URL: http://three.newclickmobile.com/
Submission: On May 23 via manual from GB

Summary

This website contacted 19 IPs in 6 countries across 18 domains to perform 33 HTTP transactions. The main IP is 47.75.93.161, located in Hangzhou, China and belongs to CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN. The main domain is three.newclickmobile.com.
This is the only time three.newclickmobile.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 47.75.93.161 45102 (CNNIC-ALI...)
1 205.185.208.52 20446 (HIGHWINDS3)
1 209.197.3.15 20446 (HIGHWINDS3)
1 213.244.178.209 3356 (LEVEL3)
3 2a00:1450:400... 15169 (GOOGLE)
1 151.101.120.64 54113 (FASTLY)
1 192.0.72.28 2635 (AUTOMATTIC)
5 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
6 13.35.253.86 16509 (AMAZON-02)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
2 151.101.2.2 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 3 2.16.186.51 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
33 19
Domain Requested by
6 s.abcnews.com three.newclickmobile.com
4 cdn.cnn.com three.newclickmobile.com
4 pagead2.googlesyndication.com three.newclickmobile.com
pagead2.googlesyndication.com
3 b.scorecardresearch.com 1 redirects cdn.taboola.com
three.newclickmobile.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 cdn.taboola.com three.newclickmobile.com
cdn.taboola.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 dynaimage.cdn.cnn.com three.newclickmobile.com
1 storage.googleapis.com three.newclickmobile.com
1 www.aljazeera.com three.newclickmobile.com
1 cnnespanol2.files.wordpress.com three.newclickmobile.com
1 img.bleacherreport.net three.newclickmobile.com
1 cdn.staticfile.org three.newclickmobile.com
1 maxcdn.bootstrapcdn.com three.newclickmobile.com
1 code.jquery.com three.newclickmobile.com
1 three.newclickmobile.com
0 s5.cnzz.com Failed three.newclickmobile.com
33 19

This site contains no links.

Subject Issuer Validity Valid
*.bootstrapcdn.com
COMODO RSA Domain Validation Secure Server CA
2018-10-03 -
2019-10-12
a year crt.sh
*.staticfile.org
GeoTrust RSA CA 2018
2018-02-12 -
2020-09-19
3 years crt.sh
f.ssl.fastly.net
GlobalSign Organization Validation CA - SHA256 - G2
2018-08-30 -
2020-12-02
2 years crt.sh
*.files.wordpress.com
Sectigo RSA Domain Validation Secure Server CA
2019-01-15 -
2021-01-14
2 years crt.sh
www.turner.com
Sectigo RSA Organization Validation Secure Server CA
2019-05-22 -
2020-09-03
a year crt.sh
s.abcnews.com
Amazon
2019-03-27 -
2020-04-27
a year crt.sh
aljazeera.net
DigiCert SHA2 Secure Server CA
2019-02-25 -
2020-02-25
a year crt.sh
*.storage.googleapis.com
Google Internet Authority G3
2019-04-30 -
2019-07-23
3 months crt.sh
*.google.com
Google Internet Authority G3
2019-04-30 -
2019-07-23
3 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3
2019-04-30 -
2019-07-23
3 months crt.sh

This page contains 4 frames:

Primary Page: http://three.newclickmobile.com/
Frame ID: 4444276FF4CB2FDE12B2F5B7980394A4
Requests: 30 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20190520/r20190131/show_ads_impl.js
Frame ID: 4E91F9B904A9B8D8A1932A37C80AD94F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20190520/r20190131/zrt_lookup.html
Frame ID: 8051E892D0684714592FC06E8F1D33E7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8637683382833088&output=html&h=50&slotname=2990010401&adk=1801607346&adf=3193654627&w=320&lmt=1558610214&guci=1.2.0.0.2.2.0.0&format=320x50&url=http%3A%2F%2Fthree.newclickmobile.com%2F&flash=0&wgl=1&adsid=NT&dt=1558610214338&bpp=19&bdt=1033&fdt=110&idt=110&shv=r20190520&cbv=r20190131&saldr=aa&abxe=1&correlator=4281642665269&frm=20&pv=2&ga_vid=2145039681.1558610214&ga_sid=1558610214&ga_hid=279573020&ga_fc=0&iag=0&icsg=32936&dssz=14&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=640&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=1&uci=1.3e4hjrejiuvu&fsb=1&xpc=ajdqk2huHr&p=http%3A//three.newclickmobile.com&dtd=127
Frame ID: BE7BBF0E0106C60B49438B9080674417
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
  • env /^google_ad_/i
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i

Overall confidence: 100%
Detected patterns
  • env /^gaGlobal$/i

Overall confidence: 100%
Detected patterns
  • html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
  • script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
  • env /^_?COMSCORE$/i

