three.newclickmobile.com Open in urlscan Pro
47.75.93.161 Public Scan

URL:
http://three.newclickmobile.com/
Submission: On May 23 via manual (May 23rd 2019, 11:17:27 am UTC) from GB

Summary HTTP 33 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 6 countries across 18 domains to perform 33 HTTP transactions. The main IP is 47.75.93.161, located in Hangzhou, China and belongs to CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN. The main domain is three.newclickmobile.com.

This is the only time three.newclickmobile.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	47.75.93.161 47.75.93.161	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co.)
1	205.185.208.52 205.185.208.52	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
1	209.197.3.15 209.197.3.15	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
1	213.244.178.209 213.244.178.209	3356 (LEVEL3) (LEVEL3 - Level 3 Parent)
3	2a00:1450:400... 2a00:1450:4001:816::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	151.101.120.64 151.101.120.64	54113 (FASTLY) (FASTLY - Fastly)
1	192.0.72.28 192.0.72.28	2635 (AUTOMATTIC) (AUTOMATTIC - Automattic)
5	2a02:26f0:6c0... 2a02:26f0:6c00:18d::3134	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	13.35.253.86 13.35.253.86	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2be::2392	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:818::2010	15169 (GOOGLE) (GOOGLE - Google LLC)
2	151.101.2.2 151.101.2.2	54113 (FASTLY) (FASTLY - Fastly)
1	2a00:1450:400... 2a00:1450:4001:81e::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:818::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1 3	2.16.186.51 2.16.186.51	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
33	19

1 47.75.93.161 (Hangzhou, China)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)

three.newclickmobile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.208.52 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip052.ssl.hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.197.3.15 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip0x00f.map2.ssl.hwcdn.net

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.244.178.209 (United Kingdom)

ASN3356 (LEVEL3 - Level 3 Parent, LLC, US)

cdn.staticfile.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.120.64 (Paris, France)

ASN54113 (FASTLY - Fastly, US)

img.bleacherreport.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.72.28 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)

cnnespanol2.files.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:6c00:18d::3134 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

cdn.cnn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dynaimage.cdn.cnn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.35.253.86 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-86.fra6.r.cloudfront.net

s.abcnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2be::2392 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

www.aljazeera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.2 (United States)

ASN54113 (FASTLY - Fastly, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.16.186.51 (Ascension Island) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-51.deploy.static.akamaitechnologies.com

b.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	abcnews.com s.abcnews.com	358 KB
5	cnn.com cdn.cnn.com dynaimage.cdn.cnn.com	622 KB
4	googlesyndication.com pagead2.googlesyndication.com	188 KB
3	scorecardresearch.com 1 redirects b.scorecardresearch.com	2 KB
2	doubleclick.net googleads.g.doubleclick.net
2	taboola.com cdn.taboola.com	125 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	google.com adservice.google.com	171 B
1	google.de adservice.google.de	171 B
1	googleapis.com storage.googleapis.com	1 MB
1	aljazeera.com www.aljazeera.com	122 KB
1	wordpress.com cnnespanol2.files.wordpress.com	371 KB
1	bleacherreport.net img.bleacherreport.net	60 KB
1	staticfile.org cdn.staticfile.org	10 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	19 KB
1	jquery.com code.jquery.com	33 KB
1	newclickmobile.com three.newclickmobile.com	6 KB
0	cnzz.com Failed s5.cnzz.com Failed
33	18

	Domain	Requested by
6	s.abcnews.com	three.newclickmobile.com
4	cdn.cnn.com	three.newclickmobile.com
4	pagead2.googlesyndication.com	three.newclickmobile.com pagead2.googlesyndication.com
3	b.scorecardresearch.com	1 redirects cdn.taboola.com three.newclickmobile.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	cdn.taboola.com	three.newclickmobile.com cdn.taboola.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	dynaimage.cdn.cnn.com	three.newclickmobile.com
1	storage.googleapis.com	three.newclickmobile.com
1	www.aljazeera.com	three.newclickmobile.com
1	cnnespanol2.files.wordpress.com	three.newclickmobile.com
1	img.bleacherreport.net	three.newclickmobile.com
1	cdn.staticfile.org	three.newclickmobile.com
1	maxcdn.bootstrapcdn.com	three.newclickmobile.com
1	code.jquery.com	three.newclickmobile.com
1	three.newclickmobile.com
0	s5.cnzz.com Failed	three.newclickmobile.com
33	19

This site contains no links.

