,,!onetag.com,60c32c42465aac2,1,,,!openx.com,541212869,1,,,!rubiconproject.com,23976,1,,,&eid_id5-sync.com=0%5E1%5E&eid_novatiq.com=a4e54a80-9bec-45fd-bea9-377420a611fe7174%5E1&rf=https%3A%2F%2Fnewspaper24hr.com%2F&tg_i.page=https%3A%2F%2Fnewspaper24hr.com%2F&tg_i.domain=newspaper24hr.com&tg_i.pbadslot=%2F21928950349%2C22801623627%2Fnewspaper24_desktop_siderail_300x600%3B%2F21928950349%2C22801623627%2Fnewspaper24_desktop_anchor_728x90_970x90%3B%2F21928950349%2C22801623627%2Fnewspaper24_desktop_header_728x90%3B%2F21928950349%2C22801623627%2Fnewspaper24_desktop_siderail_300x250_336x280%3B%2F21928950349%2C22801623627%2Fnewspaper24_inarticle1_336x280%3B%2F21928950349%2C22801623627%2Fnewspaper24_inarticle2_336x280%3B%2F21928950349%2C22801623627%2Fnewspaper24_inarticle3_336x280%3B%2F21928950349%2C22801623627%2Fnewspaper24_inarticle4_336x280%3B%2F21928950349%2C22801623627%2Fnewspaper24_inarticle5_336x280%3B%2F21928950349%2C22801623627%2Fnewspaper24_inarticle6_336x280&tk_flint=ubpbjs_lite_v7.26.0&x_source.tid=04c2f3e4-039d-41bf-ac79-0a12232c1b44%3Bb4c348ba-15b7-4af6-8a00-6906037d8bac%3B00395263-fb5b-4867-81a6-f5ba114b2700%3B9abd0c7e-06ea-45da-bd16-f444576a3e77%3Beafd342b-34c0-405f-baff-416aed7271c5%3Bbce9ee74-0ad9-408d-bf5d-bf9e0cc73095%3B90bfb420-a5e0-4388-8c42-56ed90d07cb3%3B082cba6a-ad36-46d2-a7ce-99ffc068317e%3B57e6773a-ba1e-43ec-adca-79cf5f2a81da%3Bcfa4994c-f37b-46b7-a97f-ac8e56f75f55&l_pb_bid_id=248793b92b19161%3B255a0793f24bb8b%3B26f7dc60549048a%3B27cbc24ccc33d37%3B285d635d3810c23%3B293be1a52667f4f%3B30131cf0eb3c777%3B31f9fcb3a203e42%3B32efeee80a1dbc1%3B338e5c47309c2f5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21928950349%2C22801623627%2Fnewspaper24_desktop_siderail_300x600%3B%2F21928950349%2C22801623627%2Fnewspaper24_desktop_anchor_728x90_970x90%3B%2F21928950349%2C22801623627%2Fnewspaper24_desktop_header_728x90%3B%2F21928950349%2C22801623627%2Fnewspaper24_desktop_siderail_300x250_336x280%3B%2F21928950349%2C22801623627%2Fnewspaper24_inarticle1_336x280%3B%2F21928950349%2C22801623627%2Fnewspaper24_inarticle2_336x280%3B%2F21928950349%2C22801623627%2Fnewspaper24_inarticle3_336x280%3B%2F21928950349%2C22801623627%2Fnewspaper24_inarticle4_336x280%3B%2F21928950349%2C22801623627%2Fnewspaper24_inarticle5_336x280%3B%2F21928950349%2C22801623627%2Fnewspaper24_inarticle6_336x280&slots=10&rand=0.2962608989633615
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScript.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
35eb0b2912c54d8ef37642a837a9790be9575671ce45c146c8a4e62646bee406

Request headers

Referer
https://newspaper24hr.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 12:02:57 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://newspaper24hr.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScript.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newspaper24hr.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://newspaper24hr.com
date
Sun, 25 Dec 2022 12:02:57 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
AGSKWxUqLabB1k-7gp-KYr_ggyIjYSOXxXWRse2fdnbP1SmqYnx2N2Ds84c4W1LwU3Tik0sjJZavEUxf0v-zhCDmplw=
fundingchoicesmessages.google.com/f/ 		796 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUqLabB1k-7gp-KYr_ggyIjYSOXxXWRse2fdnbP1SmqYnx2N2Ds84c4W1LwU3Tik0sjJZavEUxf0v-zhCDmplw=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjcxOTY5Nzc3LDQ5OTAwMDAwMF0sIkZCNjU3NTQ2LUI4M0ItNDY1QS05OUU1LTk0QkVEM0QwNUZFOSIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vbmV3c3BhcGVyMjRoci5jb20vIixudWxsLFtbOCwiZEVSRXJQREtiVHMiXSxbOSwibmwiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.dERErPDKbTs.es5.O/d=1/rs=AJlcJMwFSiVyHRckoTNlSIqzsnV2mJnKOg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1ce0566d34002a342a1075f76bc5af582d73c084aad1c6eb00e91ee05657dd4c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vcx__vjKyvAWNeu1NLYv8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:02:57 GMT
content-security-policy
script-src 'report-sample' 'nonce-vcx__vjKyvAWNeu1NLYv8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		60 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.dERErPDKbTs.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwFSiVyHRckoTNlSIqzsnV2mJnKOg/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a80933c717cce51df2b59fc76f4f3e81892fd743f4bff7945e8ec353ed32c649