Overall confidence: 100%
Detected patterns
  • script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i
  • script /(?:twitter\.github\.com\/bootstrap|bootstrap(?:\.js|\.min\.js))/i

Page Statistics

33
Requests

70 %
HTTPS

50 %
IPv6

18
Domains

19
Subdomains

19
IPs

6
Countries

3184 kB
Transfer

4055 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • http://b.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1558610214488&ns_c=UTF-8&cv=3.1&c8=news&c7=http%3A%2F%2Fthree.newclickmobile.com%2F&c9= HTTP 302
  • http://b.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1558610214488&ns_c=UTF-8&cv=3.1&c8=news&c7=http%3A%2F%2Fthree.newclickmobile.com%2F&c9=

33 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
three.newclickmobile.com/
23 KB
6 KB
Document
General
Full URL
http://three.newclickmobile.com/
Protocol
HTTP/1.1
Server
47.75.93.161 Hangzhou, China, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software
nginx / PHP/7.0.31
Resource Hash
38b58a7968c8deb03abee099c1630399a77b4aea43b6b5db6be29a59c4bcba87

Request headers

Host
three.newclickmobile.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
nginx
Date
Thu, 23 May 2019 11:16:53 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Powered-By
PHP/7.0.31
Content-Encoding
gzip
jquery-1.7.2.min.js
code.jquery.com/
93 KB
33 KB
Script
General
Full URL
http://code.jquery.com/jquery-1.7.2.min.js
Requested by
Host: three.newclickmobile.com
URL: http://three.newclickmobile.com/
Protocol
HTTP/1.1
Server
205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip052.ssl.hwcdn.net
Software
nginx /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Request headers

Referer
http://three.newclickmobile.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 11:16:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Oct 2014 00:16:07 GMT
Server
nginx
ETag
W/"54499a47-17278"
Vary
Accept-Encoding
X-HW
1558610213.dop032.lo4.t,1558610213.cds001.lo4.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
33626
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/
118 KB
19 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: three.newclickmobile.com
URL: http://three.newclickmobile.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip0x00f.map2.ssl.hwcdn.net
Software
/
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Referer
http://three.newclickmobile.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 May 2019 11:16:53 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:34:07 GMT
access-control-allow-origin
*
etag
"1544639647"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
status
200
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
19740
bootstrap.min.js
cdn.staticfile.org/twitter-bootstrap/3.3.7/js/
36 KB
10 KB
Script
General
Full URL
https://cdn.staticfile.org/twitter-bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: three.newclickmobile.com
URL: http://three.newclickmobile.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.244.178.209 , United Kingdom, ASN3356 (LEVEL3 - Level 3 Parent, LLC, US),
Reverse DNS
Software
Tengine /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Referer
http://three.newclickmobile.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-encoding
gzip
age
98058
status
200
x-swift-cachetime
86400
content-disposition
inline; filename="bootstrap.min.js"; filename*=utf-8' 'bootstrap.min.js
x-swift-savetime
Wed, 22 May 2019 22:58:05 GMT
x-m-reqid
ehUAABon55GM8qAV
x-m-log
QNM:xs461;QNM3/304
etag
"FkMKRD10gw_pvibvykMfRIwbN0D5.gz"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
s-maxage=86400, max-age=86400
x-qiniu-zone
0
x-qnm-cache
Hit
eagleid
d5f4b28715586102143036488e
expires
Thu, 23 May 2019 08:02:36 GMT
x-log
redis.g;IO/304
date
Wed, 22 May 2019 08:02:36 GMT
via
cache2.l2de1[0,304-0,H], cache17.l2de1[1,0], cache5.nl1[0,200-0,H], cache7.nl1[1,0]
x-svr
IO
x-reqid
GRYAAELLYuZK64YV
x-cache
HIT TCP_MEM_HIT dirn:7:723653586
content-transfer-encoding
binary
content-length
9861
last-modified
Wed, 26 Oct 2016 09:16:44 GMT
server
Tengine
access-control-max-age
2592000
ali-swift-global-savetime
1545928002
accept-ranges
bytes
timing-allow-origin
*
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
87 KB
33 KB
Script
General
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: three.newclickmobile.com
URL: http://three.newclickmobile.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
b54c97ab42060eb6ebda43132482318e71f557ac4befe3ff3c78300b7ed3ef14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://three.newclickmobile.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 11:16:53 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
ETag
13321759195849874267
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
33119
X-XSS-Protection
0
Expires
Thu, 23 May 2019 11:16:53 GMT
4217edfed54c1e9f49d6d8e914e884d6_crop_exact.jpg
img.bleacherreport.net/img/images/photos/003/809/971/
59 KB
60 KB
Image
General
Full URL
https://img.bleacherreport.net/img/images/photos/003/809/971/4217edfed54c1e9f49d6d8e914e884d6_crop_exact.jpg?w=1200&h=1200&q=75
Requested by
Host: three.newclickmobile.com
URL: http://three.newclickmobile.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.64 Paris, France, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.7.7 /
Resource Hash
e932fd79acaf82bc13e495a0a126a6c42986d3031d36c5ba9602aab8033e030a