Subject Issuer	Validity	Valid
*.bootstrapcdn.com COMODO RSA Domain Validation Secure Server CA	`2018-10-03` - `2019-10-12`	a year	crt.sh
*.staticfile.org GeoTrust RSA CA 2018	`2018-02-12` - `2020-09-19`	3 years	crt.sh
f.ssl.fastly.net GlobalSign Organization Validation CA - SHA256 - G2	`2018-08-30` - `2020-12-02`	2 years	crt.sh
*.files.wordpress.com Sectigo RSA Domain Validation Secure Server CA	`2019-01-15` - `2021-01-14`	2 years	crt.sh
www.turner.com Sectigo RSA Organization Validation Secure Server CA	`2019-05-22` - `2020-09-03`	a year	crt.sh
s.abcnews.com Amazon	`2019-03-27` - `2020-04-27`	a year	crt.sh
aljazeera.net DigiCert SHA2 Secure Server CA	`2019-02-25` - `2020-02-25`	a year	crt.sh
*.storage.googleapis.com Google Internet Authority G3	`2019-04-30` - `2019-07-23`	3 months	crt.sh
*.google.com Google Internet Authority G3	`2019-04-30` - `2019-07-23`	3 months	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2019-04-30` - `2019-07-23`	3 months	crt.sh

This page contains 4 frames:

Primary Page: http://three.newclickmobile.com/
Frame ID: 4444276FF4CB2FDE12B2F5B7980394A4
Requests: 30 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20190520/r20190131/show_ads_impl.js
Frame ID: 4E91F9B904A9B8D8A1932A37C80AD94F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20190520/r20190131/zrt_lookup.html
Frame ID: 8051E892D0684714592FC06E8F1D33E7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8637683382833088&output=html&h=50&slotname=2990010401&adk=1801607346&adf=3193654627&w=320&lmt=1558610214&guci=1.2.0.0.2.2.0.0&format=320x50&url=http%3A%2F%2Fthree.newclickmobile.com%2F&flash=0&wgl=1&adsid=NT&dt=1558610214338&bpp=19&bdt=1033&fdt=110&idt=110&shv=r20190520&cbv=r20190131&saldr=aa&abxe=1&correlator=4281642665269&frm=20&pv=2&ga_vid=2145039681.1558610214&ga_sid=1558610214&ga_hid=279573020&ga_fc=0&iag=0&icsg=32936&dssz=14&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=640&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=1&uci=1.3e4hjrejiuvu&fsb=1&xpc=ajdqk2huHr&p=http%3A//three.newclickmobile.com&dtd=127
Frame ID: BE7BBF0E0106C60B49438B9080674417
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i
env /^google_ad_/i
env /^__google_ad_/i
env /^Goog_AdSense_/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^gaGlobal$/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
env /^_?COMSCORE$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js/i
env /^jQuery$/i

Twitter Bootstrap () Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i
script /(?:twitter\.github\.com\/bootstrap|bootstrap(?:\.js|\.min\.js))/i

Page Statistics

33
Requests

70 %
HTTPS

50 %
IPv6

18
Domains

19
Subdomains

19
IPs

6
Countries

3184 kB
Transfer

4055 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

http://b.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1558610214488&ns_c=UTF-8&cv=3.1&c8=news&c7=http%3A%2F%2Fthree.newclickmobile.com%2F&c9= HTTP 302
http://b.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1558610214488&ns_c=UTF-8&cv=3.1&c8=news&c7=http%3A%2F%2Fthree.newclickmobile.com%2F&c9=

33 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
three.newclickmobile.com/ 23 KB
6 KB 870ms
274ms Document
text/html 47.75.93.161
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to

Full URL: http://three.newclickmobile.com/
Protocol: HTTP/1.1
Server: 47.75.93.161 Hangzhou, China, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software: nginx / PHP/7.0.31
Resource Hash: 38b58a7968c8deb03abee099c1630399a77b4aea43b6b5db6be29a59c4bcba87

Request headers

Host: three.newclickmobile.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server: nginx
Date: Thu, 23 May 2019 11:16:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.0.31
Content-Encoding: gzip

GET
H/1.1 200
OK jquery-1.7.2.min.js Show response
code.jquery.com/ 93 KB
33 KB 58ms
25ms Script
application/javascript 205.185.208.52
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: http://code.jquery.com/jquery-1.7.2.min.js
Requested by: Host: three.newclickmobile.com
URL: http://three.newclickmobile.com/
Protocol: HTTP/1.1
Server: 205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: vip052.ssl.hwcdn.net
Software: nginx /
Resource Hash: 47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Request headers

Referer: http://three.newclickmobile.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 23 May 2019 11:16:53 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Oct 2014 00:16:07 GMT
Server: nginx
ETag: W/"54499a47-17278"
Vary: Accept-Encoding
X-HW: 1558610213.dop032.lo4.t,1558610213.cds001.lo4.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 33626

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
19 KB 28ms
26ms Stylesheet
text/css 209.197.3.15
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by: Host: three.newclickmobile.com
URL: http://three.newclickmobile.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: vip0x00f.map2.ssl.hwcdn.net
Software: /
Resource Hash: f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Referer: http://three.newclickmobile.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 23 May 2019 11:16:53 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:34:07 GMT
access-control-allow-origin: *
etag: "1544639647"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
status: 200
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 19740

GET
H2 200 bootstrap.min.js Show response
cdn.staticfile.org/twitter-bootstrap/3.3.7/js/ 36 KB
10 KB 990ms
20ms Script
application/javascript 213.244.178.209
Level 3 Parent