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 25 Dec 2022 12:02:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 25 Dec 2022 12:02:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 25 Dec 2022 12:02:57 GMT
KtdheKI4XHwjgVeFpRzFteO1v2RaKWtkqb8xNwU3N2iMxMFjJSenYR0sdi79vWeBthyyhjKa7Q4i3Zhmsf8gtD6tboB53oxD3jjvqKjcBp4-6Hrh_aUC=h60
lh3.googleusercontent.com/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/KtdheKI4XHwjgVeFpRzFteO1v2RaKWtkqb8xNwU3N2iMxMFjJSenYR0sdi79vWeBthyyhjKa7Q4i3Zhmsf8gtD6tboB53oxD3jjvqKjcBp4-6Hrh_aUC=h60
Requested by
Host: newspaper24hr.com
URL: https://newspaper24hr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
8bb85613c5e5839de7b1db14e8dcf8ac1b3103fb3d8164b409d255ece76314d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://newspaper24hr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 10:49:11 GMT
x-content-type-options
nosniff
age
4426
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9855
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 13 Dec 2022 00:53:50 GMT
AGSKWxXEr9EFINXeraFr27_UHjPjOcKrwuGjZiaqFhRxth7yWExYZ-35meccmaFn7Z1LAQh90iFkWAmb4Ml4yldmTGxkovVsycocpLXm6Guv5Kd1j8KVIS8u6ZAD0l4TrhLEGhYq6Fo75A==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXEr9EFINXeraFr27_UHjPjOcKrwuGjZiaqFhRxth7yWExYZ-35meccmaFn7Z1LAQh90iFkWAmb4Ml4yldmTGxkovVsycocpLXm6Guv5Kd1j8KVIS8u6ZAD0l4TrhLEGhYq6Fo75A==?dmid=89a5bb3082f6f999
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.dERErPDKbTs.es5.O/d=1/rs=AJlcJMwFSiVyHRckoTNlSIqzsnV2mJnKOg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Ns91IUPgIh0uXoCHQAOptw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://newspaper24hr.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 25 Dec 2022 12:02:57 GMT
content-security-policy
script-src 'report-sample' 'nonce-Ns91IUPgIh0uXoCHQAOptw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://newspaper24hr.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v139/ 		125 KB
125 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newspaper24hr.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 05:06:38 GMT
x-content-type-options
nosniff
age
197780
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128352
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 00:26:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Dec 2023 05:06:38 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newspaper24hr.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 18:50:24 GMT
x-content-type-options
nosniff
age
493954
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Dec 2023 18:50:24 GMT
admin-ajax.php
newspaper24hr.com/wp-admin/ 		0
625 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://newspaper24hr.com/wp-admin/admin-ajax.php
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://newspaper24hr.com/
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 25 Dec 2022 12:02:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff, nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://newspaper24hr.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QytYE00wHX9hMzBjwvgX%2BwgABXUhnhJS0F7VksYsuD4dNYqtgQ5VpLHVDPupwpzNVZE3T%2BpqnMWmfqX%2BAAdkMTbF7D%2FfzbBM0S5qmRKkfVJ6cfz5wT8ATT1SE7%2Fl2is6ywW70HLkLUOxOcpTjoHxBA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-robots-tag
noindex
cf-ray
77f16e51dff39b58-FRA
expires
Wed, 11 Jan 1984 05:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame E526 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScript.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://newspaper24hr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 25 Dec 2022 12:03:01 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9C87 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159448
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScript.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://newspaper24hr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=23056
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 25 Dec 2022 12:03:01 GMT
expires
Sun, 25 Dec 2022 18:27:17 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 3CBF 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScript.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newspaper24hr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sun, 25 Dec 2022 12:03:01 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
onetag-sys.com/usync/ Frame B481 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1671969777532