Request headers

Referer
http://three.newclickmobile.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id
rDR5XVZBdfucNYVJJGCC4ix.ywyMVVCN
Via
1.1 varnish, 1.1 varnish
Age
37566
x-amz-server-side-encryption
AES256
X-Cache
HIT, HIT
Date
Thu, 23 May 2019 11:16:53 GMT
X-Cache-Hits
1, 157
Connection
keep-alive
Content-Length
60892
x-amz-id-2
Owc3FOeXpEaBpqQByhZKSYba1Bxq0t/G15EtWsntZ274eJ2Kb5/A1K8mmMe7wkja2/d5skgU2HA=
X-Served-By
cache-iad2121-IAD, cache-cdg20770-CDG
Last-Modified
Thu, 23 May 2019 00:50:39 GMT
Server
nginx/1.7.7
X-Timer
S1558610213.390919,VS0,VE0
ETag
"fc648a3b28304d2ff9e69b8824f5d998"
x-amz-request-id
DC5D1C0C9895E383
Cache-Control
max-age=252460800
Accept-Ranges
bytes
Content-Type
image/jpeg
Expires
Sun, 11 Apr 2027 19:03:15 GMT
cnn-elefante-2.jpg
cnnespanol2.files.wordpress.com/2019/05/
370 KB
371 KB
Image
General
Full URL
https://cnnespanol2.files.wordpress.com/2019/05/cnn-elefante-2.jpg?quality=100&strip=info
Requested by
Host: three.newclickmobile.com
URL: http://three.newclickmobile.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.28 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
0e6a313624833f30bcfeeddacf715bc4a95802eb4495fd92362012bb82b546af

Request headers

Referer
http://three.newclickmobile.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc
HIT fra 28 np
date
Thu, 23 May 2019 11:16:53 GMT
last-modified
Thu, 23 May 2019 10:28:57 GMT
server
nginx
vary
Accept
content-type
image/webp
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
379058
expires
Thu, 27 Jun 2019 16:56:43 GMT
190522141154-trump-rose-garden-mobapp-super-tease.jpg
cdn.cnn.com/cnnnext/dam/assets/
54 KB
55 KB
Image
General
Full URL
https://cdn.cnn.com/cnnnext/dam/assets/190522141154-trump-rose-garden-mobapp-super-tease.jpg
Requested by
Host: three.newclickmobile.com
URL: http://three.newclickmobile.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:18d::3134 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
04be25272fb448ecf8c686f53ecc524a919239152d9ead91e660a540ed8f9130

Request headers

Referer
http://three.newclickmobile.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 May 2019 11:16:53 GMT
server
Apache-Coyote/1.1
access-control-allow-origin
*
access-control-allow-methods
GET,POST,OPTIONS
content-type
image/jpeg
status
200
cache-control
max-age=3600
content-length
55521
expires
Thu, 23 May 2019 12:16:53 GMT
190506110759-01-nyse-0506-super-tease.jpg
cdn.cnn.com/cnnnext/dam/assets/
79 KB
79 KB
Image
General
Full URL
https://cdn.cnn.com/cnnnext/dam/assets/190506110759-01-nyse-0506-super-tease.jpg
Requested by
Host: three.newclickmobile.com
URL: http://three.newclickmobile.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:18d::3134 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
d37657d30a397c7ce4ba8c61dd6e5cdcb730defdbeb99038cb01ffe9eb8d3085

Request headers

Referer
http://three.newclickmobile.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 May 2019 11:16:53 GMT
server
Apache-Coyote/1.1
access-control-allow-origin
*
access-control-allow-methods
GET,POST,OPTIONS
content-type
image/jpeg
status
200
cache-control
max-age=3600
content-length
80777
expires
Thu, 23 May 2019 12:16:53 GMT
WireAP_eeeb3ec2c7fd49238c5dff156d8901bf_16x9_992.jpg
s.abcnews.com/images/International/
42 KB
42 KB
Image
General
Full URL
https://s.abcnews.com/images/International/WireAP_eeeb3ec2c7fd49238c5dff156d8901bf_16x9_992.jpg
Requested by
Host: three.newclickmobile.com
URL: http://three.newclickmobile.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.86 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-86.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5a9dca1ba100df39c84d76ccbe809258fd303ce9750167493941def122426674