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staticfile.org/twitter-bootstrap/3.3.7/js/bootstrap.min.js
Requested by: Host: three.newclickmobile.com
URL: http://three.newclickmobile.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.244.178.209 , United Kingdom, ASN3356 (LEVEL3 - Level 3 Parent, LLC, US),
Reverse DNS
Software: Tengine /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Referer: http://three.newclickmobile.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-encoding: gzip
age: 98058
status: 200
x-swift-cachetime: 86400
content-disposition: inline; filename="bootstrap.min.js"; filename*=utf-8' 'bootstrap.min.js
x-swift-savetime: Wed, 22 May 2019 22:58:05 GMT
x-m-reqid: ehUAABon55GM8qAV
x-m-log: QNM:xs461;QNM3/304
etag: "FkMKRD10gw_pvibvykMfRIwbN0D5.gz"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Log, X-Reqid
cache-control: s-maxage=86400, max-age=86400
x-qiniu-zone: 0
x-qnm-cache: Hit
eagleid: d5f4b28715586102143036488e
expires: Thu, 23 May 2019 08:02:36 GMT
x-log: redis.g;IO/304
date: Wed, 22 May 2019 08:02:36 GMT
via: cache2.l2de1[0,304-0,H], cache17.l2de1[1,0], cache5.nl1[0,200-0,H], cache7.nl1[1,0]
x-svr: IO
x-reqid: GRYAAELLYuZK64YV
x-cache: HIT TCP_MEM_HIT dirn:7:723653586
content-transfer-encoding: binary
content-length: 9861
last-modified: Wed, 26 Oct 2016 09:16:44 GMT
server: Tengine
access-control-max-age: 2592000
ali-swift-global-savetime: 1545928002
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 87 KB
33 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:816::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: three.newclickmobile.com
URL: http://three.newclickmobile.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

b54c97ab42060eb6ebda43132482318e71f557ac4befe3ff3c78300b7ed3ef14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://three.newclickmobile.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 23 May 2019 11:16:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 13321759195849874267
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 33119
X-XSS-Protection: 0
Expires: Thu, 23 May 2019 11:16:53 GMT

GET
H/1.1 200
OK 4217edfed54c1e9f49d6d8e914e884d6_crop_exact.jpg
img.bleacherreport.net/img/images/photos/003/809/971/ 59 KB
60 KB 96ms
22ms Image
image/jpeg 151.101.120.64
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.bleacherreport.net/img/images/photos/003/809/971/4217edfed54c1e9f49d6d8e914e884d6_crop_exact.jpg?w=1200&h=1200&q=75
Requested by: Host: three.newclickmobile.com
URL: http://three.newclickmobile.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.120.64 Paris, France, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.7.7 /
Resource Hash: e932fd79acaf82bc13e495a0a126a6c42986d3031d36c5ba9602aab8033e030a

Request headers

Referer: http://three.newclickmobile.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: rDR5XVZBdfucNYVJJGCC4ix.ywyMVVCN
Via: 1.1 varnish, 1.1 varnish
Age: 37566
x-amz-server-side-encryption: AES256
X-Cache: HIT, HIT
Date: Thu, 23 May 2019 11:16:53 GMT
X-Cache-Hits: 1, 157
Connection: keep-alive
Content-Length: 60892
x-amz-id-2: Owc3FOeXpEaBpqQByhZKSYba1Bxq0t/G15EtWsntZ274eJ2Kb5/A1K8mmMe7wkja2/d5skgU2HA=
X-Served-By: cache-iad2121-IAD, cache-cdg20770-CDG
Last-Modified: Thu, 23 May 2019 00:50:39 GMT
Server: nginx/1.7.7
X-Timer: S1558610213.390919,VS0,VE0
ETag: "fc648a3b28304d2ff9e69b8824f5d998"
x-amz-request-id: DC5D1C0C9895E383
Cache-Control: max-age=252460800
Accept-Ranges: bytes
Content-Type: image/jpeg
Expires: Sun, 11 Apr 2027 19:03:15 GMT

GET
H2 200 cnn-elefante-2.jpg
cnnespanol2.files.wordpress.com/2019/05/ 370 KB
371 KB 77ms
26ms Image
image/webp 192.0.72.28
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cnnespanol2.files.wordpress.com/2019/05/cnn-elefante-2.jpg?quality=100&strip=info
Requested by: Host: three.newclickmobile.com
URL: http://three.newclickmobile.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.72.28 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: 0e6a313624833f30bcfeeddacf715bc4a95802eb4495fd92362012bb82b546af

Request headers

Referer: http://three.newclickmobile.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 28 np
date: Thu, 23 May 2019 11:16:53 GMT
last-modified: Thu, 23 May 2019 10:28:57 GMT
server: nginx
vary: Accept
content-type: image/webp
status: 200
x-orig-src: 0_imageresize
accept-ranges: bytes
content-length: 379058
expires: Thu, 27 Jun 2019 16:56:43 GMT

GET
H2 200 190522141154-trump-rose-garden-mobapp-super-tease.jpg
cdn.cnn.com/cnnnext/dam/assets/ 54 KB
55 KB 52ms
7ms Image
image/jpeg 2a02:26f0:6c00:18d::3134
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cnn.com/cnnnext/dam/assets/190522141154-trump-rose-garden-mobapp-super-tease.jpg
Requested by: Host: three.newclickmobile.com
URL: http://three.newclickmobile.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:18d::3134 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 04be25272fb448ecf8c686f53ecc524a919239152d9ead91e660a540ed8f9130