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScript.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://newspaper24hr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
usync.js
eus.rubiconproject.com/ Frame E526 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a2fc86d55a194928bdc42584b7b317ba3f5b8e8b7f634d4c03c7013e0c8364a5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sun, 25 Dec 2022 12:03:01 GMT
Content-Encoding
gzip
Last-Modified
Sun, 25 Dec 2022 01:35:07 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=48683
Connection
keep-alive
Content-Length
10067
Expires
Mon, 26 Dec 2022 01:34:24 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 9C87 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=82307534&p=159448&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159448
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
f8b881f2e23fa49d836945348f90e4c30aa5191f7905733ffcfde0c7712e3f0b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sun, 25 Dec 2022 12:03:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 0A63
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8cec63a8-3bf6-4100-85c7-d2444d01e86a&gdpr=0&gdpr_consent=
42 B
324 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8cec63a8-3bf6-4100-85c7-d2444d01e86a&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159448
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 25 Dec 2022 12:03:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sun, 25 Dec 2022 12:03:02 GMT
Expires
Sun, 25 Dec 2022 12:03:01 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 277 3f0ad7a master cdg-pixel-x27 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8cec63a8-3bf6-4100-85c7-d2444d01e86a&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 8A39
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6265717200977266810
42 B
194 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6265717200977266810
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159448
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 25 Dec 2022 12:03:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6265717200977266810
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame FB84 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159448
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Sun, 25 Dec 2022 12:03:01 GMT
expires
Sun, 25 Dec 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
714690
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame A47D
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=8ABD946A-BAD0-48D1-943A-2ACC50378CC3&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=8ABD946A-BAD0-48D1-943A-2ACC50378CC3&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=8ABD946A-BAD0-48D1-943A-2ACC50378CC3&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159448
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.203 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 25 Dec 2022 12:03:02 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
454QY9Q2AYC365RS7A53

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Sun, 25 Dec 2022 12:03:02 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=8ABD946A-BAD0-48D1-943A-2ACC50378CC3&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
VHREJEFCR8Y79CRJG631
Pug
simage2.pubmatic.com/AdServer/ Frame 7063
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=337096570404000196&gdpr=0&gdpr_consent=
42 B
216 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=337096570404000196&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159448
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 25 Dec 2022 12:03:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
933479bd-3c37-4fb4-b3aa-a056165dfc82
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Sun, 25 Dec 2022 12:03:02 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=337096570404000196&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
37.48.94.41; 37.48.94.41; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
image2.pubmatic.com/AdServer/ Frame 8284
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=qHeHz60mgMGzcN_Hq33Lkv0h0MCzcIfAqSKPy3sx
42 B
339 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=qHeHz60mgMGzcN_Hq33Lkv0h0MCzcIfAqSKPy3sx
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159448