Request headers

Referer
http://three.newclickmobile.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 May 2019 10:47:39 GMT
via
1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
last-modified
Thu, 23 May 2019 04:06:12 GMT
server
AmazonS3
age
1754
etag
"74e4e30264109d60656dcb94eeedf3df"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
42979
x-amz-cf-id
pB4M2Mpu3S2NiPi-ECo7toq7AD5rB-sNGLnsPL1WzfEpc4e_05ksww==
WireAP_79a8c39fa31744328447ff5e68704bf4_16x9_992.jpg
s.abcnews.com/images/International/
89 KB
89 KB
Image
General
Full URL
https://s.abcnews.com/images/International/WireAP_79a8c39fa31744328447ff5e68704bf4_16x9_992.jpg
Requested by
Host: three.newclickmobile.com
URL: http://three.newclickmobile.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.86 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-86.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7a3e1966b1e59945bad3405d69328b467f22858fc67fe0105194b1098e0187de

Request headers

Referer
http://three.newclickmobile.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 May 2019 10:47:44 GMT
via
1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
last-modified
Thu, 23 May 2019 10:29:22 GMT
server
AmazonS3
age
1750
etag
"f7b276a854815a9e517cc9154a0c2c73"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
90757
x-amz-cf-id
yZFZZAZ1p37lQYVws_btJn-XxqITwGk89QjQf_KpEN58Zv0d1x4Hww==
WireAP_546cd06d763b4bf3b33c37bd97b29691_16x9_992.jpg
s.abcnews.com/images/Lifestyle/
100 KB
101 KB
Image
General
Full URL
https://s.abcnews.com/images/Lifestyle/WireAP_546cd06d763b4bf3b33c37bd97b29691_16x9_992.jpg
Requested by
Host: three.newclickmobile.com
URL: http://three.newclickmobile.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.86 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-86.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ab4bc7f1b65781217170e4d8a64538df458fe3f909a6ad204e08c46ef8fc30ea

Request headers

Referer
http://three.newclickmobile.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 May 2019 11:01:44 GMT
via
1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
last-modified
Thu, 23 May 2019 10:13:53 GMT
server
AmazonS3
age
910
etag
"1d2775004cc1ca57f37f96b38f396c8f"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
102599
x-amz-cf-id
FGFHzEhoO-DObSYH9fSJQCPDdpH1WdxbdA04XmdqerRDniCYtLxQow==
WireAP_4d6abd639cd84111a1509cac89e5fabd_16x9_992.jpg
s.abcnews.com/images/Lifestyle/
28 KB
28 KB
Image
General
Full URL
https://s.abcnews.com/images/Lifestyle/WireAP_4d6abd639cd84111a1509cac89e5fabd_16x9_992.jpg
Requested by
Host: three.newclickmobile.com
URL: http://three.newclickmobile.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.86 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-86.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
60478d5de4bd40fdd5b522def0612c3a782d9dbc1a811499ef05872dbdcee287

Request headers

Referer
http://three.newclickmobile.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 May 2019 10:31:43 GMT
via
1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
last-modified
Thu, 23 May 2019 06:52:09 GMT
server
AmazonS3
age
911
etag
"24869ed474e4dd4236025607e42ce0d8"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
28722
x-amz-cf-id
4maRJjJpjZcQmYfCjs2qnmS4KK4P9Nw0HuobN4vvjuQ-QZ6QPClKJg==
WireAP_2440fc1c642944afaf73f014c713d62f_16x9_992.jpg
s.abcnews.com/images/International/
32 KB
32 KB
Image
General
Full URL
https://s.abcnews.com/images/International/WireAP_2440fc1c642944afaf73f014c713d62f_16x9_992.jpg
Requested by
Host: three.newclickmobile.com
URL: http://three.newclickmobile.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.86 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-86.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cb7a8e3da8dbc0d6ba61520c230c3bd47c8a7a80cf564b08ca582c9f1e2ce509

Request headers

Referer
http://three.newclickmobile.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 May 2019 10:31:16 GMT
via
1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
last-modified
Wed, 22 May 2019 14:36:35 GMT
server
AmazonS3
age
930
etag
"e0f6f1dc3221f98267fd7b4f396ab8a1"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
32930
x-amz-cf-id
3pb-E1SgFm9fD72r9jRBfnK483IPmEsnlrX0NwMuNV7rFOgO1lp0dw==
190523110933-01-the-tiger-who-came-to-tea-file-super-tease.jpg
cdn.cnn.com/cnnnext/dam/assets/
128 KB
128 KB
Image
General
Full URL
https://cdn.cnn.com/cnnnext/dam/assets/190523110933-01-the-tiger-who-came-to-tea-file-super-tease.jpg
Requested by
Host: three.newclickmobile.com
URL: http://three.newclickmobile.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:18d::3134 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
487804be6536ab047d8d8b9d4eca1e596376ee319da5144e5e9048e5ad01bb2c