Request headers

Referer: http://three.newclickmobile.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 23 May 2019 11:16:53 GMT
server: Apache-Coyote/1.1
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/jpeg
status: 200
cache-control: max-age=3600
content-length: 55521
expires: Thu, 23 May 2019 12:16:53 GMT

GET
H2 200 190506110759-01-nyse-0506-super-tease.jpg
cdn.cnn.com/cnnnext/dam/assets/ 79 KB
79 KB 57ms
15ms Image
image/jpeg 2a02:26f0:6c00:18d::3134
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cnn.com/cnnnext/dam/assets/190506110759-01-nyse-0506-super-tease.jpg
Requested by: Host: three.newclickmobile.com
URL: http://three.newclickmobile.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:18d::3134 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: d37657d30a397c7ce4ba8c61dd6e5cdcb730defdbeb99038cb01ffe9eb8d3085

Request headers

Referer: http://three.newclickmobile.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 23 May 2019 11:16:53 GMT
server: Apache-Coyote/1.1
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/jpeg
status: 200
cache-control: max-age=3600
content-length: 80777
expires: Thu, 23 May 2019 12:16:53 GMT

GET
H2 200 WireAP_eeeb3ec2c7fd49238c5dff156d8901bf_16x9_992.jpg
s.abcnews.com/images/International/ 42 KB
42 KB 72ms
17ms Image
image/jpeg 13.35.253.86
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.abcnews.com/images/International/WireAP_eeeb3ec2c7fd49238c5dff156d8901bf_16x9_992.jpg
Requested by: Host: three.newclickmobile.com
URL: http://three.newclickmobile.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.86 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-35-253-86.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5a9dca1ba100df39c84d76ccbe809258fd303ce9750167493941def122426674

Request headers

Referer: http://three.newclickmobile.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 23 May 2019 10:47:39 GMT
via: 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
last-modified: Thu, 23 May 2019 04:06:12 GMT
server: AmazonS3
age: 1754
etag: "74e4e30264109d60656dcb94eeedf3df"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 42979
x-amz-cf-id: pB4M2Mpu3S2NiPi-ECo7toq7AD5rB-sNGLnsPL1WzfEpc4e_05ksww==

GET
H2 200 WireAP_79a8c39fa31744328447ff5e68704bf4_16x9_992.jpg
s.abcnews.com/images/International/ 89 KB
89 KB 84ms
33ms Image
image/jpeg 13.35.253.86
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.abcnews.com/images/International/WireAP_79a8c39fa31744328447ff5e68704bf4_16x9_992.jpg
Requested by: Host: three.newclickmobile.com
URL: http://three.newclickmobile.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.86 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-35-253-86.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7a3e1966b1e59945bad3405d69328b467f22858fc67fe0105194b1098e0187de

Request headers

Referer: http://three.newclickmobile.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 23 May 2019 10:47:44 GMT
via: 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
last-modified: Thu, 23 May 2019 10:29:22 GMT
server: AmazonS3
age: 1750
etag: "f7b276a854815a9e517cc9154a0c2c73"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 90757
x-amz-cf-id: yZFZZAZ1p37lQYVws_btJn-XxqITwGk89QjQf_KpEN58Zv0d1x4Hww==

GET
H2 200 WireAP_546cd06d763b4bf3b33c37bd97b29691_16x9_992.jpg
s.abcnews.com/images/Lifestyle/ 100 KB
101 KB 18ms
18ms Image
image/jpeg 13.35.253.86
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.abcnews.com/images/Lifestyle/WireAP_546cd06d763b4bf3b33c37bd97b29691_16x9_992.jpg
Requested by: Host: three.newclickmobile.com
URL: http://three.newclickmobile.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.86 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-35-253-86.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ab4bc7f1b65781217170e4d8a64538df458fe3f909a6ad204e08c46ef8fc30ea

Request headers

Referer: http://three.newclickmobile.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 23 May 2019 11:01:44 GMT
via: 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
last-modified: Thu, 23 May 2019 10:13:53 GMT
server: AmazonS3
age: 910
etag: "1d2775004cc1ca57f37f96b38f396c8f"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 102599
x-amz-cf-id: FGFHzEhoO-DObSYH9fSJQCPDdpH1WdxbdA04XmdqerRDniCYtLxQow==

GET
H2 200 WireAP_4d6abd639cd84111a1509cac89e5fabd_16x9_992.jpg
s.abcnews.com/images/Lifestyle/ 28 KB
28 KB 14ms
14ms Image
image/jpeg 13.35.253.86
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.abcnews.com/images/Lifestyle/WireAP_4d6abd639cd84111a1509cac89e5fabd_16x9_992.jpg
Requested by: Host: three.newclickmobile.com
URL: http://three.newclickmobile.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.86 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-35-253-86.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60478d5de4bd40fdd5b522def0612c3a782d9dbc1a811499ef05872dbdcee287

Request headers

Referer: http://three.newclickmobile.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 23 May 2019 10:31:43 GMT
via: 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
last-modified: Thu, 23 May 2019 06:52:09 GMT
server: AmazonS3
age: 911
etag: "24869ed474e4dd4236025607e42ce0d8"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 28722
x-amz-cf-id: 4maRJjJpjZcQmYfCjs2qnmS4KK4P9Nw0HuobN4vvjuQ-QZ6QPClKJg==