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 25 Dec 2022 12:03:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Sun, 25 Dec 2022 12:03:02 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=qHeHz60mgMGzcN_Hq33Lkv0h0MCzcIfAqSKPy3sx
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 8CF6
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7181055533596866711&gdpr=0&gdpr_consent=
42 B
472 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7181055533596866711&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159448
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 25 Dec 2022 12:03:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Sun, 25 Dec 2022 12:03:02 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7181055533596866711&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame 3341
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=NvogOTSsSAtvTRPptEaVGCUwXik
42 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=NvogOTSsSAtvTRPptEaVGCUwXik
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159448
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 25 Dec 2022 12:03:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Sun, 25 Dec 2022 12:03:02 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=NvogOTSsSAtvTRPptEaVGCUwXik
rtset
bh.contextweb.com/bh/ Frame 261C
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHQVVVN0hVSGdBQUNCM1hCWm94UQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAGAUU7HUHgAACB3XBZoxQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9C87
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ir2UarrQSNGUOirMUDeMww%3D%3D&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ir2UarrQSNGUOirMUDeMww%3D%3D&gdpr=0&gdpr_consent=&google_tc=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Protocol
H2
Server
2.18.36.193 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:03:02 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=23055
accept-ranges
bytes
content-length
5554
expires
Sun, 25 Dec 2022 18:27:17 GMT

Redirect headers

pragma
no-cache
date
Sun, 25 Dec 2022 12:03:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 9C87 		95 B
382 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=8ABD946A-BAD0-48D1-943A-2ACC50378CC3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:03:02 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
77f16e635f009110-FRA
access-control-allow-headers
*
content-length
95
qmap
sync.crwdcntrl.net/ Frame 9C87 		49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=8ABD946A-BAD0-48D1-943A-2ACC50378CC3&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.183.227 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 12:03:02 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.11.123
content-length
49
expires
0
cr
cr.frontend.weborama.fr/ Frame 9C87
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1212448926
0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1212448926
Protocol
H3
Server
34.111.129.221 -, , ASN (),
Reverse DNS
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 12:03:02 GMT
via
1.1 google
last-modified
Sun, 25 Dec 2022 12:03:02 GMT
server
Weborama Collect Frontend
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 25 Dec 2022 12:03:02 GMT
via
1.1 google
last-modified
Sun, 25 Dec 2022 12:03:02 GMT
server
Weborama Collect Frontend
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1212448926
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 9C87
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OEFCRDk0NkEtQkFEMC00OEQxLTk0M0EtMkFDQzUwMzc4Q0Mz&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OEFCRDk0NkEtQkFEMC00OEQxLTk0M0EtMkFDQzUwMzc4Q0Mz&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 25 Dec 2022 12:03:02 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 25 Dec 2022 12:03:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 9C87
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMPlUl06S2NGtG5ejcfH8no&google_cver=1
42 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMPlUl06S2NGtG5ejcfH8no&google_cver=1
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 25 Dec 2022 12:03:02 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 25 Dec 2022 12:03:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMPlUl06S2NGtG5ejcfH8no&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 9C87 		43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.158.49 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:03:02 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 24 Dec 2022 12:03:02 GMT