Request headers

Referer
http://three.newclickmobile.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 May 2019 11:16:53 GMT
server
Apache-Coyote/1.1
access-control-allow-origin
*
access-control-allow-methods
GET,POST,OPTIONS
content-type
image/jpeg
status
200
cache-control
max-age=3600
content-length
131109
expires
Thu, 23 May 2019 12:16:53 GMT
160cbe140682427c838e8c7a5634579f_18.jpg
www.aljazeera.com/mritems/Images/2019/5/23/
122 KB
122 KB
Image
General
Full URL
https://www.aljazeera.com/mritems/Images/2019/5/23/160cbe140682427c838e8c7a5634579f_18.jpg
Requested by
Host: three.newclickmobile.com
URL: http://three.newclickmobile.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:2be::2392 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / VSH-Z1-U2
Resource Hash
3b2ead1aa36610f84a1a8f425ffada183e3ecf1404f75377c0551a9fb0ac381e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://three.newclickmobile.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 11:16:53 GMT
X-Content-Type-Options
nosniff
X-Powered-By
VSH-Z1-U2
Connection
keep-alive
Publisher
Al Jazeera (ORYX CMS) - Z3UB
Content-Length
124437
X-Method
GET
Last-Modified
Thu, 23 May 2019 09:20:48 GMT
Server
Microsoft-IIS/10.0
X-Frame-Options
SAMEORIGIN
ETag
"018acce4811d51:0"
Strict-Transport-Security
max-age=15552000
Content-Type
image/jpeg
Access-Control-Allow-Origin
http://live.aljazeera.com
X-XSS-Protection
1; mode=block
Cache-Control
max-age=31536000, public
190411095952-01-geoffrey-rush-0411-super-tease.jpg
cdn.cnn.com/cnnnext/dam/assets/
107 KB
107 KB
Image
General
Full URL
https://cdn.cnn.com/cnnnext/dam/assets/190411095952-01-geoffrey-rush-0411-super-tease.jpg
Requested by
Host: three.newclickmobile.com
URL: http://three.newclickmobile.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:18d::3134 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
ff710d49f3db7319b26b076b6529863662efd598ae53d17e5b0ae9cb8212fd8d

Request headers

Referer
http://three.newclickmobile.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 May 2019 11:16:53 GMT
server
Apache-Coyote/1.1
access-control-allow-origin
*
access-control-allow-methods
GET,POST,OPTIONS
content-type
image/jpeg
status
200
cache-control
max-age=3600
content-length
109420
expires
Thu, 23 May 2019 12:16:53 GMT
3000.jpeg
storage.googleapis.com/afs-prod/media/media:546cd06d763b4bf3b33c37bd97b29691/
1 MB
1 MB
Image
General
Full URL
https://storage.googleapis.com/afs-prod/media/media:546cd06d763b4bf3b33c37bd97b29691/3000.jpeg
Requested by
Host: three.newclickmobile.com
URL: http://three.newclickmobile.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
UploadServer /
Resource Hash
8ac793d80da00b89642bfb1d3dbbf3f6367a764c55748a2302e9ba2d1321dde2

Request headers

Referer
http://three.newclickmobile.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 May 2019 10:26:54 GMT
age
2999
status
200
x-guploader-uploadid
AEnB2UoJQjFH1LFsTGsomvSGWDfVEUYYpad5hf74XV0ZOTyRjVrzXBB1C8BfTTsJ5fQGLN7r94oOB1ECcTtg-bYoHDnC1zQ5ww
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1268043
last-modified
Thu, 23 May 2019 10:14:57 GMT
server
UploadServer
etag
"975745d1639a762ff591a16253a9d05b"
x-goog-hash
crc32c=Nw0GSw==, md5=l1dF0WOadi/1kaFiU6nQWw==
x-goog-generation
1558606497009892
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
1268043
accept-ranges
bytes
content-type
image/jpeg
expires
Thu, 23 May 2019 11:26:54 GMT
http%3A%2F%2Fcdn.cnn.com%2Fcnnnext%2Fdam%2Fassets%2F190315131613-07-netherlands-happiest-coutries-2018-super-tease.jpg
dynaimage.cdn.cnn.com/cnn/w_1200/
252 KB
253 KB
Image
General
Full URL
https://dynaimage.cdn.cnn.com/cnn/w_1200/http%3A%2F%2Fcdn.cnn.com%2Fcnnnext%2Fdam%2Fassets%2F190315131613-07-netherlands-happiest-coutries-2018-super-tease.jpg
Requested by
Host: three.newclickmobile.com
URL: http://three.newclickmobile.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:18d::3134 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
09adf1f68ec0b7acbd45483ee28107875f2de9580002ebd89e2a24f3466e4846