GET
H2 200 WireAP_2440fc1c642944afaf73f014c713d62f_16x9_992.jpg
s.abcnews.com/images/International/ 32 KB
32 KB 14ms
14ms Image
image/jpeg 13.35.253.86
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.abcnews.com/images/International/WireAP_2440fc1c642944afaf73f014c713d62f_16x9_992.jpg
Requested by: Host: three.newclickmobile.com
URL: http://three.newclickmobile.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.86 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-35-253-86.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cb7a8e3da8dbc0d6ba61520c230c3bd47c8a7a80cf564b08ca582c9f1e2ce509

Request headers

Referer: http://three.newclickmobile.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 23 May 2019 10:31:16 GMT
via: 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
last-modified: Wed, 22 May 2019 14:36:35 GMT
server: AmazonS3
age: 930
etag: "e0f6f1dc3221f98267fd7b4f396ab8a1"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 32930
x-amz-cf-id: 3pb-E1SgFm9fD72r9jRBfnK483IPmEsnlrX0NwMuNV7rFOgO1lp0dw==

GET
H2 200 190523110933-01-the-tiger-who-came-to-tea-file-super-tease.jpg
cdn.cnn.com/cnnnext/dam/assets/ 128 KB
128 KB 11ms
10ms Image
image/jpeg 2a02:26f0:6c00:18d::3134
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cnn.com/cnnnext/dam/assets/190523110933-01-the-tiger-who-came-to-tea-file-super-tease.jpg
Requested by: Host: three.newclickmobile.com
URL: http://three.newclickmobile.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:18d::3134 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 487804be6536ab047d8d8b9d4eca1e596376ee319da5144e5e9048e5ad01bb2c

Request headers

Referer: http://three.newclickmobile.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 23 May 2019 11:16:53 GMT
server: Apache-Coyote/1.1
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/jpeg
status: 200
cache-control: max-age=3600
content-length: 131109
expires: Thu, 23 May 2019 12:16:53 GMT

GET
H/1.1 200
OK 160cbe140682427c838e8c7a5634579f_18.jpg
www.aljazeera.com/mritems/Images/2019/5/23/ 122 KB
122 KB 95ms
13ms Image
image/jpeg 2a02:26f0:6c00:2be::2392
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aljazeera.com/mritems/Images/2019/5/23/160cbe140682427c838e8c7a5634579f_18.jpg

Requested by

Host: three.newclickmobile.com
URL: http://three.newclickmobile.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:2be::2392 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / VSH-Z1-U2

Resource Hash

3b2ead1aa36610f84a1a8f425ffada183e3ecf1404f75377c0551a9fb0ac381e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://three.newclickmobile.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 23 May 2019 11:16:53 GMT
X-Content-Type-Options: nosniff
X-Powered-By: VSH-Z1-U2
Connection: keep-alive
Publisher: Al Jazeera (ORYX CMS) - Z3UB
Content-Length: 124437
X-Method: GET
Last-Modified: Thu, 23 May 2019 09:20:48 GMT
Server: Microsoft-IIS/10.0
X-Frame-Options: SAMEORIGIN
ETag: "018acce4811d51:0"
Strict-Transport-Security: max-age=15552000
Content-Type: image/jpeg
Access-Control-Allow-Origin: http://live.aljazeera.com
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=31536000, public

GET
H2 200 190411095952-01-geoffrey-rush-0411-super-tease.jpg
cdn.cnn.com/cnnnext/dam/assets/ 107 KB
107 KB 8ms
7ms Image
image/jpeg 2a02:26f0:6c00:18d::3134
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cnn.com/cnnnext/dam/assets/190411095952-01-geoffrey-rush-0411-super-tease.jpg
Requested by: Host: three.newclickmobile.com
URL: http://three.newclickmobile.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:18d::3134 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: ff710d49f3db7319b26b076b6529863662efd598ae53d17e5b0ae9cb8212fd8d

Request headers

Referer: http://three.newclickmobile.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 23 May 2019 11:16:53 GMT
server: Apache-Coyote/1.1
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/jpeg
status: 200
cache-control: max-age=3600
content-length: 109420
expires: Thu, 23 May 2019 12:16:53 GMT

GET
H2 200 3000.jpeg
storage.googleapis.com/afs-prod/media/media:546cd06d763b4bf3b33c37bd97b29691/ 1 MB
1 MB 10ms
10ms Image
image/jpeg 2a00:1450:4001:818::2010
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/afs-prod/media/media:546cd06d763b4bf3b33c37bd97b29691/3000.jpeg
Requested by: Host: three.newclickmobile.com
URL: http://three.newclickmobile.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:818::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8ac793d80da00b89642bfb1d3dbbf3f6367a764c55748a2302e9ba2d1321dde2