generic
match.adsrvr.org/track/cmf/ Frame 9C87 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 25 Dec 2022 12:03:02 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 9C87
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6074804525334365013
42 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6074804525334365013
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 25 Dec 2022 12:03:02 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 25 Dec 2022 12:03:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6074804525334365013
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
8ABD946A-BAD0-48D1-943A-2ACC50378CC3
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 9C87 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/8ABD946A-BAD0-48D1-943A-2ACC50378CC3?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:b7dd:4922:54:1ebd -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:03:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 9C87
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=8ABD946A-BAD0-48D1-943A-2ACC50378CC3&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=8ABD946A-BAD0-48D1-943A-2ACC50378CC3&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ST_2lnlE2uXIbZsnc.Vh0J120FfSrzk-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ST_2lnlE2uXIbZsnc.Vh0J120FfSrzk-~A&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.81 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 12:03:02 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ST_2lnlE2uXIbZsnc.Vh0J120FfSrzk-~A&gdpr=0&gdpr_consent=
date
Sun, 25 Dec 2022 12:03:02 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 9C87
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=c385c90c-44b4-44e2-8299-4034357b1b10
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=c385c90c-44b4-44e2-8299-4034357b1b10
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=6448d29f-fae0-4202-ae25-3f43c9b6380f&ssp=pubmatic&expires=30&user_group=5&bsw_param=c385c90c-44b4-44e2-8299-4034357b1b10
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c385c90c-44b4-44e2-8299-4034357b1b10&gdpr=&gdpr_consent=&gdpr_pd=
1 B
184 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c385c90c-44b4-44e2-8299-4034357b1b10&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sun, 25 Dec 2022 12:03:02 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c385c90c-44b4-44e2-8299-4034357b1b10&gdpr=&gdpr_consent=&gdpr_pd=
date
Sun, 25 Dec 2022 12:03:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame 9C87 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=8ABD946A-BAD0-48D1-943A-2ACC50378CC3&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Dec 2022 12:03:02 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 9C87 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 -, , ASN (),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Sun, 25 Dec 2022 12:03:01 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 9C87
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:e90155b4-24bf-45d6-9247-470a9f837d3e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:e90155b4-24bf-45d6-9247-470a9f837d3e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 25 Dec 2022 12:03:02 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:e90155b4-24bf-45d6-9247-470a9f837d3e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Sun, 25 Dec 2022 12:03:02 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
rubicon
match.adsrvr.org/track/cmf/ Frame E526 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 25 Dec 2022 12:03:02 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
token
pixel.rubiconproject.com/ Frame E526
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=0yP6HVlJRu2xGXPaNIuTDQ&rk=usync-other
0
0
pixel
cm.g.doubleclick.net/ Frame E526
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEMzQk1XWlotMTUtNk1UVg==&us_privacy=1---
0
0
tap.php
pixel.rubiconproject.com/ Frame E526
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHv2tjMCc0rf4ETCiGc4Q0M&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHv2tjMCc0rf4ETCiGc4Q0M&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.139 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 25 Dec 2022 12:03:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHv2tjMCc0rf4ETCiGc4Q0M&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame E526 		0