Request headers

Referer
http://three.newclickmobile.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Thu, 23 May 2019 11:16:53 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
258085
content-type
image/jpeg
WireAP_a4fd284cba9044ce96ffc4eb5751fdf5_16x9_992.jpg
s.abcnews.com/images/International/
65 KB
65 KB
Image
General
Full URL
https://s.abcnews.com/images/International/WireAP_a4fd284cba9044ce96ffc4eb5751fdf5_16x9_992.jpg
Requested by
Host: three.newclickmobile.com
URL: http://three.newclickmobile.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.86 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-86.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5307a35940af861952b0eaac5a45e578bfd31927c463463bf0aa0ff234011bab

Request headers

Referer
http://three.newclickmobile.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 May 2019 10:08:06 GMT
via
1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
last-modified
Thu, 23 May 2019 10:06:10 GMT
server
AmazonS3
age
523
etag
"e6b0b186e348b7abbc9726c2f94d5a33"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
66435
x-amz-cf-id
EGDiM2eOFnvM49jo62KDVpPvnghkVSWF6fGkKsTth0vtF5DVZgmdgA==
loader.js
cdn.taboola.com/libtrc/pitayanetwork/
66 KB
18 KB
Script
General
Full URL
http://cdn.taboola.com/libtrc/pitayanetwork/loader.js
Requested by
Host: three.newclickmobile.com
URL: http://three.newclickmobile.com/
Protocol
HTTP/1.1
Server
151.101.2.2 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6df701570d2e0aa94525dbdbfa681aa8efa8e8cccb725c577fa0d7eb00aed04

Request headers

Referer
http://three.newclickmobile.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id
A2GWHQwBfpZuVSZ8mMhZBuql5KpW4PoZ
Content-Encoding
gzip
Age
10287
X-Cache
HIT
Date
Thu, 23 May 2019 11:16:54 GMT
Connection
keep-alive
Content-Length
17827
x-amz-id-2
7iUJMdDoZXZUSKbBV40KW8ZaGalPDtILLYVhDvQUPpe9vS4DJ89CfMS0dLtDvEX+M3wcb/ExCq8=
X-Served-By
cache-hhn1524-HHN
Last-Modified
Thu, 23 May 2019 08:24:19 GMT
Server
AmazonS3
X-Timer
S1558610214.323888,VS0,VE0
ETag
"d76b15a9a56ba6b39c7c8b558d540bb6"
Vary
Accept-Encoding
x-amz-request-id
AC836FEC64245681
Via
1.1 varnish
Cache-Control
private,max-age=14401
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
abp
25
X-Cache-Hits
2
z_stat.php
s5.cnzz.com/
0
0

integrator.js
adservice.google.de/adsid/
109 B
171 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=three.newclickmobile.com
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://three.newclickmobile.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 May 2019 11:16:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
109 B
171 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=three.newclickmobile.com
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://three.newclickmobile.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 May 2019 11:16:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
0
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190520/r20190131/
208 KB
78 KB
Script
General
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20190520/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
85586c3b2fc1315e51a6a3a012fe0d80a0415c0bccf68485e96501e7ea4dbde7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://three.newclickmobile.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 11:16:54 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
ETag
17287492606424789904
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=1209600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
78947
X-XSS-Protection
0
Expires
Thu, 23 May 2019 11:16:54 GMT
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190520/r20190131/ Frame 4E91
208 KB
78 KB
Script
General
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20190520/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
85586c3b2fc1315e51a6a3a012fe0d80a0415c0bccf68485e96501e7ea4dbde7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://three.newclickmobile.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 11:16:54 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
ETag
17287492606424789904
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=1209600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
78947
X-XSS-Protection
0
Expires
Thu, 23 May 2019 11:16:54 GMT
ca-pub-8637683382833088.js
pagead2.googlesyndication.com/pub-config/r20160913/
68 B
175 B
Script
General
Full URL
https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-8637683382833088.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
8ba131a677ea1357ae7fdc95d6a5c67c3b02d171bb286f6c9ec6bce3cef5c211
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://three.newclickmobile.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 May 2019 04:16:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
age
25196
content-type
text/javascript
status
200
cache-control
public, max-age=43200
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
88
x-xss-protection
0
expires
Thu, 23 May 2019 16:16:58 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190520/r20190131/ Frame 8051
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20190520/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20190520/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://three.newclickmobile.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://three.newclickmobile.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Mon, 20 May 2019 14:19:04 GMT
expires
Mon, 03 Jun 2019 14:19:04 GMT
content-type
text/html; charset=UTF-8
etag
7423447574459395779
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
6990
x-xss-protection
0
cache-control
public, max-age=1209600
age
248270
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
impl.358-308-RELEASE.js
cdn.taboola.com/libtrc/
372 KB
107 KB
Script
General
Full URL
http://cdn.taboola.com/libtrc/impl.358-308-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/pitayanetwork/loader.js
Protocol
HTTP/1.1
Server
151.101.2.2 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
96802f2b012d088dc5338a94de84b83598660d314464a9e8e8ab70987de093ec