Request headers

Referer: http://three.newclickmobile.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 23 May 2019 10:26:54 GMT
age: 2999
status: 200
x-guploader-uploadid: AEnB2UoJQjFH1LFsTGsomvSGWDfVEUYYpad5hf74XV0ZOTyRjVrzXBB1C8BfTTsJ5fQGLN7r94oOB1ECcTtg-bYoHDnC1zQ5ww
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 1268043
last-modified: Thu, 23 May 2019 10:14:57 GMT
server: UploadServer
etag: "975745d1639a762ff591a16253a9d05b"
x-goog-hash: crc32c=Nw0GSw==, md5=l1dF0WOadi/1kaFiU6nQWw==
x-goog-generation: 1558606497009892
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 1268043
accept-ranges: bytes
content-type: image/jpeg
expires: Thu, 23 May 2019 11:26:54 GMT

GET
H2 200 http%3A%2F%2Fcdn.cnn.com%2Fcnnnext%2Fdam%2Fassets%2F190315131613-07-netherlands-happiest-coutries-2018-super-tease.jpg
dynaimage.cdn.cnn.com/cnn/w_1200/ 252 KB
253 KB 33ms
6ms Image
image/jpeg 2a02:26f0:6c00:18d::3134
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dynaimage.cdn.cnn.com/cnn/w_1200/http%3A%2F%2Fcdn.cnn.com%2Fcnnnext%2Fdam%2Fassets%2F190315131613-07-netherlands-happiest-coutries-2018-super-tease.jpg
Requested by: Host: three.newclickmobile.com
URL: http://three.newclickmobile.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:18d::3134 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 09adf1f68ec0b7acbd45483ee28107875f2de9580002ebd89e2a24f3466e4846

Request headers

Referer: http://three.newclickmobile.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Thu, 23 May 2019 11:16:53 GMT
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 258085
content-type: image/jpeg

GET
H2 200 WireAP_a4fd284cba9044ce96ffc4eb5751fdf5_16x9_992.jpg
s.abcnews.com/images/International/ 65 KB
65 KB 17ms
14ms Image
image/jpeg 13.35.253.86
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.abcnews.com/images/International/WireAP_a4fd284cba9044ce96ffc4eb5751fdf5_16x9_992.jpg
Requested by: Host: three.newclickmobile.com
URL: http://three.newclickmobile.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.86 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-35-253-86.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5307a35940af861952b0eaac5a45e578bfd31927c463463bf0aa0ff234011bab

Request headers

Referer: http://three.newclickmobile.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 23 May 2019 10:08:06 GMT
via: 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
last-modified: Thu, 23 May 2019 10:06:10 GMT
server: AmazonS3
age: 523
etag: "e6b0b186e348b7abbc9726c2f94d5a33"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 66435
x-amz-cf-id: EGDiM2eOFnvM49jo62KDVpPvnghkVSWF6fGkKsTth0vtF5DVZgmdgA==

GET
H/1.1 200
OK loader.js Show response
cdn.taboola.com/libtrc/pitayanetwork/ 66 KB
18 KB 14ms
13ms Script
application/javascript 151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.taboola.com/libtrc/pitayanetwork/loader.js
Requested by: Host: three.newclickmobile.com
URL: http://three.newclickmobile.com/
Protocol: HTTP/1.1
Server: 151.101.2.2 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f6df701570d2e0aa94525dbdbfa681aa8efa8e8cccb725c577fa0d7eb00aed04

Request headers

Referer: http://three.newclickmobile.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: A2GWHQwBfpZuVSZ8mMhZBuql5KpW4PoZ
Content-Encoding: gzip
Age: 10287
X-Cache: HIT
Date: Thu, 23 May 2019 11:16:54 GMT
Connection: keep-alive
Content-Length: 17827
x-amz-id-2: 7iUJMdDoZXZUSKbBV40KW8ZaGalPDtILLYVhDvQUPpe9vS4DJ89CfMS0dLtDvEX+M3wcb/ExCq8=
X-Served-By: cache-hhn1524-HHN
Last-Modified: Thu, 23 May 2019 08:24:19 GMT
Server: AmazonS3
X-Timer: S1558610214.323888,VS0,VE0
ETag: "d76b15a9a56ba6b39c7c8b558d540bb6"
Vary: Accept-Encoding
x-amz-request-id: AC836FEC64245681
Via: 1.1 varnish
Cache-Control: private,max-age=14401
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
abp: 25
X-Cache-Hits: 2

GET z_stat.php
s5.cnzz.com/ 0
0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 16ms
16ms Script
application/javascript 2a00:1450:4001:81e::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=three.newclickmobile.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://three.newclickmobile.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 23 May 2019 11:16:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 17ms
16ms Script
application/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=three.newclickmobile.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://three.newclickmobile.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 23 May 2019 11:16:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 104
x-xss-protection: 0

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190520/r20190131/ 208 KB
78 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:816::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20190520/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

85586c3b2fc1315e51a6a3a012fe0d80a0415c0bccf68485e96501e7ea4dbde7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://three.newclickmobile.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 23 May 2019 11:16:54 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 17287492606424789904
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 78947
X-XSS-Protection: 0
Expires: Thu, 23 May 2019 11:16:54 GMT

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190520/r20190131/ Frame 4E91 208 KB
78 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:816::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20190520/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

85586c3b2fc1315e51a6a3a012fe0d80a0415c0bccf68485e96501e7ea4dbde7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://three.newclickmobile.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 23 May 2019 11:16:54 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 17287492606424789904
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 78947
X-XSS-Protection: 0
Expires: Thu, 23 May 2019 11:16:54 GMT