0
pixel
cm.g.doubleclick.net/ Frame E526
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDllZDViNjAzZDk0MTc1NzdkZWU5MWQ0MTRlMTVkYTk2NjE2YTJjOQ&us_privacy=1---
0
0
setuid
px.ads.linkedin.com/ Frame E526
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1---
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LC3BMWZZ-15-6MTV&us_privacy=1---
0
0
Ndns3IedR5urIZ17sSD7Asn5EUdSAgOZEtemQ7w0kco
pr-bh.ybp.yahoo.com/sync/rubicon/ Frame E526
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Ndns3IedR5urIZ17sSD7Asn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1---
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bh.contextweb.com
URL
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAGAUU7HUHgAACB3XBZoxQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=0yP6HVlJRu2xGXPaNIuTDQ&rk=usync-other
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEMzQk1XWlotMTUtNk1UVg==&us_privacy=1---
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDllZDViNjAzZDk0MTc1NzdkZWU5MWQ0MTRlMTVkYTk2NjE2YTJjOQ&us_privacy=1---
Domain
px.ads.linkedin.com
URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LC3BMWZZ-15-6MTV&us_privacy=1---
Domain
pr-bh.ybp.yahoo.com
URL
https://pr-bh.ybp.yahoo.com/sync/rubicon/Ndns3IedR5urIZ17sSD7Asn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1---

Verdicts & Comments Add Verdict or Comment

179 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| oncontentvisibilityautostatechange function| gtag object| dataLayer object| tie object| unibotshb function| $ function| jQuery function| detectIE object| $doc object| $window object| $html object| $body object| $themeHeader object| $the_post object| $wrapper object| $container object| $postContent string| is_Lazy boolean| is_RTL string| fixedDesktop string| fixedMobile string| userAgent boolean| isDuringAjax boolean| megaMenuAjax number| intialWidth boolean| adBlock object| Modernizr boolean| mCustomScrollbar object| jQuery191034950844190907127 function| TieSticky object| browserPrefixes object| AOS object| swv object| wpcf7 function| runCMDHB function| ubHB function| startFuncHB object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate object| wpcf7_recaptcha function| b2a function| a2b function| ai_run_scripts function| ai_wait_for_jquery function| b64e function| b64d object| ai_front number| ai_jquery_waiting_counter undefined| Cookies function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_adsense_fallback_codes function| ai_insert_code_by_class function| ai_insert_client_code boolean| ai_process_elements_active number| ai_sticky_delay function| ai_process_sticky_elements function| MobileDetect boolean| ai_tracking_finished boolean| ai_js_code object| php_js function| ai_process_lists function| ai_close_block function| ai_install_close_buttons number| ai_close_button_delay function| ai_process_ip_addresses function| ai_install_standard_click_trackers function| ai_install_click_trackers function| ai_process_impressions object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal object| recaptcha object| closure_lm_822344 string| ai_main_content_element object| element object| gaplugins object| gaData object| unibots boolean| UBP_DEBUG function| mobileCheck string| clientDomain string| clientActualDomain function| runCMD function| unibotsLog function| injectCustomJs function| checkBlocked function| getGeoInfo function| fetchJsonData function| unibotsPlayer function| addPlayerCssonMainWindow function| checkIframe function| generateIframe function| startFunc function| injectAdditionScriptTagsOnDOM function| movedivtotargetLocation function| checkPlDivs boolean| blockedPagesFlag function| initFunctionHB string| mybotgabywa object| ub_ga object| oldScript object| attr object| ubpbjsChunk object| ubpbjs object| _ubpbjsGlobals string| nobidVersion object| nobid object| googletag object| ggeac object| google_js_reporting_queue function| ready function| targetDiv function| targetHeader1 function| targetHeader3 object| ubclarityUrls object| ub_x1 object| ub_x2 object| ub_excludeCategory object| ub_excludeHomepage object| ub_includeCategory object| ub_includeHomepage object| ub_categoryExcludeChecked object| ub_categoryIncludeChecked object| ub_anchor object| ub_popup object| apstag function| a0_0x3fdf function| a0_0x42e1 undefined| google_measure_js_timing boolean| apstagLOADED object| default_ContributorServingResponseClientJs object| __googlefc object| googlefc string| __fcInvoked string| __fcexpdef string| Njc2NzVlMjIzNWZkZjg2OGxvYWRlcl9qcw== string| Njc2NzVlMjIzNWZkZjg2OGNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager number| ai_delay_tracking object| ai_check_data object| ai_cookie function| arrive function| unbindArrive function| leave function| unbindLeave