Request headers

Referer
http://three.newclickmobile.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id
thr0E6yC837mXtZZ8kEiFcLSS1zKG5Rc
Content-Encoding
gzip
Age
14143
X-Cache
HIT
Date
Thu, 23 May 2019 11:16:54 GMT
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
108380
x-amz-id-2
xBZCLMgP/+euxbHNuhfC+bcbhVSViMUTlcP3v/zLJcoSo79KWcuHTB38wGiddV0a0w5NiRZ7EzA=
X-Served-By
cache-hhn1524-HHN
Last-Modified
Thu, 23 May 2019 07:21:07 GMT
Server
AmazonS3
X-Timer
S1558610214.379173,VS0,VE0
ETag
"1981bdd70a47e71cc149e0b86f8a540b"
Vary
Accept-Encoding
x-amz-request-id
8807A6843FD5A6E4
Via
1.1 varnish
Cache-Control
private,max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
abp
38
X-Cache-Hits
210378
beacon.js
b.scorecardresearch.com/
1 KB
1 KB
Script
General
Full URL
http://b.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/pitayanetwork/loader.js
Protocol
HTTP/1.1
Server
2.16.186.51 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912

Request headers

Referer
http://three.newclickmobile.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 11:16:54 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
901
Expires
Fri, 24 May 2019 11:16:54 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame BE7B
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8637683382833088&output=html&h=50&slotname=2990010401&adk=1801607346&adf=3193654627&w=320&lmt=1558610214&guci=1.2.0.0.2.2.0.0&format=320x50&url=http%3A%2F%2Fthree.newclickmobile.com%2F&flash=0&wgl=1&adsid=NT&dt=1558610214338&bpp=19&bdt=1033&fdt=110&idt=110&shv=r20190520&cbv=r20190131&saldr=aa&abxe=1&correlator=4281642665269&frm=20&pv=2&ga_vid=2145039681.1558610214&ga_sid=1558610214&ga_hid=279573020&ga_fc=0&iag=0&icsg=32936&dssz=14&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=640&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=1&uci=1.3e4hjrejiuvu&fsb=1&xpc=ajdqk2huHr&p=http%3A//three.newclickmobile.com&dtd=127
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20190520/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8637683382833088&output=html&h=50&slotname=2990010401&adk=1801607346&adf=3193654627&w=320&lmt=1558610214&guci=1.2.0.0.2.2.0.0&format=320x50&url=http%3A%2F%2Fthree.newclickmobile.com%2F&flash=0&wgl=1&adsid=NT&dt=1558610214338&bpp=19&bdt=1033&fdt=110&idt=110&shv=r20190520&cbv=r20190131&saldr=aa&abxe=1&correlator=4281642665269&frm=20&pv=2&ga_vid=2145039681.1558610214&ga_sid=1558610214&ga_hid=279573020&ga_fc=0&iag=0&icsg=32936&dssz=14&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=640&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=1&uci=1.3e4hjrejiuvu&fsb=1&xpc=ajdqk2huHr&p=http%3A//three.newclickmobile.com&dtd=127
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://three.newclickmobile.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://three.newclickmobile.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 23 May 2019 11:16:54 GMT
server
cafe
content-length
329
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 23-May-2019 11:31:54 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
expires
Thu, 23 May 2019 11:16:54 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/
76 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20190520/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
9d0dd807a552af8a1d384a826d90b1806fd545907c4758691de37f652df78a89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://three.newclickmobile.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 23 May 2019 11:16:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1558551624636007"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
28594
x-xss-protection
0
expires
Thu, 23 May 2019 11:16:54 GMT
b2
b.scorecardresearch.com/
Redirect Chain
  • http://b.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1558610214488&ns_c=UTF-8&cv=3.1&c8=news&c7=http%3A%2F%2Fthree.newclickmobile.com%2F&c9=
  • http://b.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1558610214488&ns_c=UTF-8&cv=3.1&c8=news&c7=http%3A%2F%2Fthree.newclickmobile.com%2F&c9=
0
248 B
Image
General
Full URL
http://b.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1558610214488&ns_c=UTF-8&cv=3.1&c8=news&c7=http%3A%2F%2Fthree.newclickmobile.com%2F&c9=
Requested by
Host: three.newclickmobile.com
URL: http://three.newclickmobile.com/
Protocol
HTTP/1.1
Server
2.16.186.51 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://three.newclickmobile.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 May 2019 11:16:54 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
http://b.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1558610214488&ns_c=UTF-8&cv=3.1&c8=news&c7=http%3A%2F%2Fthree.newclickmobile.com%2F&c9=
Pragma
no-cache
Date
Thu, 23 May 2019 11:16:54 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s5.cnzz.com
URL
http://s5.cnzz.com/z_stat.php?id=1277238850&show=pic1