GET
H2 200 ca-pub-8637683382833088.js Show response
pagead2.googlesyndication.com/pub-config/r20160913/ 68 B
175 B 7ms
6ms Script
text/javascript 2a00:1450:4001:818::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-8637683382833088.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8ba131a677ea1357ae7fdc95d6a5c67c3b02d171bb286f6c9ec6bce3cef5c211

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://three.newclickmobile.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 23 May 2019 04:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
age: 25196
content-type: text/javascript
status: 200
cache-control: public, max-age=43200
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 88
x-xss-protection: 0
expires: Thu, 23 May 2019 16:16:58 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190520/r20190131/ Frame 8051 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20190520/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20190520/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: http://three.newclickmobile.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://three.newclickmobile.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Mon, 20 May 2019 14:19:04 GMT
expires: Mon, 03 Jun 2019 14:19:04 GMT
content-type: text/html; charset=UTF-8
etag: 7423447574459395779
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 6990
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 248270
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"

GET
H/1.1 200
OK impl.358-308-RELEASE.js Show response
cdn.taboola.com/libtrc/ 372 KB
107 KB 15ms
14ms Script
application/javascript 151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.taboola.com/libtrc/impl.358-308-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/pitayanetwork/loader.js
Protocol: HTTP/1.1
Server: 151.101.2.2 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 96802f2b012d088dc5338a94de84b83598660d314464a9e8e8ab70987de093ec

Request headers

Referer: http://three.newclickmobile.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: thr0E6yC837mXtZZ8kEiFcLSS1zKG5Rc
Content-Encoding: gzip
Age: 14143
X-Cache: HIT
Date: Thu, 23 May 2019 11:16:54 GMT
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 108380
x-amz-id-2: xBZCLMgP/+euxbHNuhfC+bcbhVSViMUTlcP3v/zLJcoSo79KWcuHTB38wGiddV0a0w5NiRZ7EzA=
X-Served-By: cache-hhn1524-HHN
Last-Modified: Thu, 23 May 2019 07:21:07 GMT
Server: AmazonS3
X-Timer: S1558610214.379173,VS0,VE0
ETag: "1981bdd70a47e71cc149e0b86f8a540b"
Vary: Accept-Encoding
x-amz-request-id: 8807A6843FD5A6E4
Via: 1.1 varnish
Cache-Control: private,max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
abp: 38
X-Cache-Hits: 210378

GET
H/1.1 200
OK beacon.js Show response
b.scorecardresearch.com/ 1 KB
1 KB 82ms
31ms Script
application/x-javascript 2.16.186.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://b.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/pitayanetwork/loader.js
Protocol: HTTP/1.1
Server: 2.16.186.51 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912

Request headers

Referer: http://three.newclickmobile.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 23 May 2019 11:16:54 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 901
Expires: Fri, 24 May 2019 11:16:54 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame BE7B 0
0 98ms
97ms Document
text/html 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8637683382833088&output=html&h=50&slotname=2990010401&adk=1801607346&adf=3193654627&w=320&lmt=1558610214&guci=1.2.0.0.2.2.0.0&format=320x50&url=http%3A%2F%2Fthree.newclickmobile.com%2F&flash=0&wgl=1&adsid=NT&dt=1558610214338&bpp=19&bdt=1033&fdt=110&idt=110&shv=r20190520&cbv=r20190131&saldr=aa&abxe=1&correlator=4281642665269&frm=20&pv=2&ga_vid=2145039681.1558610214&ga_sid=1558610214&ga_hid=279573020&ga_fc=0&iag=0&icsg=32936&dssz=14&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=640&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=1&uci=1.3e4hjrejiuvu&fsb=1&xpc=ajdqk2huHr&p=http%3A//three.newclickmobile.com&dtd=127

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20190520/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8637683382833088&output=html&h=50&slotname=2990010401&adk=1801607346&adf=3193654627&w=320&lmt=1558610214&guci=1.2.0.0.2.2.0.0&format=320x50&url=http%3A%2F%2Fthree.newclickmobile.com%2F&flash=0&wgl=1&adsid=NT&dt=1558610214338&bpp=19&bdt=1033&fdt=110&idt=110&shv=r20190520&cbv=r20190131&saldr=aa&abxe=1&correlator=4281642665269&frm=20&pv=2&ga_vid=2145039681.1558610214&ga_sid=1558610214&ga_hid=279573020&ga_fc=0&iag=0&icsg=32936&dssz=14&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=640&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=1&uci=1.3e4hjrejiuvu&fsb=1&xpc=ajdqk2huHr&p=http%3A//three.newclickmobile.com&dtd=127
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: http://three.newclickmobile.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://three.newclickmobile.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 23 May 2019 11:16:54 GMT
server: cafe
content-length: 329
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 23-May-2019 11:31:54 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
expires: Thu, 23 May 2019 11:16:54 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 76 KB
28 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20190520/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

9d0dd807a552af8a1d384a826d90b1806fd545907c4758691de37f652df78a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://three.newclickmobile.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 23 May 2019 11:16:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1558551624636007"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 28594
x-xss-protection: 0
expires: Thu, 23 May 2019 11:16:54 GMT