12 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AJ4Tk-5Lh-730dL3pf1UdkwAlYFzk12dHBJyWj2eRl-4v_Na32_DYK0eLghLw_QY45jmr8Y5q8ei3S8LXMPX2n8
.newspaper24hr.com/ Name: _ga_PX3PZ6Q9RG
Value: GS1.1.1671969776.1.0.1671969776.60.0.0
.newspaper24hr.com/ Name: _gid
Value: GA1.2.1420945115.1671969776
.newspaper24hr.com/ Name: _gat_gtag_UA_189072159_7
Value: 1
.newspaper24hr.com/ Name: _ga_LMZRVE8HGJ
Value: GS1.1.1671969776.1.0.1671969776.0.0.0
.newspaper24hr.com/ Name: _ga
Value: GA1.1.1453853494.1671969776
newspaper24hr.com/ Name: _ubpbjs_userid_consent_data
Value: 3524755945110770
.newspaper24hr.com/ Name: _pubcid
Value: 2104aad3-df7b-459f-b552-721f77717489
newspaper24hr.com/ Name: id5id.1st
Value: %7B%22created_at%22%3A%222022-12-25T12%3A02%3A57.403516955Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D
newspaper24hr.com/ Name: id5id.1st_last
Value: Sun%2C%2025%20Dec%202022%2012%3A02%3A57%20GMT
.rubiconproject.com/ Name: khaos
Value: LC3BMWZZ-15-6MTV
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB0h8UmCx1hO6uXUadRsMXL7tE4q61KpmVnEX6pakvgue5Bck1Ri0kVoReFelSsiTpTxFs5K6RfyZOBxGCOXoSK1Q7AzVxZmNTjc6UO785F0Pw==

1 Console Messages

Source Level URL
Text
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=8ABD946A-BAD0-48D1-943A-2ACC50378CC3&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
ads.creative-serving.com
ads.pubmatic.com
bh.contextweb.com
c.amazon-adsystem.com
c1.adform.net
cdn.jsdelivr.net
cdn.unblockia.com
cdn.unibots.in
cdn.unibotscdn.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
cr.frontend.weborama.fr
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
hbopenbid.pubmatic.com
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
lb.eu-1-id5-sync.com
lh3.googleusercontent.com
match.adsby.bidtheatre.com
match.adsrvr.org
mwzeom.zeotap.com
newspaper24hr.com
onetag-sys.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
pro.ip-api.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
region1.analytics.google.com
region1.google-analytics.com
s.amazon-adsystem.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
spadsync.com
stats.g.doubleclick.net
sync.crwdcntrl.net
sync.mathtag.com
sync.srv.stackadapt.com
u.openx.net
um.simpli.fi
unibots-d.openx.net
ups.analytics.yahoo.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
bh.contextweb.com
cm.g.doubleclick.net
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
s.amazon-adsystem.com
13.32.28.197
138.199.36.10
141.95.98.64
142.250.185.66
159.65.196.12
178.250.2.151
185.29.134.248
185.64.189.112
185.64.190.78
185.64.190.80
185.64.190.81
185.89.210.153
2.18.36.193
2001:4860:4802:34::36
2001:4860:4802:38::178
213.155.156.168
23.64.52.128
2600:9000:225e:fc00:12:abfb:9280:93a1
2602:803:c004:200::140
2606:4700:10::ac43:db6
2606:4700::6810:5814
2606:4700::6811:180e
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1450:4001:808::2003
2a00:1450:4001:827::2003
2a00:1450:4001:82f::200e
2a00:1450:400c:c0c::9a
2a00:1450:400d:802::2001
2a00:1450:400d:802::2008
2a00:1450:400d:804::2002
2a00:1450:400d:807::200a
2a00:1450:400d:808::2002
2a00:1450:400d:80d::2004
2a02:fa8:8806:13::1370
2a05:d018:d29:3605:b7dd:4922:54:1ebd
2a06:98c1:3121::3
3.11.61.23
3.122.66.11
3.126.56.137
3.67.148.215
34.111.129.221
35.204.158.49
35.244.159.8
35.71.131.137
37.157.3.20
51.38.120.206
51.77.64.70
52.213.183.227
52.85.121.86
54.243.58.43
67.220.228.203
69.173.144.139
85.114.159.118
89.187.169.3
98.98.134.241
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b47ec96c472c2aa059fede00c7611d73a993fcda0b6c18d50778e6b7371bb33
102a130fabc5d6f984a7a366a00ea03e22702b2164de2c4a9ed5689b80ed56d1
1173ba777b3e4488d4cdf527504532f00ec8f63ed41df67f27ab647b9aed3aaf
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a3f417d7d9af45ab60444c65553c70e16f65174fbf2a2ed88ad790715a3093d
1a718e27fd0df6d791b9038ae5640afdd677afa35b5e080ce20118a9e11553c4