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery function| topFunction object| _taboola object| adsbygoogle string| cnzz_protocol object| google_js_reporting_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_t12n_vars object| TRC object| _tblConsole undefined| msg object| _comscore function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcDOMWalker function| __trcPurgeEventHandlers function| __trcJSONify function| __trcUnJSONify function| __trcGetMargins function| __trcAttachResize function| __trcDetachResize function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager object| params number| trc_debug_level string| trc_article_id object| TRCImpl function| google_sa_impl object| google_jobrunner object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_iframe_oncopy function| Goog_AdSense_getAdAdapterInstance boolean| google_osd_loaded boolean| google_onload_fired function| udm_ object| ns_p object| COMSCORE function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
b.scorecardresearch.com
cdn.cnn.com
cdn.staticfile.org
cdn.taboola.com
cnnespanol2.files.wordpress.com
code.jquery.com
dynaimage.cdn.cnn.com
googleads.g.doubleclick.net
img.bleacherreport.net
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
s.abcnews.com
s5.cnzz.com
storage.googleapis.com
three.newclickmobile.com
www.aljazeera.com
www.googletagservices.com
s5.cnzz.com
13.35.253.86
151.101.120.64
151.101.2.2
192.0.72.28
2.16.186.51
205.185.208.52
209.197.3.15
213.244.178.209
2a00:1450:4001:816::2002
2a00:1450:4001:818::2002
2a00:1450:4001:818::2010
2a00:1450:4001:81c::2002
2a00:1450:4001:81d::2002
2a00:1450:4001:81e::2002
2a00:1450:4001:820::2002
2a02:26f0:6c00:18d::3134
2a02:26f0:6c00:2be::2392
47.75.93.161
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04be25272fb448ecf8c686f53ecc524a919239152d9ead91e660a540ed8f9130
09adf1f68ec0b7acbd45483ee28107875f2de9580002ebd89e2a24f3466e4846
0e6a313624833f30bcfeeddacf715bc4a95802eb4495fd92362012bb82b546af
38b58a7968c8deb03abee099c1630399a77b4aea43b6b5db6be29a59c4bcba87
3b2ead1aa36610f84a1a8f425ffada183e3ecf1404f75377c0551a9fb0ac381e
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
487804be6536ab047d8d8b9d4eca1e596376ee319da5144e5e9048e5ad01bb2c
5307a35940af861952b0eaac5a45e578bfd31927c463463bf0aa0ff234011bab
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5a9dca1ba100df39c84d76ccbe809258fd303ce9750167493941def122426674
60478d5de4bd40fdd5b522def0612c3a782d9dbc1a811499ef05872dbdcee287
7a3e1966b1e59945bad3405d69328b467f22858fc67fe0105194b1098e0187de
85586c3b2fc1315e51a6a3a012fe0d80a0415c0bccf68485e96501e7ea4dbde7
8ac793d80da00b89642bfb1d3dbbf3f6367a764c55748a2302e9ba2d1321dde2
8ba131a677ea1357ae7fdc95d6a5c67c3b02d171bb286f6c9ec6bce3cef5c211
96802f2b012d088dc5338a94de84b83598660d314464a9e8e8ab70987de093ec
9d0dd807a552af8a1d384a826d90b1806fd545907c4758691de37f652df78a89
ab4bc7f1b65781217170e4d8a64538df458fe3f909a6ad204e08c46ef8fc30ea
b54c97ab42060eb6ebda43132482318e71f557ac4befe3ff3c78300b7ed3ef14
cb7a8e3da8dbc0d6ba61520c230c3bd47c8a7a80cf564b08ca582c9f1e2ce509
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912
d37657d30a397c7ce4ba8c61dd6e5cdcb730defdbeb99038cb01ffe9eb8d3085
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e932fd79acaf82bc13e495a0a126a6c42986d3031d36c5ba9602aab8033e030a
f6df701570d2e0aa94525dbdbfa681aa8efa8e8cccb725c577fa0d7eb00aed04
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
ff710d49f3db7319b26b076b6529863662efd598ae53d17e5b0ae9cb8212fd8d