GET
H/1.1

204
No Content

b2
b.scorecardresearch.com/
Redirect Chain

http://b.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1558610214488&ns_c=UTF-8&cv=3.1&c8=news&c7=http%3A%2F%2Fthree.newclickmobile.com%2F&c9=
http://b.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1558610214488&ns_c=UTF-8&cv=3.1&c8=news&c7=http%3A%2F%2Fthree.newclickmobile.com%2F&c9=

0
248 B

31ms
30ms

Image
text/plain

2.16.186.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://b.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1558610214488&ns_c=UTF-8&cv=3.1&c8=news&c7=http%3A%2F%2Fthree.newclickmobile.com%2F&c9=
Requested by: Host: three.newclickmobile.com
URL: http://three.newclickmobile.com/
Protocol: HTTP/1.1
Server: 2.16.186.51 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://three.newclickmobile.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 May 2019 11:16:54 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: http://b.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1558610214488&ns_c=UTF-8&cv=3.1&c8=news&c7=http%3A%2F%2Fthree.newclickmobile.com%2F&c9=
Pragma: no-cache
Date: Thu, 23 May 2019 11:16:54 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s5.cnzz.com
URL: http://s5.cnzz.com/z_stat.php?id=1277238850&show=pic1

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
b.scorecardresearch.com
cdn.cnn.com
cdn.staticfile.org
cdn.taboola.com
cnnespanol2.files.wordpress.com
code.jquery.com
dynaimage.cdn.cnn.com
googleads.g.doubleclick.net
img.bleacherreport.net
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
s.abcnews.com
s5.cnzz.com
storage.googleapis.com
three.newclickmobile.com
www.aljazeera.com
www.googletagservices.com
s5.cnzz.com
13.35.253.86
151.101.120.64
151.101.2.2
192.0.72.28
2.16.186.51
205.185.208.52
209.197.3.15
213.244.178.209
2a00:1450:4001:816::2002
2a00:1450:4001:818::2002
2a00:1450:4001:818::2010
2a00:1450:4001:81c::2002
2a00:1450:4001:81d::2002
2a00:1450:4001:81e::2002
2a00:1450:4001:820::2002
2a02:26f0:6c00:18d::3134
2a02:26f0:6c00:2be::2392
47.75.93.161
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04be25272fb448ecf8c686f53ecc524a919239152d9ead91e660a540ed8f9130
09adf1f68ec0b7acbd45483ee28107875f2de9580002ebd89e2a24f3466e4846
0e6a313624833f30bcfeeddacf715bc4a95802eb4495fd92362012bb82b546af
38b58a7968c8deb03abee099c1630399a77b4aea43b6b5db6be29a59c4bcba87
3b2ead1aa36610f84a1a8f425ffada183e3ecf1404f75377c0551a9fb0ac381e
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
487804be6536ab047d8d8b9d4eca1e596376ee319da5144e5e9048e5ad01bb2c
5307a35940af861952b0eaac5a45e578bfd31927c463463bf0aa0ff234011bab
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5a9dca1ba100df39c84d76ccbe809258fd303ce9750167493941def122426674
60478d5de4bd40fdd5b522def0612c3a782d9dbc1a811499ef05872dbdcee287
7a3e1966b1e59945bad3405d69328b467f22858fc67fe0105194b1098e0187de
85586c3b2fc1315e51a6a3a012fe0d80a0415c0bccf68485e96501e7ea4dbde7
8ac793d80da00b89642bfb1d3dbbf3f6367a764c55748a2302e9ba2d1321dde2
8ba131a677ea1357ae7fdc95d6a5c67c3b02d171bb286f6c9ec6bce3cef5c211
96802f2b012d088dc5338a94de84b83598660d314464a9e8e8ab70987de093ec
9d0dd807a552af8a1d384a826d90b1806fd545907c4758691de37f652df78a89
ab4bc7f1b65781217170e4d8a64538df458fe3f909a6ad204e08c46ef8fc30ea
b54c97ab42060eb6ebda43132482318e71f557ac4befe3ff3c78300b7ed3ef14
cb7a8e3da8dbc0d6ba61520c230c3bd47c8a7a80cf564b08ca582c9f1e2ce509
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912
d37657d30a397c7ce4ba8c61dd6e5cdcb730defdbeb99038cb01ffe9eb8d3085
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e932fd79acaf82bc13e495a0a126a6c42986d3031d36c5ba9602aab8033e030a
f6df701570d2e0aa94525dbdbfa681aa8efa8e8cccb725c577fa0d7eb00aed04
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
ff710d49f3db7319b26b076b6529863662efd598ae53d17e5b0ae9cb8212fd8d

three.newclickmobile.com Open in urlscan Pro 47.75.93.161 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

33 Requests

70 %HTTPS

50 %IPv6

18 Domains

19 Subdomains

19 IPs

6 Countries

3184 kBTransfer

4055 kBSize

0 Cookies

0 Outgoing links

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

three.newclickmobile.com Open in urlscan Pro
47.75.93.161 Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

70 %
HTTPS

50 %
IPv6

18
Domains

19
Subdomains

19
IPs

6
Countries

3184 kB
Transfer

4055 kB
Size

0
Cookies

33 HTTP transactions
0 data transactions