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
1ce0566d34002a342a1075f76bc5af582d73c084aad1c6eb00e91ee05657dd4c
239d7995cbdb7a291cc0c4c38507d26a03579c24b07b63c9975d9bb7b19b181f
23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228
2456b1d45a2509aed4032ad6f95a368f9b0202db240666b6b798728c8d0205db
24e483cf79c921bb269b9979c7ef21d99d37355abce860d4335ccd1140b2e5e6
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2648a1333fa24d383fd73a6beaac17156ae78f4267ff7407ad60e05a788df44c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
35eb0b2912c54d8ef37642a837a9790be9575671ce45c146c8a4e62646bee406
380a4b053e7400fac04dbcf92b3ddb156e2cb786f37f8cfcc20be111581bf811
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e5fe3d9f3103e880a68f6ce8ab0d505eea2b6ea38daf1b873304cb6f837cbe4
3e8e7aedea52f632ed3a1dfc7fe052da1003344896a4412ec7686827a7f7293c
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4234c8d55104f2d3be250bcfc0a9e3cf8f4bb26381dc5c9ac01dd9054df556f8
4428006304292533e2555ee27c9ec8f76a87f7621f050c717e44bc856ceb68e8
489003db4fbeb42106a1b5f26f9e232cefcb6e40f53c0401813aaae21edd12aa
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50ff87739edea54878c17d0aa2867138a441a1db736c9e02e097e3e353c9e5b5
557506851199f3c143645f829af47c11b2f98604ba89934362699df6ab1a753f
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b3d696c5bf52a2c0c89592cc816ddf75d697be93793388dea7debb5d79e9b55
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
666f361cf3679b5681fc4d9d4c15214aa5b81649c0197f0e6ceff79bef13b03a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dd3d9e1620710f847284e7c592281e2b252a82d7e14fe9cc3811ba27581b9d8
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
848e50546f9feb30920ac53dcd70d46e36ca7d060b90b437833fa2d9a2ae37c7
867ce49f14ef2fb0cad46608ca0cc05bfb437d71457563b71e522e0dd66b5905
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8bb85613c5e5839de7b1db14e8dcf8ac1b3103fb3d8164b409d255ece76314d3
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dce640d375f810a7e9695ec1c638beebfba1789f4ef6ca2a2254539717de409
949448840982c267cbacb0aadde067218f404646e15e92b72991715a2988d1f0
9a38595d63dfae35b88183515b69f8b742128b564b9ea4dbd79908c3aa73921a
a2fc86d55a194928bdc42584b7b317ba3f5b8e8b7f634d4c03c7013e0c8364a5
a53b1393dac844555455b387432b2401f003c826ae2f226f1360ccecae8a774c
a579042c36199d8bd54cdfd46465f39fc147fa9d84db396bddf0ca4a3e7cb4f7
a80933c717cce51df2b59fc76f4f3e81892fd743f4bff7945e8ec353ed32c649
aca66d64923c40c3e214b48960e205193496bf882763c8e45f0b2a1fc907a981
af038ef0100222c016b742ab226a79132e6fba3c4ba96668a078f35bcc1870ad
af6d52f31d6e209c5338234fbc12a936f290652f0df7769534f780b98f118f2f
b155b9882e08f1bea77d45dcb9432c0b70bcd39464f29d58833b2e65ab2a1bce
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bb186c331c443b3d4152bc07f91c1d0595f1f0d10303774bbe30454124c87f91
bd52935511fa927b511d5379a8de2c82f50bd68dfbb30a2a30f7d02456340673
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c187e74b2e6438a570aac7fd78fa80c8002ec7bf959dda3bf441d9d1f0875697
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
cc5382bb945da1c30c0696c156e53dd7edb352f813b9c0477d6a90bc074cb9ce
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0dbc85cf3f26fd439ac581c0d779df96bccf4c628b54d96ce1d058092205770
d3e964425ce91482c1a2d1d995b57d9753cc95b34c1df430bd30c53296b31f8a
d6e1feb298b77d45c6250074b727338544625f8116147699e082fbaa9c2fb127
dfa2493d99c2b2cc53b8fad45d32331b4bf5cd4aff9845a675a9ede4b751632a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb3a0b1cf44ea9ee81a7ce04b2770c7484a35ad54e15f415e51004b01e6e834f
ee251ef9ee193fc016b4005fb344d430bd47b6f3bf77f0e74d60e4dfacc0e055
ef0a3f1e274da89f34f4ae7640b2cb4b6858b474cf39568887decd99834212c4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0468c0b0114ec41ecb191a223b6d0174686dc948a1a68b28e26ddf63f0cc801
f2f8c7997f52d388163a69b8832524663fd4b607f83cdb13ed9c6e928ad71fac
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f42d85744f918a245e7c6fa3f743f211ed8aed3905c0a981b26d8a346ddecc94
f73b49765455453b637de853a1bbbb8f8dd72485cab3c4f46643d88178fb3503
f84293668b02b8c83c20c5c2cf51f8a5a64ac5a15d34be26c85382496b107700
f893626901db2901f0060345d43dabeee270c6e830556f9342cfdbcb7ad3ceae
f8b881f2e23fa49d836945348f90e4c30aa5191f7905733ffcfde0c7712e3f0b
fad48b3ed4bbe8d834a2546a0a5513b8900bef508fa1469ed2d6f895cf78b741
fb6040f85f5e91a4d1467a6d581cca48b3c235b16c975f00c5067f296a60079f